U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1451 through 1475 of 13539 matching records.
Publications ITL Bulletin December 21, 2016
https://csrc.nist.rip/publications/detail/itl-bulletin/2016/12/rethinking-security-through-systems-security-engineering/final

Abstract: This bulletin summarizes the information presented in NIST SP 800-160: Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. The publication addresses the engineering-driven perspective and actions necessary to develop more de...

Publications Conference Proceedings December 20, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/12/20/memory-and-motor-processes-of-password-entry-error

Conference: 2015 Annual Meeting of the Human Factors and Ergonomics Society Abstract: Passwords are tightly interwoven with the digital fabric of our current society. Unfortunately, passwords that provide better security generally tend to be more complex, both in length and composition. Complex passwords are problematic both cognitively and motorically, leading to both memory and mot...

Publications SP 800-188 (Draft) December 15, 2016
https://csrc.nist.rip/publications/detail/sp/800-188/draft

Abstract: De-identification is a process that is applied to a dataset to reduce the risk of linking information revealed in the dataset to specific individuals. Government agencies can use de-identification to reduce the privacy risk associated with collecting, processing, archiving, distributing or publishin...

Publications Journal Article December 1, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/measuring--specifying-combinatorial-coverage-test-input-configs

Journal: Innovations in Systems and Software Engineering Abstract: A key issue in testing is how many tests are needed for a required level of coverage or fault detection. Estimates are often based on error rates in initial testing, or on code coverage. For example, tests may be run until a desired level of statement or branch coverage is achieved. Combinatorial me...

Publications Journal Article December 1, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/defeating-buffer-overflow-a-trivial-but-dangerous-bug

Journal: IT Professional Abstract: With the C programming language comes buffer overflows. Because it is unlikely that the use of C will stop any time soon, the authors present some ways to deal with buffer overflows—both how to detect and prevent them.

Publications NISTIR 8151 November 30, 2016
https://csrc.nist.rip/publications/detail/nistir/8151/final

Abstract: The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known risks: current systems perform increasingly vital tasks and are widely...

Publications White Paper November 28, 2016
https://csrc.nist.rip/publications/detail/white-paper/2016/11/28/[project-description]-mobile-application-single-sign-on-for-psfr/final

Abstract: Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in day-to-day business and preparations during non-emergency period...

Publications White Paper NIST GCR 16-010 November 21, 2016
https://csrc.nist.rip/publications/detail/white-paper/2016/11/21/survey-for-physics-based-attack-detection-in-control-systems/final

Abstract: Monitoring the “physics” of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false contr...

Publications ITL Bulletin November 21, 2016
https://csrc.nist.rip/publications/detail/itl-bulletin/2016/11/exploring-the-next-generation-of-ac-methodologies/final

Abstract: This bulletin summarizes the information presented in NIST SP 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications. The publication describes Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), and then compar...

Publications SP 500-320 November 10, 2016
https://csrc.nist.rip/publications/detail/sp/500-320/final

Abstract: The NIST workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV) was held on 12 July 2016. The goal of this workshop was to gather ideas on how the Federal Government can identify, improve, package, deliver, or boost the use of software measures and metrics to signifi...

Publications NISTIR 7621 Rev. 1 November 3, 2016
https://csrc.nist.rip/publications/detail/nistir/7621/rev-1/final

Abstract: NIST developed this interagency report as a reference guideline about cybersecurity for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.

Publications Conference Proceedings November 2, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/11/02/secure-multicast-group-management--key-distribution-ieee-80221

Conference: 3rd International Conference on Research in Security Standardisation (SSR 2016) Abstract: Controlling a large number of devices such as sensors and smart end points, is always a challenge where scalability and security are indispensable. This is even more important when it comes to periodic configuration updates to a large number of such devices belonging to one or more groups. One solut...

Publications Journal Article November 1, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/the-power-of-qualitative-methods-cybersecurity-and-trust

Journal: User Experience Magazine Abstract: This article outlines our experience as a multi-disciplinary team studying user perceptions of and experiences with cybersecurity. We trace our journey from mutual skepticism, to understanding, to acceptance using illustrations from our data. We also discuss our learning along the way—including the...

Publications Journal Article October 28, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/caring-an-undiscovered-super-“ility”-of-smart-healthcare

Journal: IEEE Software Abstract: As new and exciting healthcare applications arise that use smart technologies, the Internet of Things, data analytics, and other technologies, a critical problem is emerging: the potential loss of caring. Although these exciting technologies have improved patient care by allowing for better assessme...

Publications Conference Proceedings October 28, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/10/28/restricting-insider-access-multi-policy-access-control-systems

Conference: 8th ACM Computer and Communications Security International Workshop on Managing Insider Security Threats (MIST '16) Abstract: The American National Standards Organization has standardized an access control approach, Next Generation Access Control (NGAC), that enables simultaneous instantiation of multiple access control policies. For large complex enterprises this is critical to limiting the legally authorized access of in...

Publications Conference Proceedings October 26, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/10/26/threat-modeling-for-cloud-data-center-infrastructures

Conference: 9th International Symposium on Foundations and Practice of Security (FPS 2016) Abstract: Cloud computing has undergone rapid expansion throughout the last decade. Many companies and organizations have made the transition from traditional data centers to the cloud due to its flexibility and lower cost. However, traditional data centers are still being relied upon by those who are less ce...

Publications Journal Article October 25, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/secure-and-usable-enterprise-authentication

Journal: IEEE Security & Privacy Abstract: More than 5.4 million Personal Identity Verification (PIV) and Common Access Cards (CAC) have been deployed to US government employees and contractors. These cards allow physical access to federal facilities, but their use to authenticate logical access to government information systems is uneven, w...

Publications Conference Proceedings October 25, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/10/25/micro-signatures-effectiveness-of-known-bad-n-grams

Conference: 9th International Symposium on Foundations and Practice of Security (FPS 2016) Abstract: Network intrusion detection is broadly divided into signature and anomaly detection. The former identifies patterns associated with known attacks and the latter attempts to learn a ‘normal’ pattern of activity and alerts when behaviors outside of those norms is detected. The n-gram methodology has a...

Publications Conference Proceedings October 24, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/10/24/limiting-the-impact-of-stealthy-attacks-on-ics

Conference: 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16) Abstract: While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Att...

Publications ITL Bulletin October 24, 2016
https://csrc.nist.rip/publications/detail/itl-bulletin/2016/10/making-email-trustworthy/final

Abstract: This bulletin summarizes the information presented in NIST SP 800-177, Trustworthy Email. This publication gives recommendations and guidelines for enhancing trust in email. This guideline applies to federal IT systems and will also be useful for any small or medium sized organizations.

Publications Journal Article October 20, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/combinatorial-methods-in-security-testing

Journal: Computer (IEEE) Abstract: Combinatorial methods can make software security testing much more efficient and effective than conventional approaches.

Publications Conference Proceedings October 11, 2016
https://csrc.nist.rip/publications/detail/conference-paper/2016/10/11/better-than-3n-lower-bound-circuit-complexity-explicit-function

Conference: IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS 2016) Abstract: We consider Boolean circuits over the full binary basis. We prove a (3+1/86)n-o(n) lower bound on the size of such a circuit for an explicitly defined predicate, namely an affine disperser for sublinear dimension. This improves the 3n-o(n) bound of Norbert Blum (1984).The proof is based on the gate...

Publications SP 800-38B October 6, 2016
https://csrc.nist.rip/publications/detail/sp/800-38b/final

Abstract: This Recommendation specifies a message authentication code (MAC) algorithm based on a symmetric key block cipher. This block cipher-based MAC algorithm, called CMAC, may be used to provide assurance of the authenticity and, hence, the integrity of binary data.

Publications Journal Article October 5, 2016
https://csrc.nist.rip/publications/detail/journal-article/2016/high-rank-elliptic-curves-with-torsion-z/4z

Journal: INTEGERS: The electronic journal of combinatorial number theory Abstract: Working over the field Q(t), Kihara constructed an elliptic curve with torsion group Z/4Z and five independent rational points, showing the rank is at least five. Following his approach, we give a new infinite family of elliptic curves with torsion group Z/4Z and rank at least five. This matches the...

Publications SP 800-150 October 4, 2016
https://csrc.nist.rip/publications/detail/sp/800-150/final

Abstract: Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Cyber threat information includes indicators of compromise; tactics, techniques, and procedures used by threat actors; suggested actions to detect, contain, or prevent a...

<< first   < previous   47     48     49     50     51     52     53     54     55     56     57     58     59     60     61     62     63     64     65     66     67     68     69     70     71  next >  last >>