Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 726 - 750 of 1431

What Continuous Monitoring Really Means

July 24, 2012

Author(s)

Ronald S. Ross

[Print Title: "Establishing a Secure Framework"] Recently, NIST completed a fundamental transformation of the traditional certification and accreditation process into a comprehensive, near real-time, security life cycle process as part of a Risk Management

Arithmetic Progressions on Huff Curves

July 23, 2012

Author(s)

Dustin Moody

We look at arithmetic progressions on elliptic curves known as Huff curves. By an arithmetic progression on an elliptic curve, we mean that either the x or y-coordinates of a sequence of rational points on the curve form an arithmetic progression. Previous

Evolutionary Construction of de Bruijn Sequences

July 20, 2012

Author(s)

Meltem Sonmez Turan

A binary de Bruijn sequence of order n is a cyclic sequence of period 2^n, in which each n-bit pattern appears exactly once. These sequences are commonly used in applications such as stream cipher design, pseudo-random number generation, 3-D pattern

What's Special About Cloud Security?

July 16, 2012

Author(s)

Peter M. Mell

While cloud security concerns have consistently ranked as one of the top challenges to cloud adoption, it is not clear what security issues are special with respect to cloud computing. To approach this question, we attempt to derive cloud security issues

NIST Test Personal Identity Verification (PIV) Cards

July 12, 2012

Author(s)

David A. Cooper

In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, NIST has developed a set of test PIV Cards and a supporting public key infrastructure. This set of test cards includes not

Preparing for and Responding to CA Compromise and Fraudulent Certificate Issuance

July 10, 2012

Author(s)

Paul Turner, William Polk, Elaine B. Barker

As the use of Public Key Infrastructure (PKI) and digital certificates (e.g., the use of Transport Layer Security [TLS] and Secure Sockets Layer [SSL]) for the security of systems has increased, the certification authorities (CAs) that issue certificates

Recommendation for Key Management - Part 1: General (Revision 3)

July 10, 2012

Author(s)

Elaine B. Barker, William C. Barker, William E. Burr, William T. Polk, Miles E. Smid

[Superseded by SP 800-57 Part 1 Revision 4 (January 2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=919831]This Recommendation provides cryptographic key management guidance in three parts. Part 1 of the Recommendation 1) defines the

The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities

July 10, 2012

Author(s)

Elizabeth LeMay, Peter Mell, Karen Scarfone

The Common Misuse Scoring System (CMSS) is a set of measures of the severity of software feature misuse vulnerabilities. A software feature is a functional capability provided by software. A software feature misuse vulnerability is a vulnerability in which

Usability of PIV Smartcards for Logical Access

June 28, 2012

Author(s)

Emile L. Morse, Mary F. Theofanos, Yee-Yin Choong, Celeste Paul, Aiping L. Zhang, Hannah Wald

This paper presents the findings of a PIV usability pilot study conducted at NIST during the summer of 2010. The study focused on factors that affected users' perceptions and adoption of PIV smartcards. Based on observation of the study participants, the

Cloud Computing: A Review of Features, Benefits, and Risks, and Recommendations for Secure, Efficient Implementations

June 27, 2012

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-146, Cloud Computing Synopsis and Recommendations: Recommendations of the National Institute of Standards and Technology. The publication explains the different cloud

Combinatorial Testing

June 25, 2012

Author(s)

David R. Kuhn, Raghu N. Kacker, Yu Lei

Combinatorial testing is a method that can reduce cost and improve test effectiveness significantly for many applications. The key insight underlying this form of testing is that not every parameter contributes to every failure, and empirical data suggest

Guide to Bluetooth Security

June 11, 2012

Author(s)

John Padgette, Lidong Chen, Karen Scarfone

[Superseded by SP 800-121 Rev. 2 (May 2017): http://www.nist.gov/manuscript-publication- search.cfm?pub_id=922974] Bluetooth is an open standard for short-range radio frequency communication. Bluetooth technology is used primarily to establish wireless

Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense

June 11, 2012

Author(s)

Rui Zhuang, Su Zhang, Scott DeLoach, Xinming Ou, Anoop Singhal

Moving-target defense has been hypothesized as a potential game changer in cyber defense, including that for computer networks. However there has been little work to study how much proactively changing a network's configuration can increase the difficulty

The Internet of Things: A Reality Check

June 11, 2012

Author(s)

George Hurlburt, Jeff Voas, Keith Miller

The short persepctive explains the concept behind Internet of Things (IoT). The publication is a perspectives piece for an IEEE magazine and not intended to be technical. This is intended to be published in a specific column in the magazine.

NICE: Creating a Cybersecurity Workforce and Aware Public

June 4, 2012

Author(s)

Celia Paulsen, Ernest L. McDuffie, William D. Newhouse, Patricia R. Toth

The National Initiative for Cybersecurity Education (NICE) aims to create an operational, sustainable, and continually improving program for cybersecurity awareness, education, training, and workforce development. As part of the initiative, the NICE

Cloud Computing Synopsis and Recommendations

May 29, 2012

Author(s)

Mark L. Badger, Timothy Grance, Robert Patt-Corner, Jeffrey M. Voas

This document reprises the NIST-established definition of cloud computing, describes cloud computing benefits and open issues, presents an overview of major classes of cloud technology, and provides guidelines and recommendations on how organizations

Secure Hash Standard: Updated Specifications Approved and Issued as Federal Information Processing Standard (FIPS) 180-4

May 9, 2012

Author(s)

Shirley M. Radack

This bulletin summarizes the information that is included in revised Federal Information Processing Standard 180-4, Secure Hash Standard. The revised standard, announced in a March 6, 2012, Federal Register notice, was approved by the Secretary of Commerce

Computer Security Division 2011 Annual Report

May 8, 2012

Author(s)

Patrick D. O'Reilly

Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry

Adaptive Preimage Resistance Analysis Revisited: Requirements, Subtleties and Implications

April 16, 2012

Author(s)

Dong H. Chang, Moti Yung

In the last few years, the need to design new cryptographic hash functions has led to the intense study of when desired hash multi-properties are preserved or assured under compositions and domain extensions. In this area, it is important to identify the

Basing Cybersecurity Training on User Perceptions

April 2, 2012

Author(s)

Susanne M. Furman, Mary F. Theofanos, Yee-Yin Choong, Brian C. Stanton

The National Initiative for Cybersecurity Education (NICE) will be conducting a nationwide awareness and outreach program to effect behavioral change. To be effective, an educational campaign must first understand users perceptions of computer and online

Guidelines for Improving Security and Privacy in Public Cloud Computing

March 28, 2012

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-144, Guidelines on Security and Privacy in Public Cloud Computing. These new guidelines, which were written by Wayne Jansen of Booz Allen Hamilton and Tim Grance of

A Matter of Policy

March 26, 2012

Author(s)

David F. Ferraiolo, Jeffrey M. Voas, George Hurlburt

This paper discusses system security policies. System policies are the set of rules that when implemented afford a strategy for the protection of information. The policy objectives are diverse and span the social-economic spectrum. System policies govern

A Keyed Sponge Construction with Pseudorandomness in the Standard Model

March 22, 2012

Author(s)

Donghoon Chang, Morris Dworkin, Seokhie Hong, John M. Kelsey, Mridul Nandi

The sponge construction, designed by Bertoni, Daemen, Peeters, and Asscheis, is the framework for hash functions such as Keccak, PHOTON, Quark, and spongent. The designers give a keyed sponge construction by prepending the message with key and prove a

Improved Indifferentiability Security Bound for the JH Mode

March 22, 2012

Author(s)

Dustin Moody, Souradyuti Paul, Daniel C. Smith-Tone

The JH hash function is one of the five fi nalists of the ongoing NIST SHA3 hash function competition. Despite several earlier attempts, and years of analysis, the indi fferentiability security bound of the JH mode has so far remained remarkably low, only

Specification for WS-Biometric Devices (WS-BD)

March 14, 2012

Author(s)

Ross J. Micheals, Kevin C. Mangold, Matthew L. Aronoff, Kayee Hanaoka, Karen Marshall

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive