Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Scott Rose (Fed)

Displaying 1 - 25 of 54

Planning a Zero Trust Architecture: A Starting Guide for Federal Administrators

May 6, 2022

Author(s)

Scott Rose

NIST Special Publication 800-207 defines zero trust is a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to network identities, endpoints, and data flows. Input and cooperation from

Zero Trust Architecture

August 10, 2020

Author(s)

Scott W. Rose, Oliver Borchert, Stuart Mitchell, Sean Connelly

Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network- based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan industrial and

Trustworthy Email

February 25, 2019

Author(s)

Scott W. Rose, J. S. Nightingale, Simson Garfinkel, Ramaswamy Chandramouli

This document gives recommendations and guidelines for enhancing trust in email. The primary audience includes enterprise email administrators, information security specialists and network managers. This guideline applies to federal IT systems and will

Evolution and Challenges of DNS-Based CDNs

November 1, 2018

Author(s)

Zheng Wang, Scott W. Rose

DNS-based server redirecting has been realized as the most popular way to deploy CDNs. However, with the increasing use of remote DNS, DNS-based CDNs faces a great challenge in performance degradation. To address this challenging issue, encouraging

Energy-Aware Server Allocating

September 1, 2018

Author(s)

Zheng Wang, Scott W. Rose

Faced with the scalability and reliability challenge, the DNS is increasingly operated by geographically dispersed data centers. Energy management across those distributed diverse data centers is critical to reduce revenue loss for DNS operators. This

Improving the Trustworthiness of E-Mail, and Beyond!

April 25, 2018

Author(s)

Scott W. Rose, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information found in NIST SP 1800-6: Domain Name System-Based Electronic Mail Security, which describes a security platform for trustworthy email exchanges across organizational boundaries.

Domain Name System-Based Electronic Mail Security

January 15, 2018

Author(s)

Scott W. Rose, Karen M. Waltermire, Santos Jha, Chinedum Irrechukwu, William C. Barker

This document describes a security platform for trustworthy email exchanges across organizational boundaries. The project includes reliable authentication of mail servers, digital signature and encryption of email, and binding cryptographic key

Updating the Keys for DNS Security

September 27, 2017

Author(s)

Scott W. Rose, Larry Feldman, Gregory A. Witte

To help maintain the reliability and integrity of the Internets Domain Name System (DNS), NIST is working with specialists from around the world to update the keys used by the DNS Security Extensions (DNSSEC) protocol to authenticate DNS data and avoid

The Emergence of DANE Trusted Email for Supply Chain Management

January 3, 2017

Author(s)

Scott Rose, Joseph Gersch, Daniel Massey

Supply chain management is critically dependent on trusted email with authentication systems that work on a global scale. Solutions to date have not adequately addressed the issues of email forgery, confidentiality, and sender authenticity. The IETF DANE

Making Email Trustworthy

October 24, 2016

Author(s)

Scott W. Rose, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-177: Trustworthy Email. This publication gives recommendations and guidelines for enhancing trust in email. This guideline applies to federal IT systems and will also be useful for any small

Trustworthy Email

September 6, 2016

Author(s)

Ramaswamy Chandramouli, Simson L. Garfinkel, J. S. Nightingale, Scott W. Rose

Trust Issues with Opportunistic Encryption

February 28, 2014

Author(s)

Scott W. Rose

Recent revelations have shed light on the scale of eavesdropping on Internet traffic; violating the privacy of almost every Internet user. In response, protocol designers, engineers and service operators have begun deploying encryption (often opportunistic

Secure Domain Name System (DNS) Deployment Guide

September 18, 2013

Author(s)

Ramaswamy Chandramouli, Scott W. Rose

The Domain Name System (DNS) is a distributed computing system that enables access to Internet resources by user-friendly domain names rather than IP addresses, by translating domain names to IP addresses and back. The DNS infrastructure is made up of