Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1276 - 1300 of 1431

A Method for Visualizing and Managing Role-Based Policies on Identity-Based Systems

July 27, 2000

Author(s)

David F. Ferraiolo, Serban I. Gavrila

In recent years, numerous commercial and experimental Role-Based Access Control (RBAC) implementations have emerged. Central to several of these RBAC systems are administrative facilities for displaying and managing user/role and role/privileges, and their

Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks

July 27, 2000

Author(s)

Ramaswamy Chandramouli

The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the research community. In this paper we develop an XML Document Type Definition (DTD) for

The NIST Model for Role-Based Access Control: Towards a Unified Standard

July 26, 2000

Author(s)

R. Sandhu, David F. Ferraiolo, D. Richard Kuhn

This paper describes a unified model for role-based access control (RBAC). RBAC is a proven technology for large-scale authorization. However, lack of a standard model results in uncertainty and confusion about its utility and meaning. The NIST model seeks

CIO Cyber Security Notes

July 19, 2000

Author(s)

J E. Frye

The CIO Cyber Security Notes will be published six times a year and distributed to the senior-level CIOs and senior-level executives within the Federal government. Its purpose is to heighten awareness of cyber security trends and issues. It will report

Identifying Critical Patches With ICAT

July 1, 2000

Author(s)

Peter M. Mell

[For the latest information on vulnerabilities, see the National Vulnerability Database, nvd.nist.gov]The NIST computer security division has created a searchable index containing 700 of the most important computer vulnerabilities. This index, called the

Mitigating Emerging Hacker Threats

June 28, 2000

Author(s)

Peter M. Mell, John P. Wack

[For the latest information on vulnerabilities, see the National Vulnerability Database, nvd.nist.gov] It seems that every week, computer security organizations are issuing press releases concerning the latest hacker attack. Some sound dangerous, like the

Public Key Infrastructures for the Financial Services Industry

June 21, 2000

Author(s)

William E. Burr, K L. Lyons-Burke

This paper addresses how financial institutions can use a Public Key Infrastructure (PKI) and some of the problems they may face in the process. PKI is an emerging cryptographic technology that is badly needed to realize the potential of information

Randomness Testing of the Advanced Encryption Standard Finalist Candidates

April 1, 2000

Author(s)

Juan Soto, Lawrence E. Bassham

Mars, RC6, Rijndael, Serpent and Twofish were selected as finalists for the Advanced Encryption Standard (AES). To evaluate the finalists' suitability as random number generators, empirical statistical testing is commonly employed. Although it widely

Security Implementations of Active Content

March 30, 2000

Author(s)

Wayne Jansen, Athanasios T. Karygiannis

Active content documents offer several benefits to both the users of these documents and their authors. Java applets, JavaScript, and ActiveX provide more functionality to static Web pages, plug-ins enable browsers to support new types of content

A Comparison of the SSE-CMM and NVLAP IT Security Testing

February 16, 2000

Author(s)

R J. Medlock

This paper describes the general accreditation requirements of the NIST National Voluntary Laboratory Accreditation Program (NVLAP) and the specific accreditation requirements for the Cryptographic Module Testing (CMT) and Common Criteria Testing (CCT)

Digital Signature Standard (DSS)

January 27, 2000

Author(s)

Elaine B. Barker

[Superseded by FIPS 186-3 (June 2009): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=902984] This standard specifies a suite of algorithms which can be used to generate a digital signature. Digital signatures are used to detect unauthorized

A Resource Access Decision Service for CORBA-Based Distributed Systems

December 9, 1999

Author(s)

Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley

Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access

CSPP--Guidance for COTS Security Protection Profiles (Formerly: CS2 - Protection Profile Guidance for Near-Term COTS) Version 1.0

December 1, 1999

Author(s)

G Stoneburner

CSPP provides the guidance necessary to develop compliant Common Criteria protection profiles for near-term, achievable, security baselines using commercial off-the-shelf (COTS) information technology. CSPP accomplishes this purpose by:--describing a

Report on the NIST Java TM AES Candidate Algorithm Analysis

November 25, 1999

Author(s)

James F. Dray Jr.

NIST solicited candidate algorithms for the Advanced Encryption Standard in a Federal Register Announcement dated September 12, 1997. Fifteen candidates were submitted, and NIST has subsequently worked with a worldwide community of cryptanalysts and

Status Report on the First Round of the Development of the Advanced Encryption Standard

November 17, 1999

Author(s)

James R. Nechvatal, Elaine B. Barker, Donna F. Dodson, Morris J. Dworkin, James Foti, E Roback

In 1997, the National Institute of Standards and Technology (NIST) initiated a process to select a symmetric-key encryption algorithm to be used to protect sensitive (unclassified) Federal Information, in furtherance of NIST's statutory responsibilities

Acquiring and Deploying Intrusion Detection Systems

November 16, 1999

Author(s)

Peter M. Mell

This ITL Bulletin provides basic information about intrusion detection systems (IDSs) to help organizations avoid common pitfalls in acquiring, deploying, and maintaining IDSs.

Guideline for Implementing Cryptography in the Federal Government

November 1, 1999

Author(s)

Annabelle Lee

[Superseded by SP 800-21 Second edition (December 2005): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150421] The purpose of this document is to provide guidance to Federal agencies on how to select cryptographic controls for protecting

Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures

October 29, 1999

Author(s)

Sharon S. Keller

The National Institute of Standards and Technology (NIST) Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS) specifies the procedures involved in validating implementations of the Triple DES algorithm in ANSI X9.52 - 1998

Supporting Relationships in Access Control Using Role Based Access Control

October 29, 1999

Author(s)

John Barkley, Konstantin Benznosov, Jinny Uppal

The Role Based Access Control (RBAC) model and mechanism have proven to be useful and effective. This is clear from the many RBAC implementations in commercial products. However, there are many common examples where access decisions must include other

Towards a Measurement Technique for Risk Management

October 20, 1999

Author(s)

D G. Marks

The field of computer security is impeded by a lack of objective, quantitative measures. As a result, most systems, whether theoretical or actual, attempt to avoid, rather than manage, risk. Risk management requires looking at the complete protect, detect

Statistical Testing of Random Number Generators

October 19, 1999

Author(s)

D L. Banks

Random Number Generators (RNGs) are an important building block for algorithms and protocols in cryptography. They are paramount in the construction of encryption keys and other cryptographic algorithm parameters. In practice, statistical testing is

Status of the Advanced Encryption Standard (AES) Development Effort

October 19, 1999

Author(s)

James Foti

The purpose of this presentation will be to articulate the status of NIST=s Advanced Encryption Standard (AES) development effort. This presentation will include a description of the overall AES development effort, a summary of comments and analysis from

Understanding the World of Your Enemy With I-CAT (Internet-Categorization of Attacks Toolkit)

October 19, 1999

Author(s)

Peter M. Mell

Security professionals need to understand the attacks and vulnerabilities utilized by hackers to penetrate and shut down computer systems. However, security companies that collect such knowledge share very little of it with the general security community

Applying Mobile Agents to Intrusion Detection and Response

October 1, 1999

Author(s)

Wayne Jansen, Tom T. Karygiannis, D G. Marks, Peter M. Mell

Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This report is an initial

Mobile Agent Security

October 1, 1999

Author(s)

Wayne Jansen, Athanasios T. Karygiannis

Mobile agent technology offers a new computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfer itself to another agent-enabled host on the network, and resume execution on the new host

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive