U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Karen Scarfone (Ctr)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 51 - 75 of 146

Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

June 25, 2019
Author(s)
Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, Ellen M. Nadeau, Benjamin M. Piccarreta, Danna G. O'Rourke, Karen A. Scarfone
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT

Guide to Industrial Control Systems (ICS) Security - Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC)

June 7, 2011
Author(s)
Keith A. Stouffer, Joseph A. Falco, Karen A. Scarfone
NIST Special Publication (SP) 800-82, Guide to Industrial Control Systems (ICS) Security, provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems

Intrusion Detection and Prevention Systems

October 22, 2010
Author(s)
Karen A. Scarfone, Peter M. Mell
Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents. An intrusion detection and prevention system (IDPS) is software that automates the intrusion detection

Guide to Securing WiMAX Wireless Communications

September 30, 2010
Author(s)
Karen A. Scarfone, Cyrus Tibbs, Matt Sexton
The purpose of this document is to provide information to organizations regarding the security capabilities of wireless communications using WiMAX networks and to provide recommendations on using these capabilities. WiMAX technology is a wireless

Guide to Adopting and Using the Security Content Automation Protocol (SCAP), Version 1.0

July 27, 2010
Author(s)
Stephen D. Quinn, Karen A. Scarfone, Matthew P. Barrett, Christopher S. Johnson
The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It

An Analysis of CVSS Version 2 Vulnerability Scoring

October 14, 2009
Author(s)
Karen A. Scarfone, Peter M. Mell
The Common Vulnerability Scoring System (CVSS) is a specification that is used to measure the relative severity of software vulnerabilities. CVSS version 2, which was finalized in June 2007, was designed to address several deficiencies discovered during

System and Network Security Acronyms and Abbreviations

September 30, 2009
Author(s)
Karen A. Scarfone, Victoria Thompson
This report contains a list of selected acronyms and abbreviations for system and network security terms with their generally accepted or preferred definitions. It is intended as a resource for Federal agencies and other users of system and network