U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Michael Bartock (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 15 of 15

Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases

May 4, 2022
Author(s)
Murugiah Souppaya, Michael Bartock, Karen Scarfone, Ryan Savino, Tim Knoll, Uttam Shetty, Mourad Cherfaoui, Raghu Yeluri, Don Banks, Akash Malhotra, Michael Jordan, Dimitrios Pendarakis, Peter Romness
In today's cloud data centers and edge computing, attack surfaces have shifted and, in some cases, significantly increased. At the same time, hacking has become industrialized, and most security control implementations are not coherent or consistent. The

Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms

April 20, 2022
Author(s)
Michael Bartock, Murugiah Souppaya, Haidong Xia, Raghu Yeluri, Uttam Shetty, Brandon Lum, Mariusz Sabath, Harmeet Singh, Alaa Youssef, Gosia Steinder, Yu Cao, Jayashree Ramanathan
In today's cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing

Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments

April 20, 2022
Author(s)
Murugiah Souppaya, Michael Bartock, Karen Scarfone, Donna Dodson, Daniel Carroll, Gina Scinta, Hemma Prafullchandra, Harmeet Singh, Raghuram Yeluri, Tim Shea, Carlos Phoenix, Robert Masten, Paul Massis, Jason Malnar, Michael Dalton, Anthony Dukes, Brenda Swarts, Rajeev Ghandi, Laura Storey, Rocky Weber, Jeff Haskins
A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and network resources. Organizations need to be able to monitor, track, apply, and enforce their

2019 Public Safety Broadband Stakeholder Presentations by NIST Authors

October 25, 2021
Author(s)
Richard A. Rouil, Tom Henderson, Marco Mezzavilla, Michele Polese, Jaden Pieper, Chunmei Liu, Silas Thompson, David W. Griffith, Christopher Walton, Christopher D. Dennis, Fabio C. da Silva, John S. Garofolo, James M. Horan, Samuel Hood, Julie Stroup, Christine Task, Terese Manley, Sam Ray, Alison Kahn, Maxwell Maurice, Hien V. Nguyen, Frederick R. Byers, Kristen K. Greene, Mary Theofanos, Yee-Yin Choong, Sandra Spickard Prettyman, Pamela J. Konkol, Jeffrey Cichonski, Bill Fisher, Gema Howell, Mike Dolan, Adam Lewis, Michael Ogata, John Beltz, Michael Bartock, Sarah Hughes, Santosh Rajvaidya, Craig Connelly, Scott Ledgerwood, Megan Waldock, Dereck R. Orr, Donald Bradshaw, Jeb Benson
2019 Public Safety Broadband Stakeholder Presentations by NIST Authors

Hardware-Enabled Security: Container Platform Security Prototype

June 17, 2021
Author(s)
Murugiah Souppaya, Michael Bartock, Karen Scarfone, Jerry Wheeler, Tim Knoll, Uttam Shetty, Ryan Savino, Joseprabu Inbaraj, Stefano Righi
In today's cloud data centers and edge computing, attack surfaces have significantly increased, hacking has become industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing

Foundational PNT Profile: Applying the Cyber Security Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services

February 11, 2021
Author(s)
Jim McCarthy, Karen Reczek, Michael Bartock, Ya-Shian Li-Baboud, Suzanne Lightman, Arthur Scholz, Theresa Suloway, Doug Northrip, Joesph Brule
The national and economic security of the United States (US) is dependent upon the reliable functioning of critical infrastructure. Positioning, Navigation and Timing (PNT) services are widely deployed throughout the critical infrastructure. A disruption

PSCR 2020_Expanding the SIM Card Use Prize Challenge Overview

October 29, 2020
Author(s)
Michael J. Bartock, Conor Patrick, Matt Lourie, Shane Weeden
PSCR and a few partnering entities finished a recent PSCR sponsored prize challenge, the Expanding the SIM Card Use for Public Safety. The challenge requested solvers’ assistance to explore the possibilities and prove the Universal Integrated Circuit Card

OpenFMB Proof of Concept Implementation Research

July 29, 2020
Author(s)
Michael J. Bartock, Rebecca Herold
A smart grid messaging framework is known as an Open Field Message Bus (OpenFMB, which was ratified by the North American Energy Standards Board (NAESB) in March 2016 and has been released as NAESB RMQ.26, Open Field Message Bus (OpenFMB) Model Business

Guidance for Improving LTE-based Mobile Communications Security

January 30, 2018
Author(s)
Jeffrey Cichonski, Joshua M. Franklin, Michael Bartock, Larry Feldman, Greg Witte
This bulletin summarizes the information found in NIST SP 800-187: Guide to LTE Securtiy, which serves as a guide to the fundamentals of how LTE networks operate and explores the LTE security architecture.

Guide to LTE Security

December 21, 2017
Author(s)
Jeffrey A. Cichonski, Joshua M. Franklin, Michael J. Bartock
Cellular technology plays an increasingly large role in society as it has become the primary portal to the internet for a large segment of the population. One of the main drivers making this change possible is the deployment of 4th generation (4G) Long

Guide for Cybersecurity Event Recovery

December 22, 2016
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Matthew C. Smith, Gregory Witte, Karen Scarfone
In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include comprehensive recovery planning. Identifying and prioritizing organization resources helps to guide

Implementing Trusted Geolocation Services in the Cloud

February 17, 2016
Author(s)
Michael J. Bartock, Karen Scarfone, Larry Feldman
The bulletin summarizes the information presented in NISTIR 7904, "Trusted Geolocation in the Cloud: Proof of Concept Implementation". The publication explains security challenges involving Infrastructure as a Service (IaaS) cloud computing technologies

Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research

January 20, 2016
Author(s)
Michael J. Bartock, Jeffrey A. Cichonski, Murugiah P. Souppaya, Paul Fox, Mike Miller, Ryan Holley, Karen Scarfone
This report documents proof of concept research for Derived Personal Identity Verification (PIV) Credentials. Smart card-based PIV Cards cannot be readily used with most mobile devices, such as smartphones and tablets, but Derived PIV Credentials (DPCs)

Trusted Geolocation in the Cloud: Proof of Concept Implementation

December 10, 2015
Author(s)
Michael Bartock, Murugiah Souppaya, Raghuram Yeluri, Uttam Shetty, James Greene, Steve Orrin, Hemma Prafullchandra, John McLeese, Jason Mills, Daniel Carayiannis, Tarik Williams, Karen Scarfone
This publication explains selected security challenges involving Infrastructure as a Service (IaaS) cloud computing technologies and geolocation. It then describes a proof of concept implementation that was designed to address those challenges. The