Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 751 - 775 of 1431

National Voluntary Laboratory Accreditation Program (NVLAP) Cryptographic and Security Testing

March 13, 2012

Author(s)

Dana S. Leaman

The revision of NIST Handbook 150-17 presents an addition of the technical requirements and guidance for the accreditation of laboratories performing testing in support of the Department of Homeland Security Transportation Worker Identification Credential

Secure Hash Standard (SHS)

March 6, 2012

Author(s)

Quynh H. Dang

[Superseded by FIPS 180-4 (August 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=919060] This standard specifies hash algorithms that can be used to generate digests of messages. The digests are used to detect whether messages have

Guidelines for Securing Wireless Local Area Networks (WLANs)

February 27, 2012

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs): Recommendations of the National Institute of Standards and Technology. The publication was written by

Guidelines for Securing Wireless Local Area Networks (WLANs)

February 21, 2012

Author(s)

Murugiah P. Souppaya, Karen Scarfone

A wireless local area network (WLAN) is a group of wireless networking devices within a limited geographic area, such as an office building, that exchange data through radio communications. The security of each WLAN is heavily dependent on how well each

Building Security into Off-the-Shelf Smartphones

February 1, 2012

Author(s)

Angelos Stavrou, Jeff Voas, Tom T. Karygiannis, Stephen Quirolgico

Recent advancements in hardware have increased the computing power, memory, storage, and wireless connectivity of handheld mobile devices. Smart-phone devices are used for everyday activities that range from Maps and Geo-location tagging to banking. Indeed

Determining Authentication Strength for Smart Card-based Authentication Use Cases

January 30, 2012

Author(s)

Ramaswamy Chandramouli

Smart cards are now being extensively deployed for identity verification(smart identity tokens) for controlling access to Information Technology (IT) as well as physical resources. Depending upon the sensitivity of the resources and the risk of wrong

Advancing Security Automation and Standardization: Revised Technical Specifications Issued for the Security Content Automation Protocol (SCAP)

January 24, 2012

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-126 Rev. 2, The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2. This publication was written by David Waltermire and

Recommendation for Random Number Generation Using Deterministic Random Bit Generators

January 23, 2012

Author(s)

Elaine B. Barker

[Superseded by SP 800-90A Revision 1 (June 2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=918489] This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on

Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher

January 23, 2012

Author(s)

William C. Barker, Elaine B. Barker

This publication specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). When implemented in an SP 800-38-series-compliant mode of operation and in a FIPS 140-2

Vulnerability Hierarchies in Access Control Configurations

December 27, 2011

Author(s)

David R. Kuhn

This paper applies methods for analyzing fault hierarchies to the analysis of relationships among vulnerabilities in misconfigured access control rule structures. Hierarchies have been discovered previously for faults in arbitrary logic formulae, such that

Recommendation for Existing Application-Specific Key Derivation Functions

December 23, 2011

Author(s)

Quynh H. Dang

Cryptographic keys are vital to the security of internet security applications and protocols. Many widely-used internet security protocols have their own application-specific Key Derivation Functions (KDFs) that are used to generate the cryptographic keys

Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of their Information Systems

December 22, 2011

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-63-1, Electronic Authentication Guideline. This revised guideline, which supersedes an earlier guideline, NIST SP 800-63, updates information about, and recommendations

Electronic Authentication Guideline

December 12, 2011

Author(s)

William E. Burr, Donna F. Dodson, Elaine M. Newton, Ray Perlner, William Polk, Sarbari Gupta, Emad A. Nabbus

[Superseded by SP 800-63-2 (August 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=914476] This recommendation provides technical guidelines for Federal agencies implementing electronic authentication and is not intended to constrain

Guidelines on Security and Privacy in Public Cloud Computing

December 9, 2011

Author(s)

Timothy Grance, Wayne Jansen

Cloud computing can and does mean different things to different people. The common characteristics most interpretations share are on-demand scalability of highly available and reliable pooled computing resources, secure access to metered services from

Role Engineering: Methods and Standards

December 8, 2011

Author(s)

Edward Coyne, Timothy Weil, D. Richard Kuhn

This article explains problems and approaches to designing permission structures for role based access control. RBAC and the RBAC standard are summarized, common approaches to role engineering described, and the current status and plans for the INCITS role

On the Differential Security of Multivariate Public Key Cryptosystems

November 29, 2011

Author(s)

Daniel C. Smith-Tone

Since the discovery of an algorithm for factoring and computing discrete logarithms in polynomial time on a quantum computer, the cryptographic community has been searching for an alternative for security in the approaching post-quantum world. One

Recommendation for Key Derivation through Extraction-then-Expansion

November 28, 2011

Author(s)

Lidong Chen

This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key establishment scheme defined in NIST Special Publications 800-56A or 800-56B through an extraction-then-expansion procedure.

Service Model Driven Variations in Security Measures for Cloud Environments

November 6, 2011

Author(s)

Ramaswamy Chandramouli

With the increasing adoption of cloud computing service models - Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), proper implementation of adequate and appropriate security protection measures has become a

Mean Value Formulas for Twisted Edwards Curves

November 3, 2011

Author(s)

Dustin Moody

R. Feng and H.Wu recently established a certain mean-value formula for the coordinates of the n-division points on an elliptic curve given inWeierstrass form (A mean value formula for elliptic curves, 2010, available at http://eprint.iacr.org/2009/586.pdf)

Mobile-App Addiction: Threat to Security?

November 1, 2011

Author(s)

George Hurlburt, Jeff Voas, Keith Miller

Giving individuals this kind of information processing power, along with unprecedented connectivity, might be the single most impressive technical achievement of the 21st century. Nobody knows what the full impact of this transformation will be, but it's

The National Strategy for Trusted Identities in Cyberspace (Enhancing Online Choice, Efficiency, Security, and Privacy through Standards)

November 1, 2011

Author(s)

Jeremy A. Grant

Dear Password, Its time for you to retire. Youve served us well, but the reality is that youre woefully outdated and fundamentally insecure. Moreover, our reliance on you is making it difficult to move some very interesting and valuable types of

A Trustful Authentication and Key Exchange Scheme (TAKES) for Ad Hoc Networks

October 27, 2011

Author(s)

Tony V. Cheneau, Maryline Laurent, Andrei V. Sambra

This paper presents a new public key distribution scheme adapted to ad hoc networks called TAKES for Trustful Authentication and Key Exchange Scheme. Its originality lies in performing authentication and key distribution with no need for a trusted

Report on the Third Static Analysis Tool Exposition (SATE 2010)

October 27, 2011

Author(s)

Vadim Okun, Paul E. Black, Aurelien M. Delaitre

The NIST Software Assurance Metrics And Tool Evaluation (SAMATE) project conducted the third Static Analysis Tool Exposition (SATE) in 2010 to advance research in static analysis tools that find security defects in source code. The main goals of SATE were

Continuous Monitoring of Information Security: An Essential Component of Risk Management

October 25, 2011

Author(s)

Shirley M. Radack

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. The guide helps organizations develop an ISCM strategy and

Security Automation from a NIST Perspective

October 21, 2011

Author(s)

John F. Banghart, Stephen D. Quinn, Kevin M. Stine

Security automation can harmonize the vast amounts of information technology (IT) data into coherent, comparable information streams that inform timely and active management of diverse IT systems. Through the creation of internationally recognized

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive