U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1326 through 1350 of 13539 matching records.
Publications SP 800-87 Rev. 2 April 19, 2018
https://csrc.nist.rip/publications/detail/sp/800-87/rev-2/final

Abstract: This document provides the organizational codes for federal agencies to establish the Federal Agency Smart Credential Number (FASC-N) that is required to be included in the FIPS 201 Card Holder Unique Identifier. SP 800-87 is a companion document to FIPS 201.

Publications Journal Article April 16, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/bad-security-metrics-part-2-solutions

Journal: IT Professional Abstract: This two-part series focuses on defining the problem of questionable metrics conceptually and revealing a path forward for improving both security metrics and how people use them.

Publications White Paper NIST CSWP 6 April 16, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/04/16/cybersecurity-framework-v11/final

Abstract: This publication describes a voluntary risk management framework (“the Framework”) that consists of standards, guidelines, and best practices to manage cybersecurity-related risk.  The Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience...

Publications SP 800-56A Rev. 3 April 16, 2018
https://csrc.nist.rip/publications/detail/sp/800-56a/rev-3/final

Abstract: This Recommendation specifies key-establishment schemes based on the discrete logarithm problem over finite fields and elliptic curves, including several variations of Diffie-Hellman and Menezes-Qu-Vanstone (MQV) key establishment schemes.

Publications Journal Article April 16, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/a-software-assurance-reference-dataset

Journal: Journal of Research of the National Institute of Standards and Technology Abstract: The Software Assurance Reference Dataset (SARD) is a growing collection of over 170 000 programs with precisely located bugs. The programs are in C, C++, Java, PHP, and C# and cover more than 150 classes of weaknesses, such as SQL injection, cross-site scripting (XSS), buffer overflow, and use of a...

Publications Conference Proceedings April 10, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/04/10/combinatorial-security-testing-course

Conference: Hot Topics in the Science of Security Abstract: Combinatorial methods have attracted attention as a means of providing strong assurance at reduced cost, but when are these methods practical and cost-effective? This tutorial comprises two parts. The first introductory part will briefly explain the background, process, and tools available for combi...

Publications Conference Proceedings April 10, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/04/10/what-proportion-of-vulns-attributed-to-ordinary-coding-errors

Conference: Hot Topics in the Science of Security Abstract: The analysis reported in this poster developed from questions that arose in discussions of the Reducing Software Vulnerabilities working group, sponsored by the White House Office of Science and Technology Policy in 2016 [1]. The key question we sought to address is the degree to which vulnerabiliti...

Publications NISTIR 8179 April 9, 2018
https://csrc.nist.rip/publications/detail/nistir/8179/final

Abstract: In the modern world, where complex systems and systems-of-systems are integral to the functioning of society and businesses, it is increasingly important to be able to understand and manage risks that these systems and components may present to the missions that they support. However, in the world o...

Publications Conference Proceedings April 9, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/04/09/hferp---a-new-multivariate-encryption-scheme

Conference: 9th International Conference on Post-Quantum Cryptography (PQCrypto 2018) Abstract: In 2016, Yasuda et al. presented a new multivariate encryption technique based on the Square and Rainbow primitives and utilizing the plus modifier that they called SRP. The scheme achieved a smaller blow-up factor between the plaintext space and ciphertext space than most recent multivariate e...

Publications Conference Proceedings April 8, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/04/08/improved-cryptanalysis-of-hfev--via-projection

Conference: 9th International Conference on Post-Quantum Cryptography (PQCrypto 2018) Abstract: The HFEv- signature scheme is one of the most studied multivariate schemes and one of the major candidates for the upcoming standardization of post-quantum digital signature schemes. In this paper, we propose three new attack strategies against HFEv-, each of them using the idea of projection. Espec...

Publications Journal Article April 3, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/multiplicative-complexity-of-6-variable-boolean-functions

Journal: Cryptography and Communications Abstract: The multiplicative complexity of a Boolean function is the minimum number of two-input AND gates that are necessary and sufficient to implement the function over the basis (AND, XOR, NOT). Finding the multiplicative complexity of a given function is computationally intractable, even for functions wi...

Publications ITL Bulletin March 27, 2018
https://csrc.nist.rip/publications/detail/itl-bulletin/2018/03/safeguards-for-securing-virtualized-servers/final

Abstract: This bulletin summarizes the information found in NIST SP 800-125A: Security Recommendations for Hypervisor Deployment on Servers, which provides technical guidelines regarding the secure execution of baseline functions of the hypervisor and are therefore agnostic to the hypervisor architecture.

Publications Conference Proceedings March 26, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/03/26/testing-iot-systems

Conference: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE) Abstract: This article presents challenges and solutions to testing systems based on the underlying products and services commonly referred to as the Internet of ‘things’ (IoT).

Publications Journal Article March 24, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/small-low-depth-circuits-for-cryptographic-applications

Journal: Cryptography and Communications Abstract: We present techniques to obtain small circuits which also have low depth. The techniques apply to typical cryptographic functions, as these are often specified over the field G F(2), and they produce circuits containing only AND, XOR and XNOR gates. The emphasis is on the linear components...

Publications Journal Article March 23, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/surviving-unpatchable-vulns-multi-option-network-hardening

Journal: Journal of Computer Security Abstract: The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities, and how to improve the network’s resilience against potentially unknown vulnerabilities. To this end, network hardening is a well-known...

Publications SP 800-160 Vol. 1 March 21, 2018
https://csrc.nist.rip/publications/detail/sp/800-160/vol-1/final

Abstract: With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local governments, the military, businesses, and the critical infrastructure, the need for trustworthy secure systems has never been more important to t...

Publications Conference Proceedings March 21, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/03/21/a-system-for-centralized-abac-policy-administration

Conference: Third ACM Workshop on Attribute-Based Access Control (ABAC'18) Abstract: We describe a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions regarding those policies for protection of resource repositories in host systems using their native Access Control List (ACL) mechanisms. The method is founded on th...

Publications Journal Article March 19, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/local-randomness-examples-and-application

Journal: Physical Review A Abstract: When two players achieve a superclassical score at a nonlocal game, their outputs must contain intrinsic randomness. This fact has many useful implications for quantum cryptography. Recently it has been observed [C. Miller and Y. Shi, Quantum Inf. Computat. 17, 0595 (2017)] that such scores also imp...

Publications SP 500-325 March 14, 2018
https://csrc.nist.rip/publications/detail/sp/500-325/final

Abstract: Managing the data generated by Internet of Things (IoT) sensors and actuators is one of the biggest challenges faced when deploying an IoT system.  Traditional cloud-based IoT systems are challenged by the large scale, heterogeneity, and high latency witnessed in some cloud ecosystems. One solu...

Publications White Paper March 1, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/03/01/energy-sector-asset-management/final

Abstract: Industrial control systems (ICS) comprise a core part of our nation’s critical infrastructure. Energy sector companies rely on ICS to generate, transmit, and distribute power and to drill, produce, refine, and transport oil and natural gas. There are a wide variety of ICS assets, such as supervisory...

Publications ITL Bulletin February 27, 2018
https://csrc.nist.rip/publications/detail/itl-bulletin/2018/02/securing-information-through-post-quantum-cryptography/final

Abstract: In recent years, there has been a substantial amount of research on quantum computers - machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will compromis...

Publications Journal Article February 27, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/could-iot-be-used-to-enhance-experiences-in-disaster-sims

Journal: Online Journal of Nursing Informatics Abstract: The Internet of Things (IoT) promises to create many opportunities for enhancing human lives, particularly, in healthcare. In this paper we illustrate how an IoT enabled tracking system can help in a special kind of healthcare setting, that is, in the case of a disaster. We briefly describe the disa...

Publications Conference Paper February 18, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/02/18/user-context-an-explanatory-variable-in-phishing-susceptibility

Conference: Workshop on Usable Security (USEC) 2018 Abstract: Extensive research has been performed to examine the effectiveness of phishing defenses, but much of this research was performed in laboratory settings. In contrast, this work presents 4.5 years of workplace-situated, embedded phishing email training exercise data, focusing on the last three phishin...

Publications SP 800-70 Rev. 4 February 15, 2018
https://csrc.nist.rip/publications/detail/sp/800-70/rev-4/final

Abstract: A security configuration checklist is a document that contains instructions or procedures for configuring an information technology (IT) product to an operational environment, for verifying that the product has been configured properly, and/or for identifying unauthorized changes to the product. Usi...

Publications Journal Article February 14, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/computer-science-in-education-2018

Journal: IT Professional Abstract: Six senior computer science educators answer questions about the current state of computer science education, software engineering, and licensing software engineers.

<< first   < previous   42     43     44     45     46     47     48     49     50     51     52     53     54     55     56     57     58     59     60     61     62     63     64     65     66  next >  last >>