Search Publications

NIST Authors in Bold

Displaying 1 - 25 of 112

Translating Natural Language Specifications into Access Control Policies by Leveraging Large Language Models

January 16, 2025

Author(s)

Sherifdeen Lawal, Xingmeng Zhao, Anthony Rios, Ram Krishnan, David Ferraiolo

This paper investigates the application of large language models (LLMs) for the automated translation and information extraction of access control policies from a natural language source. Prior research in this domain have predominantly relied on manual

LogicDetect: Real-Time Detection of Faults in Access Control Policy with Logic Circuits

July 25, 2024

Author(s)

Yatish Dubasi, Vincent C. Hu, Qinghua Li, Jia Di

Ensuring the correctness of access control (AC) policies is crucial for system security, particularly for complex systems with numerous subjects, objects, roles, and actions. However, crafting errorfree policies becomes increasingly challenging due to the

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

July 15, 2024

Author(s)

Hildegard Ferraiolo, Andrew Regenscheid

Federal Information Processing Standard 201-3 (FIPS 201-3) defines the requirements for Personal Identity Verification (PIV) life cycle activities, including identity proofing, registration, PIV Card issuance, and PIV Card usage. FIPS 201-3 also defines

Interfaces for Personal Identity Verification Part 1 - PIV Card Application Namespace, Data Model, and Representation

July 15, 2024

Author(s)

Hildegard Ferraiolo, Ketan Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Sarbari Gupta

FIPS 201 defines the requirements and characteristics of government-wide interoperable identity credentials for use in applications that provide access to federally controlled facilities and information systems. FIPS 201 supports multiple types of

Interfaces for Personal Identity Verification Part 2 - PIV Card Application Card Command Interface

July 15, 2024

Author(s)

Hildegard Ferraiolo, Ketan Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Sarbari Gupta

Interfaces for Personal Identity Verification Part 3 - PIV Client Application Programming Interface

July 15, 2024

Author(s)

Hildegard Ferraiolo, Ketan Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Sarbari Gupta

Planning a Zero Trust Architecture: A Starting Guide for Federal Administrators

May 6, 2022

Author(s)

Scott Rose

NIST Special Publication 800-207 defines zero trust is a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to network identities, endpoints, and data flows. Input and cooperation from

Basic Cybersecurity Recommendations for HVAC Systems- Passwords

April 1, 2022

Author(s)

Michael Galler

Cybersecurity has been a topic of increasing importance for several years. While fully securing a large and complex system can be very complicated, there are some basic precautions that can easily be applied to any system, and some basic precautions that

Personal Identity Verification (PIV) of Federal Employees and Contractors

January 24, 2022

Author(s)

National Institute of Standards and Technology (NIST), Hildegard Ferraiolo, Andrew Regenscheid, Salvatore Francomacaro, David Cooper, Ketan Mehta, Annie W. Sokol, David Temoshok, Gregory Fiumara, Justin Richer, James L. Fenton, Johnathan Gloster, nabil anwer

FIPS 201 establishes a standard for a Personal Identity Verification (PIV) system (Standard) that meets the control and security objectives of Homeland Security Presidential Directive-12 (HSPD-12). It is based on secure and reliable forms of identity

Mobile Application Single Sign-On: Improving Authentication for Public Safety FirstResponders

August 25, 2021

Author(s)

Bill Fisher, Paul A. Grassi

On-demand access to public safety data is critical to ensuring that public safety and first responders (PSFRs) can protect life and property during an emergency. This public safety information, often needing to be accessed via mobile or portable devices

NIST Test Personal Identity Verification (PIV) Cards Version 2

April 2, 2021

Author(s)

David Cooper

In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, NIST has developed a set of test PIV Cards and a supporting public key infrastructure (PKI). This set of test cards includes

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

March 15, 2021

Author(s)

Joanna DeFranco, David F. Ferraiolo, D. Richard Kuhn, Joshua D. Roberts

Sharing data between different organizations is a challenge primarily due to database management systems (DBMSs) being different types that impose different schemas to represent and retrieve data. In addition, maintaining security and privacy is a concern

Apply Quantum Search to the Safety Check for Mono Operational Attribute Based Protection Systems

February 5, 2021

Author(s)

Vincent C. Hu

Interrelated computing device's system such as IoT, RFID, or edge device's systems are pervasively equipped for today's information application and service systems, protecting them from unauthorized access i.e. safety is critical, because a breach from the

General Access Control Guidance for Cloud Systems

July 31, 2020

Author(s)

Chung Tong Hu, Michaela Iorga, Wei Bao, Ang Li, Qinghua Li, Antonios Gouglidis

This document presents cloud access control characteristics and a set of general access control guidance for cloud service models: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service). Different service

Evolving Advanced Persistent Threat Detection Using Provenance Graph and Metric Learning

June 29, 2020

Author(s)

Gbadebo Ayoade, Khandakar A. Akbar, Pracheta Sahoo, Yang Gao, Anoop Singhal, Kangkook Jee, Latifur Khan, Anmol Agarwal

Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nationstates and sophisticated corporations to obtain high profile information. Typically, APT attacks are more challenging to detect since they

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

January 14, 2020

Author(s)

Loic D. Lesavre, Priam C. Varin, Peter M. Mell, Michael S. Davidson, James Shook

Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive