U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 151 - 175 of 189

An Algorithm for Generating Very Large Covering Arrays

April 19, 2006
Author(s)
David R. Kuhn
This note describes a covering array algorithm that can be parallelized, making it possible to handle a much larger number of variables than other know algorithms. The algorithm trades test case optimization for speed ? it produces roughly 3% to 15% more

Autonomous System (AS) Isolation under Randomized BGP Session Attacks with RFD Exploitation

April 1, 2006
Author(s)
Kotikalapudi Sriram, Douglas Montgomery, Oliver Borchert, Okhee Kim, D. Richard Kuhn
BGP peering session attacks are known to drive routes into route flap damping (RFD) suppression states and thus cause isolations between autonomous systems (ASes) and destinations. We present a detailed study of the impact of BGP peering session attacks

Securing Voice Over IP Networks

May 27, 2005
Author(s)
T J. Walsh, D. Richard Kuhn
Voice over IP - the transmission of voice over traditional packet-switched IP networks - is one of the hottest trends in telecommunications. As with any new technology, VOIP introduces both opportunities and problems. Lower cost and greater flexibility are

Characterizing the Risks and Costs of BGP Insecurity/Security

March 1, 2005
Author(s)
Douglas Montgomery, Kotikalapudi Sriram, Oliver Borchert, Okhee Kim, D. Richard Kuhn
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Security Considerations for Voice Over IP Systems

January 1, 2005
Author(s)
David R. Kuhn, Thomas J. Walsh, S G. Fries
Voice over Internet Protocol (VOIP) refers to the transmission of speech across data-style networks. This form of transmission is conceptually superior to conventional circuit switched communication in many ways. However, a plethora of security issues are

Attack vs. Countermeasure Effectiveness (ACE): Modeling Tool for BGP

November 1, 2004
Author(s)
Kotikalapudi Sriram, Douglas Montgomery, D. Richard Kuhn
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Incorporating Subjective Risk Vales in BGP Attack Trees

November 1, 2004
Author(s)
D. Richard Kuhn, Kotikalapudi Sriram, Douglas Montgomery
We examine the performance of multimodal biometric authentication systems using state-of-the-art Commercial Off-the-Shelf (COTS) fingerprint and face biometric systems on a population approaching 1,000 individuals. Majority of prior studies of multimodal

Securing Voice Over Internet Protocol (IP) Networks

October 1, 2004
Author(s)
Thomas J. Walsh, David R. Kuhn
Voice over IP - the transmission of voice over traditional packet-switched IP networks - is one of the hottest trends in telecommunications. As with any new technology, VOIP introduces both opportunities and problems. Lower cost and greater flexibility are

Software Fault Complexity and Implications for Software Testing

June 16, 2004
Author(s)
D. Richard Kuhn, D Wallace, A M. Gallo
Exhaustive testing of computer software is intractable, but empirical studies of software failures suggest that testing can in some cases be effectively exhaustive. Data reported in this study and others show that software failures in a variety of domains

Vulnerabilities in Quantum Key Distribution Protocols

May 1, 2003
Author(s)
David R. Kuhn
Recently proposed quantum key distribution protocols are shown to be vulnerable to a classic man-in-the-middle attack using entangled pairs created by Eve. The attack could be applied to any protocol that relies on manipulation and return of entangled

Cost Effective Use of Formal Methods in Verification and Validation Foundations

October 1, 2002
Author(s)
D. Richard Kuhn, Ramaswamy Chandramouli, R W. Butler
Formal methods offer the promise of significant improvements in verification and validation, and may be the only approach capable of demonstrating the absence of undesirable system behavior. But it is widely recognized that these methods are expensive, and

Cost Effective Uses of Formal Methods in Verification and Validation

October 1, 2002
Author(s)
D. Richard Kuhn, Ramaswamy Chandramouli
Formal methods offer the promise of significant improvements in verification and validation, and may be the only approach capable of demonstrating the absence of undesirable system behavior. But it is widely recognized that these methods are expensive, and

Quantum Computing and Communication

June 28, 2002
Author(s)
Paul E. Black, David R. Kuhn, Carl J. Williams
A quantum computer, if built, will be to an ordinary computer as a hydrogen bomb is to gunpowder, at least for some types of computations. Today no quantum computer exists, beyond laboratory prototypes capable of solving only tiny problems, and many

Introduction to Public Key Technology and the Federal PKI Infrastructure

February 26, 2001
Author(s)
D. Richard Kuhn, Vincent C. Hu, William Polk, Shu-jen H. Chang
This publication was developed to assist agency decision-makers in determining if a PKI is appropriate for their agency, and how PKI services can be deployed most effectively within a Federal agency. It is intended to provide an overview of PKI functions

Security for Private Branch Exchange Systems

August 1, 2000
Author(s)
David R. Kuhn
This document provides an introduction to security for private branch exchange systems (PBXs). The primary audience is agency system administrators and others responsible for the installation and operation of PBX systems. Major threat classes are explained

The NIST Model for Role-Based Access Control: Towards a Unified Standard

July 26, 2000
Author(s)
R. Sandhu, David F. Ferraiolo, D. Richard Kuhn
This paper describes a unified model for role-based access control (RBAC). RBAC is a proven technology for large-scale authorization. However, lack of a standard model results in uncertainty and confusion about its utility and meaning. The NIST model seeks

Converting System Failure Histories Into Future Win Situations

January 7, 2000
Author(s)
D Wallace, David R. Kuhn
Most complex systems today contain software, and systems failures activated by software faults can provide lessons for software development practices and software quality assurance. This paper presents an analysis of software-related failures of medical

Lessons from 342 Medical Device Failures

November 17, 1999
Author(s)
D Wallace, David R. Kuhn
Today's highly complex systems often contain software. Lessons can be learned about softwaredevelopment and assurance concerning quality practices, from system failures activated bysoftware faults. This paper presents an analysis of failures of medical

Software Quality Lessons From Medical Device Failure Data

November 1, 1999
Author(s)
D Wallace, David R. Kuhn
Most complex systems today contain software, and systems failures activated by software faults can provide lessons for software development practices and software quality assurance. This report presents an analysis of 342 software-related failures of

Software Certification: Testing and Measurement

July 30, 1999
Author(s)
S A. Wakid, D. Richard Kuhn, D Wallace
The focus of this article is on cost effective processes for measuring conformance, dependability, and performance of software as three key attributes of its quality. This article discusses the application of principles of measurement science to software