U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1351 through 1375 of 13539 matching records.
Publications Journal Article February 14, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/bad-security-metrics-part-1-problems

Journal: IT Professional Abstract: This two-part series focuses on defining the problem of questionable metrics conceptually and revealing a path forward for improving both security metrics and how people use them.

Publications SP 800-126A February 14, 2018
https://csrc.nist.rip/publications/detail/sp/800-126a/final

Abstract: The Security Content Automation Protocol (SCAP) is a multi-purpose framework of component specifications that support automated configuration, vulnerability, and patch checking, security measurement, and technical control compliance activities. The SCAP version 1.3 specification is defined by the co...

Publications SP 800-126 Rev. 3 February 14, 2018
https://csrc.nist.rip/publications/detail/sp/800-126/rev-3/final

Abstract: The Security Content Automation Protocol (SCAP) is a suite of specifications that standardize the format and nomenclature by which software flaw and security configuration information is communicated, both to machines and humans. This publication, along with its annex (NIST Special Publication 800-1...

Publications White Paper February 7, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/02/07/data-integrity-identifying-and-protecting-assets-vs-ransomware/final

Abstract: Ransomware, destructive malware, insider threats, and even honest user mistakes present ongoing threats to organizations. Organizations’ data, such as database records, system files, configurations, user files, applications, and customer data, are all potential targets of data corruption, modificati...

Publications White Paper February 7, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/02/07/data-integrity-detecting-and-responding-to-ransomware/final

Abstract: Ransomware, destructive malware, insider threats, and even honest mistakes present an ongoing threat to organizations that manage data in various forms. Database records and structure, system files, configurations, user files, application code, and customer data are all potential targets of data cor...

Publications Journal Article February 6, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/keyring-models-an-approach-to-steerability

Journal: Journal of Mathematical Physics Abstract: If a measurement is made on one half of a bipartite system, then, conditioned on the outcome, the other half has a new reduced state. If these reduced states defy classical explanation—that is, if shared randomness cannot produce these reduced states for all possible measurements—the bipartite state...

Publications Journal Article January 31, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/educating-next-gen-computer-scientists

Journal: Computer (IEEE Computer) Abstract: Just as yeast, flour, water, and salt are to bread, algorithms, data structures, operating systems, database design, compiler design, and programming languages were computer science (CS) education's core ingredients in past years. Then, universities led the computer technology revolution by producin...

Publications ITL Bulletin January 29, 2018
https://csrc.nist.rip/publications/detail/itl-bulletin/2018/01/lte-based-mobile-communications/final

Abstract: This bulletin summarizes the information found in NIST SP 800-187: Guide to LTE Securtiy, which serves as a guide to the fundamentals of how LTE networks operate and explores the LTE security architecture.

Publications White Paper NIST CSWP 5 January 26, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/01/26/security-considerations-for-code-signing/final

Abstract: A wide range of software products (also known as code)—including firmware, operating systems, mobile applications, and application container images—must be distributed and updated in a secure and automatic way to prevent forgery and tampering. Digitally signing code provides both data integrity to p...

Publications Journal Article January 24, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/psst-can-you-keep-a-secret?

Journal: Computer (IEEE Computer) Abstract: The security of encrypted data depends not only on the theoretical properties of cryptographic primitives but also on the robustness of their implementations in software and hardware. Threshold cryptography introduces a computational paradigm that enables higher assurance for such implementations.

Publications White Paper January 23, 2018
https://csrc.nist.rip/publications/detail/white-paper/2018/01/23/securing-pacs-cybersecurity-for-healthcare/final

Abstract: Picture Archiving and Communication System (PACS) is defined by the Food and Drug Administration (FDA) as a Class II device that “provides one or more capabilities relating to the acceptance, transfer, display, storage, and digital processing of medical images. Its hardware components may include wo...

Publications SP 1800-6 January 19, 2018
https://csrc.nist.rip/publications/detail/sp/1800-6/final

Abstract: This document describes a security platform for trustworthy email exchanges across organizational boundaries. The project includes reliable authentication of mail servers, digital signatures and encryption of email, and binding cryptographic key certificates to sources and servers. The example solut...

Publications Conference Paper January 19, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/01/19/thermodynamic-analysis-of-classical--quantum-search-algorithms

Conference: Quantum Information Processing Abstract: We analyze the performance of classical and quantum search algorithms from a thermodynamic perspective, focusing on resources such as time, energy, and memory size. We consider two examples that are relevant to post-quantum cryptography: Grover’s search algorithm, and the quantum algorithm for colli...

Publications NISTIR 8112 January 12, 2018
https://csrc.nist.rip/publications/detail/nistir/8112/final

Abstract: This NIST Internal Report contains a metadata schema for attributes that may be asserted about an individual during an online transaction. The schema can be used by relying parties to enrich access control policies, as well as during runtime evaluation of an individual’s ability to access protected...

Publications NISTIR 8149 January 12, 2018
https://csrc.nist.rip/publications/detail/nistir/8149/final

Abstract: When supported by trust frameworks, identity federations provide a secure method for leveraging shared identity credentials across communities of similarly-focused online service providers. This document explores the concepts around trust frameworks and identity federations and provides topics to co...

Publications SP 800-90B January 10, 2018
https://csrc.nist.rip/publications/detail/sp/800-90b/final

Abstract: This Recommendation specifies the design principles and requirements for the entropy sources used by Random Bit Generators, and the tests for the validation of entropy sources. These entropy sources are intended to be combined with Deterministic Random Bit Generator mechanisms that are specified in...

Publications Conference Proceedings January 5, 2018
https://csrc.nist.rip/publications/detail/conference-paper/2018/01/05/graphical-model-for-cloud-forensic-and-mission-impact-analysis

Conference: 14th IFIP WG 11.3 International Conference on Digital Forensics Abstract: In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log file...

Publications NISTIR 8201 December 22, 2017
https://csrc.nist.rip/publications/detail/nistir/8201/final

Abstract: This report provides an overview of the topics discussed at the “Internet of Things (IoT) Cybersecurity Colloquium” hosted on NIST’s campus in Gaithersburg, Maryland on October 19, 2017. It summarizes key takeaways from the presentations and discussions. Further, it provides information on potential...

Publications SP 800-187 December 21, 2017
https://csrc.nist.rip/publications/detail/sp/800-187/final

Abstract: Cellular technology plays an increasingly large role in society as it has become the primary portal to the internet for a large segment of the population. One of the main drivers making this change possible is the deployment of 4th generation (4G) Long Term Evolution (LTE) cellular technologies. Thi...

Publications White Paper December 14, 2017
https://csrc.nist.rip/publications/detail/white-paper/2017/12/14/mitigating-iot-based-ddos/final

Abstract: The building-block objective is to reduce the vulnerability of Internet of Things (IoT) devices to botnets and other automated distributed threats, while limiting the utility of compromised IoT devices to malicious actors. The primary technical elements of this building block include network gateway...

Publications Conference Proceedings December 7, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/12/07/the-iterated-random-function-problem

Conference: 23rd Annual International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2017 Abstract: At CRYPTO 2015, Minaud and Seurin introduced and studied the iterated random permutation problem, which is to distinguish the r-th iterate of a random permutation from a random permutation. In this paper, we study the closely related iterated random functionproblem, and prov...

Publications Journal Article November 28, 2017
https://csrc.nist.rip/publications/detail/journal-article/2017/cybersecurity-vulnerability-trends

Journal: IT Professional Abstract: Given the large and impactful data breaches making headlines in recent years, Internet users naturally wonder: Why is this happening, and how much worse can it get? Here, the authors review trends in vulnerabilities, looking at earlier findings discussed in a previous installment of this column, as...

Publications ITL Bulletin November 27, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/11/tdea-block-ciphers/final

Abstract: This bulletin summarizes the information found in NIST SP 800-67, Rev. 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. This bulletin offers an overview of the TDEA block cipher along with usage guidance and NIST's plans.

Publications SP 800-67 Rev. 2 November 17, 2017
https://csrc.nist.rip/publications/detail/sp/800-67/rev-2/final

Abstract: This publication specifies the Triple Data Encryption Algorithm (TDEA), including its primary component cryptographic engine, the Data Encryption Algorithm (DEA). TDEA is intended to be used with a Special Publication (SP) 800-38-series-compliant mode of operation in a Federal Information Processing...

Publications White Paper November 9, 2017
https://csrc.nist.rip/publications/detail/white-paper/2017/11/09/[project-description]-tls-server-certificate-management/final

Abstract: This project provides guidance on the governance and management of Transport Layer Security (TLS) server certificates in enterprise environments to reduce outages, improve security, and enable disaster recovery related to certificates. The project will be provided in a freely available NIST Cybersec...

<< first   < previous   43     44     45     46     47     48     49     50     51     52     53     54     55     56     57     58     59     60     61     62     63     64     65     66     67  next >  last >>