Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 326 - 350 of 402

Security Considerations in the Information System Development Life Cycle

October 10, 2003

Author(s)

Timothy Grance, Joan Hash, Marc Stevens

[Superseded by SP 800-64 Rev. 1 (June 2004): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151285] The need to provide protection for federal information systems has been present since computers were first used. Including security early in

Guide to Information Technology Security Services

October 9, 2003

Author(s)

Timothy Grance, Joan Hash, Marc Stevens, Kristofor O'Neal, Nadya Bartol

Organizations frequently must evaluate and select a variety of information technology (IT) security services in order to maintain and improve their overall IT security program and enterprise architecture. IT security services, which range from security

Guide to Selecting Information Technology Security Products

October 9, 2003

Author(s)

Timothy Grance, Marc Stevens, Marissa Myers

The selection of IT security products is an integral part of the design, development and maintenance of an IT security infrastructure that ensures confidentiality, integrity, and availability of mission critical information. The guide seeks to assist in

Building an Information Technology Security Awareness and Training Program

October 1, 2003

Author(s)

Mark Wilson, Joan Hash

NIST Special Publication 800-50, Building An Information Technology Security Awareness and Training Program, provides guidance for building an effective information technology (IT) security program and supports requirements specified in the Federal

Guidelines for Identifying an Information System as a National Security System

August 20, 2003

Author(s)

William C. Barker

This document provides guidelines developed in conjunction with the Department of Defense, including the National Security Agency, for identifying an information system as a national security system. The basis for these guidelines is the Federal

Security Metrics Guide for Information Technology Systems

August 1, 2003

Author(s)

Marianne M. Swanson, N Bartol, J Sabato, Joan Hash, L Graffo

[Superseded by SP 800-55 Rev. 1 (July 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152183] This document provides guidance on how an organization, through the use of metrics, identifies the adequacy of in-place security controls

Federal S/MIME V3 Client Profile

November 5, 2002

Author(s)

C M. Chernick

S/MIME (Secure / Multipurpose Internet Mail Extensions) is a set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME

Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System

November 1, 2002

Author(s)

Murugiah P. Souppaya, Anthony B. Harris, Mark McLarnon, Nikolaos Selimis

The document is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security

Wireless Network Security: 802.11, Bluetooth and Handheld Devices

November 1, 2002

Author(s)

Tom T. Karygiannis, L Owens

[Superseded by SP 800-48 Rev. 1 (July 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=890006] The purpose of this document is to provide agencies with guidance for establishing secure wireless networks. Agencies are encouraged to tailor

Guidelines on Securing Public Web Servers

October 9, 2002

Author(s)

Miles C. Tracy, Wayne Jansen, Mark McLarnon

[Superseded by SP 800-44 Ver. 2 (September 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51222] Web servers maintained for public use are normally the most targeted and attacked hosts on an organization's network. Thus, it is

Guidelines on Electronic Mail Security

September 11, 2002

Author(s)

Miles C. Tracy, Wayne Jansen, Scot Bisker

[Superseded by SP 800-45 Ver. 2 (February 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50953] Electronic mail (email) is perhaps the most popularly used system for exchanging information over the Internet. After Web servers, mail

Security Guide for Interconnecting Information Technology Systems

September 1, 2002

Author(s)

Timothy Grance, Joan Hash, Steven Peck, Jonathan Smith, Karen Korow-Diks

The Security Guide for Interconnecting Information Technology Systems provides guidance for planning, establishing, maintaining, & terminating interconnections between information technology (IT) systems that are owned & operated by different organizations

Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme

September 1, 2002

Author(s)

Peter M. Mell, Timothy Grance

[Superseded by SP 800-51 Rev. 1 (February 2011): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=907934] The Common Vulnerabilities and Exposures (CVE) vulnerability naming scheme is a dictionary of common names for publicly known information

Procedures for Handling Security Patches

August 1, 2002

Author(s)

Peter M. Mell, Miles C. Tracy

[Superseded by SP 800-40 Version 2.0 (November 2005): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150402] Timely patching is critical to maintain the operational availability, confidentiality, and integrity of IT systems. However, failure

Security for Telecommuting and Broadband Communications

August 1, 2002

Author(s)

D. Richard Kuhn, Miles C. Tracy, Sheila E. Frankel

[Superseded by SP 800-46 Rev. 1 (June 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902685] This document introduces broadband communication technologies, and the security considerations associated with them. It discusses the use of a

Risk Management Guide for Information Technology Systems

July 1, 2002

Author(s)

G Stoneburner, Alice Y. Goguen, Alexis Feringa

[Superseded by SP 800-30 Revision 1 (September 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=912091] Risk Management is the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level

Contingency Planning Guide for Information Technology Systems

June 13, 2002

Author(s)

Marianne M. Swanson, A Wohl, L Pope, Timothy Grance, Joan Hash, R Thomas

[Superseded by SP 800-34 Revision 1 (May 2010): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=905266] The Contingency Planning Guide for Information Technology (IT) Systems provides instructions, recommendations, and considerations for

Guidelines on Firewalls and Firewall Policy

January 1, 2002

Author(s)

John P. Wack, Ken Cutler, Jamie Pole

[Superseded by SP 800-41 Rev. 1 (September 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=901083] This document provides introductory information about firewalls and firewall policy. It addresses concepts relating to the design

Recommendation for Block Cipher Modes of Operation Methods and Techniques

December 1, 2001

Author(s)

Morris J. Dworkin

This recommendation defines five confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR)

Underlying Technical Models for Information Technology Security

December 1, 2001

Author(s)

G Stoneburner

Underlying Technical Models for Information Technology Security provides a description of the technical foundations, termed models, that underlie secure information technology (IT). The intent is to provide, in a concise form, the models that should be

Intrusion Detection Systems

November 1, 2001

Author(s)

Rebecca Bace, Peter Mell

[Superseded by NIST SP 800-94, Guide to Intrusion Detection and Prevention Systems (IDPS), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50951] Intrusion detection systems (IDSs) are software or hardware systems that automate the process of

Security Self-Assessment Guide for Information Technology Systems

November 1, 2001

Author(s)

Marianne M. Swanson

[Withdrawn December 19, 2007; Superseded by SP 800-53 (Feb. 2005), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918658, and SP 800-53A (July 2008), http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51209] Self-assessments provide

Guidelines on Active Content and Mobile Code

October 17, 2001

Author(s)

Wayne Jansen

[Superseded by SP 800-28 Version 2 (March 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152039] Active content technologies allow code, in the form of a script, macro, or other kind of portable instruction representation, to execute

Engineering Principles for Information Technology Security (A Baseline for Achieving Security)

June 15, 2001

Author(s)

G Stoneburner, Clark Hayden, Alexis Feringa

[Superseded by SP 800-27 Revision A (June 2004): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151294] The Engineering Principles for Information Technology (IT) Security (EP-ITS) presents a list of system-level security principles to be

A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2

June 1, 2001

Author(s)

Stanley R. Snouffer, Arch Oldehoeft

Federal agencies, industry, and the public now rely on cryptography to protect information and communications used in critical infrastructures, electronic commerce, and other application areas. Cryptographic modules are implemented in these products and

Was this page helpful?

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive