Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Special Publication (NIST SP)

National Checklist Program for IT Products Guidelines for Checklist Users and Developers

February 25, 2011

Author(s)

Stephen D. Quinn, Murugiah P. Souppaya, Melanie Cook, Karen Scarfone

Special Publication 800-70 Revision 2 - National Checklist Program for IT Products Guidelines for Checklist Users and Developers describes security

The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1

February 25, 2011

Author(s)

David A. Waltermire, Stephen D. Quinn, Karen Scarfone

This document provides the definitive technical specification for Version 1.1 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of

Guide to Using Vulnerability Naming Schemes

February 25, 2011

Author(s)

David A. Waltermire, Karen Scarfone

This publication provides recommendations for using two vulnerability naming schemes: Common Vulnerabilities and Exposures (CVE) and Common Configuration

2010 Proceedings of the Performance Metrics for Intelligent Systems (PerMIS'10) Workshop

February 8, 2011

Author(s)

Rajmohan (. Madhavan, Elena R. Messina, Brian A. Weiss

The 2010 Performance Metrics for Intelligent Systems workshop is the tenth in a series dedicated to defining measures and methodologies of evaluating

Guide to Security for Full Virtualization Technologies

January 28, 2011

Author(s)

Murugiah P. Souppaya, Karen Scarfone, Paul Hoffman

The purpose of SP 800-125 is to discuss the security concerns associated with full virtualization technologies for server and desktop virtualization, and to

Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

January 13, 2011

Author(s)

Elaine B. Barker, Allen L. Roginsky

[Superseded by SP 800-131A Revision 1 (November 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=919563] At the start of the 21st century

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

December 31, 2010

Author(s)

William Polk, Donna F. Dodson, William E. Burr, Hildegard Ferraiolo, David Cooper

[Superseded by SP 800-78-4 (May 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918499] This document contains the technical specifications

Guidelines for the Secure Deployment of IPv6

December 29, 2010

Author(s)

Sheila E. Frankel, Richard Graveman, John Pearce, Mark Rooks

Due to the exhaustion of IPv4 address space, and the Office of Management and Budget (OMB) mandate that U.S. federal agencies begin to use the IPv6 protocol

Recommendation for Existing Application-Specific Key Derivation Functions

December 23, 2010

Author(s)

Quynh H. Dang

[Superseded by NIST SP 800-135 Rev. 1, "Recommendation for Existing Application-Specific Key Derivation Functions" (December 2011), http://www.nist.gov

Recommendation for Password-Based Key Derivation Part 1: Storage Applications

December 22, 2010

Author(s)

Meltem Sonmez Turan, Elaine B. Barker, William E. Burr, Lidong Chen

This Recommendation specifies techniques for the derivation of master keys from passwords or passphrases to protect stored electronic data or data protection

Technical Study of the Sofa Super Store Fire- South Carolina, June 18, 2007 Volume I DRAFT FOR PUBLIC COMMENT (for final version, see NIST SP 1118, March 2011)

October 28, 2010

Author(s)

Nelson P. Bryner, Anthony D. Putorti Jr., Stephen P. Fuss, Bryan W. Klein

A fire occurred on the evening of June 18, 2007, in the Sofa Super Store in Charleston, SC. NIST analyzed the fire ground, consulted with other experts, and

Technical Study of the Sofa Super Store Fire-South Carolina, June 18, 2007 Volume II DRAFT FOR PUBLIC COMMENT (for final version, see NIST SP 1119, March 2011)

October 28, 2010

Author(s)

Nelson P. Bryner, Anthony D. Putorti Jr., Stephen P. Fuss, Bryan W. Klein

A fire occurred on the evening of June 18, 2007, in the Sofa Super Store in Charleston, SC. NIST analyzed the fire ground, consulted with other experts, and

Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode

October 21, 2010

Author(s)

Morris J. Dworkin

A limitation to Cipher Block Chaining (CBC) mode, as specified in NIST Special Publication 800-38A, is that the plaintext input must consist of a sequence of

Disaster Resilience: A Guide to the Literature

October 13, 2010

Author(s)

Stanley W. Gilbert

Although there is a great deal of high-quality information available on resilience-related topics hazard assessment, vulnerability assessment, risk assessment

Practical Combinatorial Testing

October 7, 2010

Author(s)

David R. Kuhn, Raghu N. Kacker, Yu Lei

Combinatorial testing can help detect problems like this early in the testing life cycle. The key insight underlying t-way combinatorial testing is that not

Methodology for Calculating Construction Industry Supply Chain Statistics

September 30, 2010

Author(s)

Douglas S. Thomas

Data from the Economic Census provides detailed statistics on the construction industry; however, the data is only gathered every five years. The Bureau of

Guide to Securing WiMAX Wireless Communications

September 30, 2010

Author(s)

Karen A. Scarfone, Cyrus Tibbs, Matt Sexton

The purpose of this document is to provide information to organizations regarding the security capabilities of wireless communications using WiMAX networks and

Economics of Egress Alternatives and Life-Safety Costs

September 30, 2010

Author(s)

Robert E. Chapman, David T. Butry, Allison L. Huang, Douglas S. Thomas

Fire protection measures are needed to maintain the safety and integrity of the Nation s building stock and to limit loss of life and property when building

Real-Time Monitoring of Total Inward Leakage of Respiratory Equipment Used by Emergency responders: Workshop Proceedings

September 27, 2010

Author(s)

Kathryn M. Butler, Marc R. Nyden, Rodney A. Bryant

A workshop on respirator sensors was held at the National Institute of Standards and Technology (NIST) on May 1, 2009. The objective of this workshop was to

A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications

September 16, 2010

Author(s)

Lawrence E. Bassham, Andrew L. Rukhin, Juan Soto, James R. Nechvatal, Miles E. Smid, Stefan D. Leigh, M Levenson, M Vangel, Nathanael A. Heckert, D L. Banks

This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may be used in many

Measuring Up to Sustainable Water, NIST-Virginia Tech Workshop on Aging Water Infrastructure September 9-10 2010

September 9, 2010

Author(s)

Stephanie A. Hooker, Christopher N. McCowan, Sunil K. Sinha, Mark Edwards

The NIST-VT workshop identified funding priorities for federal institutions and other funding sources for sustainable water infrastructure systems in order to

Report of the 94th National Conference on Weights and Measures, July 12 - 16, 2009, San Antonio, Texas (SP1099)

August 2, 2010

Author(s)

Tina G. Butcher, Steven E. Cook, Linda D. Crown, Lisa Warfield

The 94th Annual Meeting of the National Conferenc eon Weights and Measures (NCWM) was held in San Antonio, Texas, July 12 throgh 16, 2009. The theme of the

PIV Card Application and Middleware Interface Test Guidelines (SP800-73-3 compliance)

July 28, 2010

Author(s)

Ramaswamy Chandramouli, Hildegard Ferraiolo, Ketan L. Mehta

[Superseded by SP 800-85A-4 (April 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920340] The objective of this document is to provide test

Guide to Adopting and Using the Security Content Automation Protocol (SCAP), Version 1.0

July 27, 2010

Author(s)

Stephen D. Quinn, Karen A. Scarfone, Matthew P. Barrett, Christopher S. Johnson

The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level

Summary of Workshop on Research Needs for Full Scale Testing to Determine Vulnerabilities of Siding Treatments and Glazing Assemblies to Ignition by Firebrand Showers

July 12, 2010

Author(s)

Samuel L. Manzello, Sayaka S. Suzuki

Anecdotal evidence as well as post-fire damage assessment studies suggests that wind driven firebrand attack is responsible for the majority of structure

2009 Performance Metrics for Intelligent Systems (PerMIS'09) Workshop

July 9, 2010

Author(s)

Rajmohan Madhavan, Elena R. Messina

The Performance Metrics for Intelligent Systems (PerMIS) workshop is dedicated to defining measures and methodologies of evaluating performance of intelligent

The Second Static Analysis Tool Exposition (SATE) 2009

July 2, 2010

Author(s)

Vadim Okun, Paul E. Black, Aurelien M. Delaitre

The NIST SAMATE project conducted the second Static Analysis Tool Exposition (SATE) in 2009 to advance research in static analysis tools that find security

A Sensor-Driven Fire Model, Version 1.2

July 1, 2010

Author(s)

William D. Davis

Modern building fire sensors are capable of supplying substantially more information to the fire service than just the simple detection of a possible fire. In

Calibration service for instruments that measure laser beam diameter

July 1, 2010

Author(s)

Shao Yang

This document describes the calibration service for instruments that measure laser beam diameter. An overview of the measurement procedures, measurement system

Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans

June 29, 2010

Author(s)

Ronald S. Ross, L A. Johnson

[Superseded by SP 800-53A Rev. 4 (December 2014): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917644] Special Publication 800-53A, Revision 1