Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1326 - 1350 of 1431

Information Technology Security Training Requirements: A Role- and Performance-Based Model

April 1, 1998

Author(s)

Mark Wilson, D E. deZafra, S I. Pitcher, J D. Tressler, J B. Ippolito

This document supersedes NIST 500-172, Computer Security Training Guidelines, published in 1989. The new document supports the Computer Security Act (Public Law 100-235) and OMB Circular A-130 Appendix III requirements that NIST develop and issue computer

Network Security Testing Using Mobile Agents

March 25, 1998

Author(s)

Athanasios T. Karygiannis

This paper describes a prototype security testing tool that is currently under development at NIST. This prototype tool uses autonomous mobile agents to perform distributed, fault-tolerant, and adaptive network security testing. The security testing

Management of Risks in Information Systems: Practices of Successful Organizations

March 19, 1998

Author(s)

Shirley M. Radack

This bulletin summarizes the findings of a U.S. General Accounting Office (GA)) study of the information security programs and management practices of eight non-federal organizations. The focus was on the management framework that the organizations had

Information Security and the World Wide Web (WWW)

February 12, 1998

Author(s)

Shirley M. Radack

This bulletin discusses some of the vulnerabilities and threats to information security that organizations may experience in their use of the Internet and the World Wide Web (WWW). Both Web server and Web browser software can introduce vulnerabilities

Modes of Operation Validation System (MOVS): Requirements and Procedures

February 1, 1998

Author(s)

Sharon S. Keller, Miles E. Smid

The National Institute of Standards and Technology (NIST) Modes of Operation Validation System (MOVS) specifies the procedures involved in validating implementations of the DES algorithm in FIPS PUB 46-2 , The Data Encryption Standard (DES) and the

Minimum Interoperability Specification for PKI Components (MISPC), Version 1

January 1, 1998

Author(s)

William E. Burr, Donna F. Dodson, William T. Polk, N Nazario

The Minimum Interoperability Specification for PKI Components (MISPC) supports interoperability for a large scale public key infrastructure (PKI) that issues, revokes and manages X.509 version 3 digital signature public key certificates and version 2

Internet Electronic Mail

November 25, 1997

Author(s)

Barbara Guttman, Robert H. Bagwill, Elizabeth B. Lennon

This ITL Bulletin summarizes a chapter of the draft Internet Security Policy: A Technical Guide. It describes email protocols, organization email policy, email problems, and solutions.

Comparing Simple Role Based Access Control Models and Access Control Lists

November 7, 1997

Author(s)

John Barkley

The RBAC metaphor is powerful in its ability to express access control policy in terms of the way in which administrators view organizations. The functionality of simple Role Based Access Control (RBAC) models are compared to access control lists (ACL). A

Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems

November 7, 1997

Author(s)

David R. Kuhn

Role based access control (RBAC) is attracting increasing attention as a security mechanism for both commercial and many military systems. Much of RBAC is fundamentally different from multi-level security (MLS) systems, and the properties of RBAC systems

Specifying and Managing Role-Based Access Control Within a Corporate Intranet

November 7, 1997

Author(s)

David F. Ferraiolo, John Barkley

In order for intranets to reach their full potential, access control and authorization management mechanisms must be in place that can regulate user access to information in a manner that is consistent with the current set of laws, regulations, and

Role Based Access Control for the World Wide Web

October 10, 1997

Author(s)

John Barkley, Anthony V. Cincotta, David F. Ferraiolo, Serban I. Gavrila, David R. Kuhn

One of the most challenging problems in managing large networked systems is the complexity of security administration. This is particularly true for organizations that AWeb (WWW) servers. Today, security administration is costly and prone to error because

Report on the TMACH Experiment

July 1, 1997

Author(s)

E Flahavin, G Eisen, S Hill, H Spindler, J Straw, A Webber

U.S. Government Activities to Protect the Information Infrastructure

April 28, 1997

Author(s)

Dennis D. Steinauer, Shirley M. Radack, Stuart W. Katzke

This paper is a survey of recent activities of the legislative and executive branches of the U.S. Government (and of some joint activities of government and industry) that involve the security of the evolving information infrastructure. Over the past few

Entity Authentication Using Public Key Cryptography

February 18, 1997

Author(s)

James Foti

[Withdrawn October 19, 2015] This standard specifies two challenge-response protocols by which entities in a computer system may authenticate their identities to one another. These may be used during session initiation, and at any other time that entity

Generally Accepted Principles and Practices for Securing Information Technology Systems

September 3, 1996

Author(s)

Marianne M. Swanson, Barbara Guttman

As more organizations share information electronically, a common understanding of what is needed and expected in securing information technology (IT) resources is required. This document provides a baseline that organizations can use to establish and

The TMACH Experiment Phase I - Preliminary Developmental Evaluation

June 1, 1996

Author(s)

E Flahavin

Distributed Communication Methods and Role-Based Access Control for Use in Health Care Applications

April 1, 1996

Author(s)

Joseph P. Poole, John Barkley, Kevin G. Brady, Anthony V. Cincotta, Wayne J. Salamon

The use of software in the health care industry is becoming of increasing importance. One of the major roadblocks to efficient health care is the fact that important information is distributed across many sites. These sites can be located across a

Role-Based Access Control (RBAC): Features and Motivations

December 15, 1995

Author(s)

David F. Ferraiolo, Janet A. Cugini, David R. Kuhn

The central notion of Role-Based Access Control (RBAC) is that users do not have discretionary access to enterprise objects. Instead, access permissions are administratively associated with roles, and users are administratively made members of appropriate

Implementing Role-Based Access Control Using Object Technology

December 1, 1995

Author(s)

John Barkley

With Role Based Access Control (RBAC), each role is associated with a set of operations which a user in that role may perform. The power of RBAC as an access control mechanism is the concept that an operation may theoretically be anything. This is

An Introduction to Computer Security: the NIST Handbook

October 2, 1995

Author(s)

Barbara Guttman, E Roback

This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of

Telecommunications Security Guidelines for Telecommunications Management Network

October 2, 1995

Author(s)

John Kimmins, Charles Dinkel, Dale Walters

This Telecommunication Security Guideline is intended to provide a security baseline for Network Elements (NEs) and Mediation Devices (MDs) that is based on commercial security needs. In addition, some National Security and Emergency Preparedness (NS/EP)

Secure Hash Standard (SHS)

April 17, 1995

Author(s)

Elaine B. Barker

[Superseded by FIPS 180-2(August 2002): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917976] This standard specifies a Secure Hash Algorithm (SHA-1) which can be used to generate a condensed representation of a message called a message

The Impact of the FCC's Open Network Architecture on NS/NP Telecommunications Security

February 1, 1995

Author(s)

Karen J. Olsen, John M. Tebbutt

A significant portion of National Security and Emergency Preparedness (NS/EP) telecommunications relies on the Public Switched Network (PSN). Therefore, NS/EP telecommunications is concerned with the protection of the PSN to ensure that telecommunications

Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls

December 1, 1994

Author(s)

John P. Wack, Lisa J. Carnahan

This document provides an overview of the Internet and security-related problems. It then provides an overview of firewall components and the general reasoning behind firewall usage. Several types of network access policies are described, as well as

Multi-Agency Certification and Accreditation (C&A) Process: A Worked Example

December 1, 1994

Author(s)

E Flahavin, Annabelle Lee

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive