Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1051 - 1075 of 1431

Role-Based Access Control, Second Edition

December 31, 2006

Author(s)

David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli

[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition

PIV Card to Reader Interoperability Guidelines

December 29, 2006

Author(s)

James F. Dray Jr., April Giles, Michael Kelley, Ramaswamy Chandramouli

The purpose of this document is to present recommendations for Personal Identity Verification (PIV) card readers in the area of performance and communications characteristics to foster interoperability. This document is not intended to re-state or

Managing Enterprise Risk in Today's World of Sophisticated Threats: A Framework for Developing Broad-based, Cost-effective Information Security Programs

December 28, 2006

Author(s)

Ronald S. Ross

The Federal Information Security Management Act of 2002 places significant requirements on federal agencies for the protection of information and information systems including those systems comprising the critical infrastructure of the United States. The

Maintaining Effective Information Technology (IT) Security Through Test, Training, and Exercise Programs

December 19, 2006

Author(s)

Shirley M. Radack

This bulletin summarizes the information provided in NIST SP 800-84, concerning the need to design, develop, conduct, and evaluate Test, Training, and Exercise (TT&E) activities. The bulletin provides information on how organizations can prepare for

Recommended Security Controls for Federal Information Systems

December 19, 2006

Author(s)

Ronald S. Ross, Stuart W. Katzke, L A. Johnson, Marianne M. Swanson, G Stoneburner, G Rogers

[Superseded by NIST SP 800-53 Revision 2 (December 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=51351] The purpose of this publication is to provide guidelines for selecting and specifying security controls for information systems

Information Security Handbook: A Guide for Managers

December 1, 2006

Author(s)

Pauline Bowen, Joan Hash, Mark Wilson

This Information Security Handbook provides a broad overview of information security program elements to assist managers in understanding how to establish and implement an information security program. Typically, the organization looks to the program for

Recommendation for Obtaining Assurances for Digital Signature Applications

November 30, 2006

Author(s)

Elaine B. Barker

Entities participating in the generation or verification of digital signatures depend on the authenticity of the process. This Recommendation specifies methods for obtaining the assurances necessary for valid digital signatures: assurance of domain

Guide to Securing Computers Using Windows XP Home Edition

November 22, 2006

Author(s)

Shirley M. Radack

This bulletin summarizes the information provided in NIST SP 800-69 concerning the need to secure Windows XP Home Edition computers, and discusses the security protections that are available to reduce weaknesses, protect privacy, stop attacks and preserve

Specification for the Extensible Configuration Checklist Description Format (XCCDF), Version 1.1

November 1, 2006

Author(s)

Neal Ziring, Timothy Grance

This document specifies the data model and XML representation for the Extensible Configuration Checklist Description Format (XCCDF). An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF

RFID Security: A Taxonomy of Risk

October 27, 2006

Author(s)

A Karygiannis, T. Phillips, A. Tsibertzopoulos

Radio Frequency Indentification (RFID) and other automated identification technologies (AIT) are being used by government and industry to replace barcodes and existing pen and paper processes in areas such as asset tracking, toll collection, supply chain

Log Management: Using Computer and Network Records to Improve Information Security

October 25, 2006

Author(s)

Shirley M. Radack

NIST SP 800-92 helps organizations develop, implement and maintain effective processes for managing logs, which contain information about specific events occurring within information technology (IT) systems and networks. The information is recorded in logs

An Ontology of Identity Credentials Part 1: Background and Formulation

October 6, 2006

Author(s)

William I. MacGregor

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation s measurement and standards infrastructure. ITL develops

Programmable Active Services for SIP

October 1, 2006

Author(s)

Jean Deruelle, Mudumbai Ranganathan, Douglas C. Montgomery

We have implemented a quantum key distribution (QKD) system with polarization encoding at 850 nm over 1 km of optical fiber. The high-speed management of the bit-stream, generation of random numbers and processing of the sifting algorithm are all handled

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

October 1, 2006

Author(s)

Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Okhee Kim, David R. Kuhn

We present a detailed study of the potential impact of BGP peering session attacks and the resulting exploitation of Route Flap Damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic

Assessment of Access Control Systems

September 29, 2006

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn

Access control is perhaps the most basic aspect of computer security. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. In many systems access control takes the form of a simple password

Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist

September 29, 2006

Author(s)

Karen A. Scarfone, Murugiah Souppaya, John Connor

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Forensic Techniques: Helping Organizations Improve Their Responses to Information Security Incidents

September 27, 2006

Author(s)

Shirley M. Radack

This bulletin explains the need for the use of digital forensic techniques, which can help organizations respond more effectively to information security incidents, and protect the confidentially, integrity and availability of their information and systems

Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities

September 21, 2006

Author(s)

Timothy Grance, Tamara Nolan, Kristin Burke, Rich Dudley, Gregory White, Travis Good

Guide to Computer Security Log Management

September 13, 2006

Author(s)

Karen A. Scarfone, Murugiah Souppaya

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Guide to Integrating Forensic Techniques into Incident Response

September 1, 2006

Author(s)

Timothy Grance, Suzanne Chevalier, Karen A. Scarfone, Hung Dang

This publication is intended to help organizations in investigating computer security incidents and troubleshooting some information technology (IT) operational problems by providing practical guidance on performing computer and network forensics. The

Guidelines for Media Sanitization

September 1, 2006

Author(s)

Richard L. Kissel, Matthew A. Scholl, Steven Skolochenko, Xiang Li

Information systems capture, process, and store information using a wide variety of media. This information is located not only on the intended storage media but also on devices used to create, process, or transmit this information. These media may require

Personal Identity Verification Demonstration Summary

August 31, 2006

Author(s)

Erika McCallister, Hildegard Ferraiolo

This paper provides a summary of the NIST Personal Identity Verification (PIV) Demonstration. The PIV Demonstration took place from May 15 to June 14, 2006. Forty-four companies voluntarily participated through a Cooperative Research and Development

Protecting Sensitive Information Processed and Stored in Information Technology (IT) Systems

August 30, 2006

Author(s)

Shirley M. Radack

This bulletin explains the need for media sanitization, which is the process for removing confidential data from storage media, with reasonable assurance that the data cannot be retrieved and reconstructed. NIST recommendations to help organizations and

Concrete Multiplicative Complexity of Symmetric Functions

August 1, 2006

Author(s)

Joan Boyar, Rene Peralta

The multiplicative complexity of a Boolean function f is defined as the minimum number of binary conjunction (AND) gates required to construct a circuit representing f, when only exclusive-or, conjunction and negation gates may be used. This article

5th Annual PKI R&D Workshop "Making PKI Easy to Use" Proceedings

July 18, 2006

Author(s)

William T. Polk, Nelson E. Hastings, Kent Seamons

NIST hosted the fifth annual Public Key Infrastructure (PKI) Research Workshop on April 4-6, 2006. The two and a half day event brought together PKI experts from academia, industry, and government to explore the remaining challenges in deploying public key

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive