Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Special Publication (NIST SP)

Electronic Authentication Guideline

December 12, 2011

Author(s)

William E. Burr, Donna F. Dodson, Elaine M. Newton, Ray Perlner, William Polk, Sarbari Gupta, Emad A. Nabbus

[Superseded by SP 800-63-2 (August 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914476] This recommendation provides technical guidelines

Guidelines on Security and Privacy in Public Cloud Computing

December 9, 2011

Author(s)

Timothy Grance, Wayne Jansen

Cloud computing can and does mean different things to different people. The common characteristics most interpretations share are on-demand scalability of

Recommendation for Key Derivation through Extraction-then-Expansion

November 28, 2011

Author(s)

Lidong Chen

This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key establishment scheme defined in

US Government Cloud Computing Technology Roadmap Volume I Release 1.0 (Draft) High - Priority Requirements to Further USG Agency Cloud Computing Adoption

November 20, 2011

Author(s)

Mark L. Badger, David Bernstein, Robert B. Bohn, Frederic J. de Vaulx, Michael D. Hogan, Jin Mao, John V. Messina, Kevin L. Mills, Annie W. Sokol, Dawn M. Leaf, Fred Whiteside, Jin Tong

Report on the Third Static Analysis Tool Exposition (SATE 2010)

October 27, 2011

Author(s)

Vadim Okun, Paul E. Black, Aurelien M. Delaitre

The NIST Software Assurance Metrics And Tool Evaluation (SAMATE) project conducted the third Static Analysis Tool Exposition (SATE) in 2010 to advance research

Source Code Security Analysis Tool Test Plan

October 4, 2011

Author(s)

Hsiao-Ming M. Koo, Romain Gaucher, Charline Cleraux, Jenise Reyes Rodriguez

This document provides a set of metrics, including test suites and methods, to determine how well a particular source code security analysis tool conforms to

Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations

September 30, 2011

Author(s)

Kelley L. Dempsey, L A. Johnson, Matthew A. Scholl, Kevin M. Stine, Alicia Clay Jones, Angela Orebaugh, Nirali S. Chawla, Ronald Johnston

The purpose of this guideline is to assist organizations in the development of a continuous monitoring strategy and the implementation of a continuous

The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 [includes updates through 3-19-2012]

September 30, 2011

Author(s)

David A. Waltermire, Stephen D. Quinn, Adam M. Halbardier, Karen Scarfone

This document provides the definitive technical specification for version 1.2 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of

The NIST Definition of Cloud Computing

September 28, 2011

Author(s)

Peter M. Mell, Timothy Grance

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks

The NIST Center for Neutron Research: Over 40 Years Serving NIST/NBS and the Nation

September 16, 2011

Author(s)

John J. Rush, Ronald L. Cappelletti

Summary of Workshop on Research Needs for Full Scale Testing to Determine Vulnerabilities of Decking Assemblies to Ignition by Firebrand Showers

September 14, 2011

Author(s)

Samuel L. Manzello, Sayaka S. Suzuki

An international workshop was held within the Fire Research Division at NISTs Engineering Laboratory on June 27th, 2011. The workshop was entitled Urban and

NIST Cloud Computing Reference Architecture

September 8, 2011

Author(s)

Fang Liu, Jin Tong, Jian Mao, Robert B. Bohn, John V. Messina, Mark L. Badger, Dawn M. Leaf

The adoption of cloud computing into the Federal Government and its implementation depend upon a variety of technical and non-technical factors. A fundamental

User's Guide for SRM 2494 and 2495: The MEMS 5-in-1, 2011 Edition

September 6, 2011

Author(s)

Janet M. Cassard, Jon C. Geist, Theodore V. Vorburger, David T. Read, David G. Seiler

The Microelectromechanical Systems (MEMS) 5-in-1 is a standard reference device sold as a NIST Standard Reference Material (SRM) that contains MEMS test

The New Steel? Enabling the Carbon Nanomaterials Revolution: Markets, Metrology, Safety, and Scale-up

August 31, 2011

Author(s)

James A. Liddle

Summary of Workshop for Urban and Wildland-Urban Interface (WUI Fires: A Workshop to Explore Future Japan/USA Research Collaborations

August 26, 2011

Author(s)

Samuel L. Manzello, Sayaka S. Suzuki, Keisuke Himoto

An international workshop was held within the Fire Research Division at NISTs Engineering Laboratory on June 27th, 2011. The workshop was entitled Urban and

Guide for Security-Focused Configuration Management of Information Systems

August 12, 2011

Author(s)

L A. Johnson, Kelley L. Dempsey, Ronald S. Ross, Sarbari Gupta, Dennis Bailey

The purpose of Special Publication 800-128, Guide for Security-Focused Configuration Management of Information Systems, is to provide guidelines for

NIST-SP 500-291, NIST Cloud Computing Standards Roadmap

August 10, 2011

Author(s)

Michael D. Hogan, Fang Liu, Annie W. Sokol, Tong Jin

The NIST Cloud Computing Standards Roadmap Working Group has surveyed the existing standards landscape for security, portability, and interoperability standards

SRM 1450d, Fibrous-Glass Board, for Thermal Conductivity from 280 K to 340 K

August 1, 2011

Author(s)

Robert R. Zarr, Amanda C. Harris, John F. Roller, Stefan D. Leigh

Thermal conductivity measurements at and near room temperature are presented as the basis for certified values of thermal conductivity for SRM 1450d, Fibrous

SP250 Spectral Irradiance Calibrations

July 25, 2011

Author(s)

Howard W. Yoon, Charles E. Gibson

This document describes the process of the realization, the maintenance and the dissemination of the spectral irradiance scale and its accompanying

Emergency First Responder Respirator Thermal Characteristics: Workshop Proceedings

June 29, 2011

Author(s)

Amy E. Mensch, Nelson P. Bryner

The purpose of this workshop was to identify performance needs and establish research priorities to address the thermal characteristics of respiratory equipment

Report of the 95th National Conference on Weights and Measures

June 10, 2011

Author(s)

Linda D. Crown, Tina G. Butcher, Steven E. Cook, Lisa Warfield, David A. Sefcik

The 95th Annual Meeting of the National Conference on Weights and Measures (NCWM) was held July 11 to 15, 2010, at the Crowne Plaza St. Paul Riverfront, St

Proposed UNIFORMAT II Classification of Bridge Elements

June 10, 2011

Author(s)

Muthiah Kasi, Robert E. Chapman

This report presents a proposed UNIFORMAT II classification of bridge elements. Elemental classifications differ from traditional product-related

Guide to Industrial Control Systems (ICS) Security - Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC)

June 7, 2011

Author(s)

Keith A. Stouffer, Joseph A. Falco, Karen A. Scarfone

NIST Special Publication (SP) 800-82, Guide to Industrial Control Systems (ICS) Security, provides guidance on how to secure Industrial Control Systems (ICS)

Center for Nanoscale Science & Technology 2010 Report

May 9, 2011

Author(s)

Lloyd J. Whitman, Robert G. Rudnitsky, G. D. Rogers

BIOS Protection Guidelines

April 29, 2011

Author(s)

David Cooper, William Polk, Andrew Regenscheid, Murugiah Souppaya

This document provides guidelines for preventing the unauthorized modification of Basic Input/Output System (BIOS) firmware on PC client systems. Unauthorized

Technical Study of the Sofa Super Store Fire, South Carolina, June 18, 2007, Volume I

March 14, 2011

Author(s)

Nelson P. Bryner, Stephen P. Fuss, Bryan W. Klein, Anthony D. Putorti Jr.

A fire occurred on the evening of June 18, 2007, in the Sofa Super Store in Charleston, SC. NIST analyzed the fire ground, consulted with other experts, and

Technical Study of the Sofa Super Store Fire, South Carolina, June 18, 2007, Volume II (Appendices)

March 14, 2011

Author(s)

Nelson P. Bryner, Stephen P. Fuss, Bryan W. Klein, Anthony D. Putorti Jr.

A fire occurred on the evening of June 18, 2007, in the Sofa Super Store in Charleston, SC. NIST analyzed the fire ground, consulted with other experts, and

NIST Measurement Services: Regular Spectral Transmittance

March 10, 2011

Author(s)

David W. Allen, Edward A. Early, Benjamin K. Tsai, Catherine C. Cooksey

This document describes measurement services, instrumentation, and measurement techniques for regular spectral transmittance over the spectral range from 250 nm

Managing Information Security Risk: Organization, Mission, and Information System View

March 1, 2011

Author(s)

Ronald S. Ross

The purpose of Special Publication 800-39 is to provide guidance for an integrated, organization-wide program for managing information security risk to

NIST SP 500-268, Source Code Security Analysis Tool Function Specification Version 1.1

February 28, 2011

Author(s)

Elizabeth N. Fong, Paul E. Black, Michael J. Kass, Hsiao-Ming M. Koo

Software assurance tools are a fundamental resource to improve assurance in today's software applications. Some tools analyze software requirements or design