U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 451 - 475 of 2211

Digital Identity Guidelines: Enrollment and Identity Proofing Requirements

June 22, 2017
Author(s)
Paul A. Grassi, James L. Fenton, Naomi B. Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen Greene, Mary F. Theofanos
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the enrollment and

Digital Identity Guidelines: Federation and Assertions

June 22, 2017
Author(s)
Paul A. Grassi, Ellen M. Nadeau, Justin P. Richer, Sarah K. Squire, James L. Fenton, Naomi Lefkovitz, Jamie M. Danker, Yee-Yin Choong, Kristen K. Greene
This document and its companion documents, SP 800-63, SP 800-63A, and SP 800-63B, provide technical and procedural guidelines to agencies for the implementation of federated identity systems and for assertions used by federations. This publication

Towards Actionable Mission Impact Assessment in the Context of Cloud Computing

June 22, 2017
Author(s)
Xiaoyan Sun, Anoop Singhal, Peng Liu
Today's cyber-attacks towards enterprise networks often undermine and even fail the mission assurance of victim networks. Mission cyber resilience (or active cyber defense) is critical to prevent or minimize negative consequences towards missions. Without

Toward Standardizing Lightweight Cryptography

June 21, 2017
Author(s)
Kerry A. McKay, Larry Feldman, Gregory A. Witte
This bulletin summarizes the information in NISTIR 8114: Report on Lightweight Cryptography which provides an overview of the lightweight cryptography project at NIST and describes plans for the standardization of lightweight cryptography algorithms.

A Testbed to Verify Timing Behavior of Cyber-Physical Systems

June 18, 2017
Author(s)
Aviral Shrivastava, Mohammad Khayatian, Mohammadreza Mehrabian, Hugo A. Andrade, Patricia Derler, Ya-Shian Li-Baboud, Edward Griffor, Marc A. Weiss, John Eidson, Kevin Stanton
Time is a foundational aspect of Cyber-Physical Systems (CPS). Correct time and timing of system events is critical to optimized responsiveness to the environment, in terms of timeliness, accuracy and precision in the knowledge, measurement, prediction

An Updated Security Analysis of PFLASH

June 4, 2017
Author(s)
Ryann Cartor, Daniel Smith-Tone
One application in post-quantum cryptography that appears especially difficult is security for low-power or no-power devices. One of the early champions in this arena was SFLASH, which was recommended by NESSIE for implementation in smart cards due to its

Key Recovery Attack for All Parameters of HFE-

June 4, 2017
Author(s)
Jeremy Vates, Daniel Smith-Tone
Recently, by an interesting confluence, multivariate schemes with the minus modifier have received attention as candidates for multivariate encryption. Among these candidates is the twenty year old HFE – scheme originally envisioned as a possible candidate

Key Recovery Attack for ZHFE

June 4, 2017
Author(s)
Daniel Cabarcas, Daniel Smith-Tone, Javier A. Verbel
At PQCRYPTO 2014, Porras, Baena and Ding introduced ZHFE, an interesting new technique for multivariate post-quantum encryption. The scheme is a generalization of HFE in which a single low degree polynomial in the central map is replaced by a pair of high

Inferring previously uninstalled applications from digital traces

May 25, 2017
Author(s)
Jim Jones, Tahir Kahn, Kathryn B. Laskey, Alexander J. Nelson, Mary T. Laamanen, Douglas R. White
In this paper, we present an approach and experimental results to suggest the past presence of an application after the application has been uninstalled and the system has remained in use. Current techniques rely on the recovery of intact artifacts and

What Happened to Software Metrics?

May 25, 2017
Author(s)
Jeffrey M. Voas, David R. Kuhn
In the 1980's, the software quality community was all 'a buzz' with seemingly endless 'potential' approaches for producing higher quality software. At the forefront of that was software metrics, along with the corresponding software testing techniques and

Cyber Threat Intelligence and Information Sharing

May 8, 2017
Author(s)
Christopher S. Johnson, Larry Feldman, Gregory A. Witte
This bulletin, based on NIST Special Publication (SP) 800-150, introduces cyber threat intelligence and information sharing concepts, describes the benefits and challenges of sharing, clarifies the importance of trust, and introduces specific data handling

Guide to Bluetooth Security

May 8, 2017
Author(s)
John Padgette, John Bahr, Mayank Batra, Marcel Holtmann, Rhonda Smithbey, Lidong Chen, Karen Scarfone
Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and has been integrated into many types of business and consumer devices. This publication

Dynamic Appliances Scheduling in Collaborative MicroGrids System

May 1, 2017
Author(s)
Hamid Gharavi, Hasnae Bilil
Abstract—In this paper a new approach which is based on a collaborative system of MicroGrids (MG’s), is proposed to enable household appliance scheduling. To achieve this, appliances are categorized into flexible and non-flexible Deferrable Loads (DL’s)

Energy Efficiency Challenges of 5G Small Cell Networks

May 1, 2017
Author(s)
Hamid Gharavi
The deployment of a large number of small cells poses new challenges to energy efficiency, which has often been ignored in fifth generation (5G) cellular networks. While massive multiple-input multiple outputs (MIMO) will reduce the transmission power at

Building the Bridge between Privacy and Cybersecurity for Federal Systems

April 19, 2017
Author(s)
Naomi B. Lefkovitz, Ellen M. Nadeau, Larry Feldman, Gregory A. Witte
This bulletin summarizes the information in NISTIR 8062: An Introduction to Privacy Engineering and Risk Management in Federal Information Systems which provides an introduction to the concepts of privacy engineering and risk management for federal

Instance Search Retrospective with Focus on TRECVID

April 5, 2017
Author(s)
George M. Awad, Wessel Kraaij, Paul Over, Shin'ichi Satoh
This paper presents an overview of the Video Instance Search benchmark which was run over a pe- riod of 6 years (2010-2015) as part of the TREC Video Retrieval (TRECVID) workshop series. The main contributions of the paper include i) an examination of the

TRECVID 2016 Video to Text Description NEW Showcase/Pilot Task Overview

April 5, 2017
Author(s)
George M. Awad
A new pilot task was introduced and evaluated during the TRECIVD 2016 workshop cycle. The task evaluates methods that provides solutions to describe short videos into natural text descriptions and also methods that matches short videos to short english

Report on Lightweight Cryptography

March 28, 2017
Author(s)
Kerry McKay, Lawrence E. Bassham, Meltem Sonmez Turan, Nicky Mouha
NIST-approved cryptographic standards were designed to perform well using general-purpose computers. In recent years, there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When

Expanding lipidome coverage using LC-MS/MS data-dependent acquisition with automated exclusion list generation

March 6, 2017
Author(s)
John Bowden, Jeremy P. Koelmel, Nicholas M. Kroeger, Emily L. Gill, Candice Z. Ulmer, Rainey E. Patterson, Richard A. Yost, Timothy J. Garrett
Untargeted omics analyses aim to comprehensively characterize biomolecules within a biological system. Changes in the presence or quantity of these biomolecules can indicate important biological perturbations, such as those caused by disease. With current

Building Caring Healthcare Systems in the Internet of Things

February 22, 2017
Author(s)
Phillip Laplante, Mohamad Kassab, Nancy Laplante, Jeff Voas
The nature of healthcare and the computational and physical technologies and constraints present a number of challenges to systems designers and implementers. In spite of the challenges, there is a significant market for systems and products to support

Email Authentication Mechanisms: DMARC, SPF and DKIM

February 16, 2017
Author(s)
J. S. Nightingale
In recent years the IETF has been making a range of efforts to secure the email infrastructure and its use. Infrastructure protection includes source authentication by RFC 7208 Sender Policy Framework (SPF), message integrity authentication by RFC 6376
Displaying 451 - 475 of 2211