U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1426 through 1450 of 13539 matching records.
Publications White Paper May 25, 2017
https://csrc.nist.rip/publications/detail/white-paper/2017/05/25/graphical-methods-in-device-independent-quantum-cryptography/final

Abstract: We introduce a framework for graphical security proofs in device-independent quantum cryptography using the methods of categorical quantum mechanics. We are optimistic that this approach will make some of the highly complex proofs in quantum cryptography more accessible, facilitate the discovery of...

Publications Journal Article May 10, 2017
https://csrc.nist.rip/publications/detail/journal-article/2017/what-happened-to-software-metrics

Journal: Computer (IEEE Computer) Abstract: In the 1980's, the software quality community was all 'a buzz' with seemingly endless 'potential' approaches for producing higher quality software. At the forefront of that was software metrics, along with the corresponding software testing techniques and tools and process improvement schemes that r...

Publications ITL Bulletin May 8, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/05/cyber-threat-intelligence-and-information-sharing/final

Abstract: This bulletin, based on NIST Special Publication (SP) 800-150, introduces cyber threat intelligence and information sharing concepts, describes the benefits and challenges of sharing, clarifies the importance of trust, and introduces specific data handling considerations. It also desc...

Publications ITL Bulletin April 18, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/04/building-bridge-b/w-privacy--cybersecurity-for-federal-systems/final

Abstract: This bulletin summarizes the information in NISTIR 8062: An Introduction to Privacy Engineering and Risk Management in Federal Information Systems which provides an introduction to the concepts of privacy engineering and risk management for federal information systems. NISTIR 8062 introduces two key...

Publications Journal Article April 13, 2017
https://csrc.nist.rip/publications/detail/journal-article/2017/linear-time-algorithms-restrict-insider-access

Journal: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications Abstract: An important way to limit malicious insiders from distributing sensitive information is to restrict access as tightly as possible. This has always been the goal in the design of access control mechanisms, but individual approaches can be inadequate. Approaches that instantiate multiple methods simul...

Publications White Paper April 2, 2017
https://csrc.nist.rip/publications/detail/white-paper/2017/04/02/baldrige-cybersecurity-excellence-builder-v10/final

Abstract: The Baldrige Cybersecurity Excellence Builder is a voluntary self-assessment tool that enables organizations to better understand the effectiveness of their cybersecurity risk management efforts. It helps your organization identify strengths and opportunities for improvement in managing cybersecurit...

Publications NISTIR 8114 March 28, 2017
https://csrc.nist.rip/publications/detail/nistir/8114/final

Abstract: NIST-approved cryptographic standards were designed to perform well on general-purpose computers. In recent years, there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current NIST-approved algorithms can be engineered...

Publications Conference Proceedings March 24, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/03/24/imposing-fine-grain-ngac-over-database-queries

Conference: 2nd ACM Workshop on Attribute Based Access Control (ABAC '17) Abstract: In this paper, we describe a system that leverages ANSI/INCITS Next Generation Access Control (NGAC) standard called Next-generation Database Access Control (NDAC) for accessing data in tables, rows, and columns in existing RDBMS products. NDAC imposes access control at the data level, eliminating t...

Publications Conference Proceedings March 24, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/03/24/verification-of-resilience-policies-that-assist-abac

Conference: 2nd ACM Workshop on Attribute-Based Access Control (ABAC'17) Abstract: Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined in the context of these models is their abi...

Publications ITL Bulletin March 13, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/03/fundamentals-of-small-business-information-security/final

Abstract: This bulletin summarizes the information in NISTIR 7621, Revision 1: Small Business Information Security: The Fundamentals. The bulletin presents the fundamentals of a small business information security program.

Publications White Paper March 9, 2017
https://csrc.nist.rip/publications/detail/white-paper/2017/03/09/[project-description]-securing-manufacturing-ics/final

Abstract: Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors. Cyber attacks against ICS devices present a real threat to organizations that employ ICS to monitor and control manufacturing processes. The NIST Engineering Laboratory (EL), in conjunct...

Publications Conference Paper February 26, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/02/26/be-prepared-how-us-government-experts-think-about-cybersecurity

Conference: NDSS Symposium 2017 Abstract: Online security experiences, perceptions, and behaviors are key to understanding users security practices. Users express that they are concerned about online security, but they also express frustration in navigating the often confusing and mentally taxing cybersecurity world. Thi...

Publications Conference Proceedings February 23, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/02/23/towards-probabilistic-identification-of-zero-day-attack-paths

Conference: 2016 IEEE Conference on Communications and Network Security (CNS) Abstract: Zero-day attacks continue to challenge the enterprise network security defense. A zero-day attack path is formed when a multi-step attack contains one or more zero-day exploits. Detecting zero-day attack paths in time could enable early disclosure of zero-day threats. In this paper, we propose a pro...

Publications Journal Article February 22, 2017
https://csrc.nist.rip/publications/detail/journal-article/2017/building-caring-healthcare-systems-in-the-internet-of-things

Journal: IEEE Systems Journal Abstract: The nature of healthcare and the computational and physical technologies and constraints present a number of challenges to systems designers and implementers. In spite of the challenges, there is a significant market for systems and products to support caregivers in their tasks as the number of peop...

Publications ITL Bulletin February 17, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/02/guide-for-cybersecurity-incident-recovery/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-184, Guide for Cybersecurity Event Recovery. The publication provides organizations with strategic guidance for planning, playbook developing, testing and improvements of recovery planning following a cybers...

Publications NISTIR 8165 February 9, 2017
https://csrc.nist.rip/publications/detail/nistir/8165/final

Abstract: The Software Assurance Metrics and Tool Evaluation (SAMATE) team studied thousands of warnings from static analyzers. Tools have difficulty distinguishing between the absence of a weakness and the presence of a weakness that is buried in otherwise-irrelevant code elements. This paper presents classe...

Publications NISTIR 8139 (Draft) February 2, 2017
https://csrc.nist.rip/publications/detail/nistir/8139/draft

Abstract: Entropy models are frequently utilized in tests identifying either qualities of randomness or randomness uniformity of formal and/or observed distributions. The NIST special publications SP 800-22 and SP 800-90 (A, B, & C) discuss tests and methods leveraging both Shannon and min entropies. Shan...

Publications NISTIR 8136 January 27, 2017
https://csrc.nist.rip/publications/detail/nistir/8136/final

Abstract: The Middle Class Tax Relief Act of 2012 mandated the creation of the Nation’s first nationwide, high-speed communications network dedicated for public safety. The law instantiated a new federal entity, the Federal Responder Network Authority (FirstNet), to build, maintain, and operate a new Long Ter...

Publications Conference Proceedings January 26, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/01/26/measuring--improving-effectiveness-of-defense-in-depth-postures

Conference: 2nd Annual Industrial Control System Security Workshop (ICSS '16), 2016 Annual Computer Security Applications Conference Abstract: Defense-in-depth is an important security architecture principle that has significant application to industrial control systems (ICS), cloud services, storehouses of sensitive data, and many other areas. We claim that an ideal defense-in-depth posture is 'deep', containing many layers of security, a...

Publications ITL Bulletin January 17, 2017
https://csrc.nist.rip/publications/detail/itl-bulletin/2017/01/dramatically-reducing-software-vulnerabilities/final

Abstract: This bulletin summarized the information presented in NISTIR 8151: Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy. The publication starts by describing well known security risks and presents a list of specific technical approaches th...

Publications Conference Proceedings January 10, 2017
https://csrc.nist.rip/publications/detail/conference-paper/2017/01/10/full-disk-encryption-bridging-theory-and-practice

Conference: RSA Conference 2017 Abstract: We revisit the problem of Full Disk Encryption (FDE), which refers to the encryption of each sector of a disk volume. In the context of FDE, it is assumed that there is no space to store additional data, such as an IV (Initialization Vector) or a MAC (Message Authentication Code) value. We formally...

Publications NISTIR 8062 January 4, 2017
https://csrc.nist.rip/publications/detail/nistir/8062/final

Abstract: This document provides an introduction to the concepts of privacy engineering and risk management for federal systems. These concepts establish the basis for a common vocabulary to facilitate better understanding and communication of privacy risk within federal systems, and the effective implementat...

Publications Journal Article December 27, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/arithmetic-progressions-on-conics

Journal: Journal of Integer Sequences Abstract: In this paper, we look at long arithmetic progressions on conics. By an arithmetic progression on a curve, we mean the existence of rational points on the curve whose x-coordinates are in arithmetic progression. We revisit arithmetic progressions on the unit circle, constructing 3-term progressions...

Publications SP 800-184 December 22, 2016
https://csrc.nist.rip/publications/detail/sp/800-184/final

Abstract: In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include comprehensive recovery planning. Identifying and prioritizing organization resources helps to guide effective plans and realistic test scenarios. Th...

Publications SP 800-185 December 22, 2016
https://csrc.nist.rip/publications/detail/sp/800-185/final

Abstract: This Recommendation specifies four SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash. cSHAKE is a customizable variant of the SHAKE functions defined in FIPS 202. KMAC (for KECCAK Message Authentication Code) is a variable-length message authentication code algorithm based on KECCAK...

<< first   < previous   46     47     48     49     50     51     52     53     54     55     56     57     58     59     60     61     62     63     64     65     66     67     68     69     70  next >  last >>