Skip to main content

NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 326 - 350 of 402

Guide to Information Technology Security Services

October 9, 2003
Author(s)
Timothy Grance, Joan Hash, Marc Stevens, Kristofor O'Neal, Nadya Bartol
Organizations frequently must evaluate and select a variety of information technology (IT) security services in order to maintain and improve their overall IT security program and enterprise architecture. IT security services, which range from security

Guide to Selecting Information Technology Security Products

October 9, 2003
Author(s)
Timothy Grance, Marc Stevens, Marissa Myers
The selection of IT security products is an integral part of the design, development and maintenance of an IT security infrastructure that ensures confidentiality, integrity, and availability of mission critical information. The guide seeks to assist in

Building an Information Technology Security Awareness and Training Program

October 1, 2003
Author(s)
Mark Wilson, Joan Hash
NIST Special Publication 800-50, Building An Information Technology Security Awareness and Training Program, provides guidance for building an effective information technology (IT) security program and supports requirements specified in the Federal

Federal S/MIME V3 Client Profile

November 5, 2002
Author(s)
C M. Chernick
S/MIME (Secure / Multipurpose Internet Mail Extensions) is a set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME

Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System

November 1, 2002
Author(s)
Murugiah P. Souppaya, Anthony B. Harris, Mark McLarnon, Nikolaos Selimis
The document is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security

Security Guide for Interconnecting Information Technology Systems

September 1, 2002
Author(s)
Timothy Grance, Joan Hash, Steven Peck, Jonathan Smith, Karen Korow-Diks
The Security Guide for Interconnecting Information Technology Systems provides guidance for planning, establishing, maintaining, & terminating interconnections between information technology (IT) systems that are owned & operated by different organizations

Recommendation for Block Cipher Modes of Operation Methods and Techniques

December 1, 2001
Author(s)
Morris J. Dworkin
This recommendation defines five confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR)

Underlying Technical Models for Information Technology Security

December 1, 2001
Author(s)
G Stoneburner
Underlying Technical Models for Information Technology Security provides a description of the technical foundations, termed models, that underlie secure information technology (IT). The intent is to provide, in a concise form, the models that should be
Displaying 326 - 350 of 402
Was this page helpful?