Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1101 - 1125 of 1509

A Complete Guide to the Common Vulnerability Scoring System Version 2.0

July 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Sasha Romanosky

The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. CVSS consists of three groups: Base, Temporal and Environmental. Each group produces a numeric score ranging

CVSS-SIG Version 2 History

July 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Gavin Reid

This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendices

Border Gateway Protocol Security

July 26, 2007

Author(s)

Shirley M. Radack

The Border Gateway Protocol (BGP) plays a critical role in the effective operation of the Internet. BGP is used to update routing information between major systems, which makes it possible for systems connected to the Internet to receive and transmit

Conformance Checking of Access Control Policies Specified in XACML

July 24, 2007

Author(s)

Vincent C. Hu, Evan Martin, Tao Xie

Access control is one of the most fundamental and widely used security mechanisms. Access control mechanisms control which principals such as users or processes have access to which resources in a system. To facilitate managing and maintaining access

Border Gateway Protocol Security

July 17, 2007

Author(s)

D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery

This document introduces the Border Gateway Protocol (BGP), explains its importance to the internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly all

NIST Delivers Strong and Flexible Security Standards Managing Enterprise Risk in a World of Sophisticated Cyber Threats

July 9, 2007

Author(s)

Ronald S. Ross

This article summarizes the fundamental concepts of the FISMA project and reinforces the core principles that have guided the project from its initiation in 2003.

Forensic Techniques for Cell Phones

June 27, 2007

Author(s)

Shirley M. Radack

The data that is captured on mobile phones can be a source of valuable information to organizations that are investigating crimes, policy violations and other security incidents. The science of recovering digital evidence from mobile phones, using

Securing Radio Frequency Identification (RFID) Systems

May 17, 2007

Author(s)

Karen A. Scarfone

Radio frequency identification (RFID) is a form of automatic identification and data capture technology that uses electric or magnetic fields at radio frequencies to transmit information. An RFID system can be used to identify many types of objects, such

Access Control Policy Combinations for the Grid Using the Policy Machine

May 14, 2007

Author(s)

Vincent C. Hu, David F. Ferraiolo, Karen A. Scarfone

Many researchers have tackled the architecture and requirements aspects of grid security, concentrating on the authentication or authorization mediation instead of authorization techniques, especially the topic of policy combination. Policy combination is

Specification for the Extensible Configuration Checklist Description Format (XCCDF), Version 1.1.3

April 30, 2007

Author(s)

Neal Ziring, Stephen Quinn

The Cyber Security Research and Development Act of 2002 tasks the National Institute of Standards and Technology (NIST) to "develop, and revise as necessary, a checklist setting forth settings and option selections that minimize the security risks

Specification-Driven Testing of Smart Card Interface Using a Formal Model

April 30, 2007

Author(s)

Ramaswamy Chandramouli, Mark Blackburn

Model-Driven Engineering (MDE) is emerging as a promising approach that uses models to support various phases of system development lifecycle such as Code Generation and Verification/Validation (V &V). In this paper, we describe the application of a model

Securing Wireless Networks

April 26, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST to assist organizations in establishing and maintaining robust security for wireless local area networks (WLAN) using the new security features that were developed for IEEE 802.11i. Topics

A Power Management Proxy With a New Best-of-N Bloom Filter Design to Reduce False Positives

April 12, 2007

Author(s)

Miguel Jimeno, K Christensen, Allen L. Roginsky

Bloom filters are a probabilistic data structure used to evaluate set membership. A group of hash functions are used to map elements into a Bloom filter and to test elements for membership. In this paper, we propose using multiple groups of hash functions

Guidelines for Securing Radio Frequency Identification (RFID) Systems

April 6, 2007

Author(s)

Tom T. Karygiannis, Bernard Eydt, Greg Barber, Lynn Bunn, T. Phillips

This publication seeks to assist organizations in understanding the risks of RFID technology and security measures to mitigate those risks. It provides practical, real-world advice on how to initiate, design, implement and operate RFID systems in a manner

A Power Management Proxy with a New Best-of-N Bloom Filter Design to Reduce False Positives

April 2, 2007

Author(s)

Miguel Jimeno, Allen L. Roginsky, K Christensen

Improving the Security of Electronic Mail: Updated Guidelines Issued by NIST

March 28, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST to assist organizations in designing, implementing and operating email systems that are secure. Topics covered in the bulletin include a description of the contents and the appendices of the

Cell Phone Forensic Tools: An Overview and Analysis Update

March 21, 2007

Author(s)

Richard Ayers, Wayne Jansen, Aurelien M. Delaitre, Ludovic Moenner

Cell phones and other handheld devices incorporating cell phone capabilities (e.g., Personal Digital Assistant (PDA) phones) are ubiquitous. Rather than just placing calls, certain phones allow users to perform additional tasks such as SMS (Short Message

Computer Security Division 2006 Annual Report

March 21, 2007

Author(s)

Tanya L. Brewer, Kevin M. Stine

This report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during the Fiscal Year 2006. It discusses all projects and programs within the Division, staff highlights, and publications. For

Recommendation for Pair-Wise Key Establishment Using Discrete Logarithm Cryptography (Revised)

March 14, 2007

Author(s)

Elaine B. Barker, Don Johnson, Miles E. Smid

[Superseded by SP 800-56A Rev. 2 (May 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913431] This Recommendation provides the specifications of key establishment schemes that are appropriate for use by the U.S. Federal Government

Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised)

March 14, 2007

Author(s)

Elaine B. Barker, John M. Kelsey

[Superseded by SP 800-90A (January 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=910345] This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on either

Codes for the Identification of Federal and Federally-Assisted Organizations (NIST SP 800-87 v1.0, March 2007 edition)

March 7, 2007

Author(s)

William C. Barker, Hildegard Ferraiolo

[Superseded by SP 800-87 Rev. 1 (April 2008): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152125] The Homeland Security Presidential Directive HSPD-12 called for new standards to be adopted governing the interoperable use of identity

Recommendation for Key Management - Part 1: General (Revised) (March 2007 edition)

March 1, 2007

Author(s)

Elaine B. Barker, William C. Barker, William E. Burr, William T. Polk, Miles Smid

[Superseded by SP 800-57 Part 1 Rev. 3 (July 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=910342] This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and

Intrustion Detection and Prevention Systems

February 26, 2007

Author(s)

Shirley M. Radack

This bulletin summarizes the recommendations developed by NIST for organizations in the effective use of intrusion detection and prevention systems (IDPS). These software systems help organizations to monitor and analyze events occurring in their

Guide to Intrusion Detection and Prevention Systems (IDPS)

February 20, 2007

Author(s)

Karen A. Scarfone, Peter M. Mell

The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist

Guidelines on Electronic Mail Security

February 20, 2007

Author(s)

Miles C. Tracy, Wayne Jansen, Karen A. Scarfone, Jason Butterfield

This document was developed in furtherance of NIST's statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. The purpose of the publication is to recommend security practices for designing

Was this page helpful?

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive