U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1651 through 1675 of 13539 matching records.
Publications Journal Article September 30, 2014
https://csrc.nist.rip/publications/detail/journal-article/2014/reducing-the-cognitive-load-on-analysts-through-hamming-distance

Journal: International Journal of Network Security & Its Applications (IJNSA) Abstract: Previous work introduced the idea of grouping alerts at a Hamming distance of 1 to achieve alert aggregation; such aggregated meta-alerts were shown to increase alert interpret-ability. However, a mean of 84,023 daily Snort alerts were reduced to a still formidable 14,099 meta-alerts. In this work,...

Publications ITL Bulletin September 29, 2014
https://csrc.nist.rip/publications/detail/itl-bulletin/2014/09/release-of-nist-interagency-report-7628-revision-1-guidelines-f/final

Abstract: The United States has embarked on a major transformation of its electric power infrastructure. This vast infrastructure upgrade--extending from homes and businesses to fossil-fuel-powered generating plants and wind farms--is central to national efforts to increase energy efficiency, reliability, and...

Publications NISTIR 7628 Rev. 1 September 25, 2014
https://csrc.nist.rip/publications/detail/nistir/7628/rev-1/final

Abstract: This three-volume report, Guidelines for Smart Grid Cybersecurity, presents an analytical framework that organizations can use to develop effective cybersecurity strategies tailored to their particular combinations of Smart Grid-related characteristics, risks, and vulnerabilities. Organizations in t...

Publications Conference Proceedings September 24, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/09/24/inferring-the-stealthy-bridges-btwn-enterprise-network-islands

Conference: 10th International Conference on Security and Privacy in Communication Networks (SecureComm 2014) Abstract: Enterprise networks are migrating to the public cloud to acquire computing resources for promising benefits in terms of efficiency, expense, and flexibility. Except for some public services, the enterprise network islands in cloud are expected to be absolutely isolated from each other. However, some...

Publications Building Block V.2 September 12, 2014
https://csrc.nist.rip/publications/detail/building-block/2014/09/12/mobile-device-security-for-enterprises/final

Abstract: Traditionally, enterprises established boundaries to separate their trusted internal IT network(s) from untrusted external networks. When employees consume and generate corporate information on mobile devices, this traditional boundary erodes. Due to the rapid changes in today’s mobile platforms, co...

Publications Conference Proceedings September 11, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/09/11/modeling-network-diversity-for-evaluating-the-robustness-of-netw

Conference: 19th European Symposium on Research in Computer Security (ESORICS 2014) Abstract: The interest in diversity as a security mechanism has recently been revived in various applications, such as Moving Target Defense (MTD), resisting worms in sensor networks, and improving the robustness of network routing. However, most existing efforts on formally modeling diversity have focused on...

Publications SP 800-170 September 4, 2014
https://csrc.nist.rip/publications/detail/sp/800-170/final

Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...

Publications SP 800-147B August 28, 2014
https://csrc.nist.rip/publications/detail/sp/800-147b/final

Abstract: Modern computers rely on fundamental system firmware, commonly known as the Basic Input/Output System (BIOS), to facilitate the hardware initialization process and transition control to the hypervisor or operating system. Unauthorized modification of BIOS firmware by malicious software constitutes a...

Publications ITL Bulletin August 28, 2014
https://csrc.nist.rip/publications/detail/itl-bulletin/2014/08/policy-machine-towards-a-general-purpose-enterprise-wide-opera/final

Abstract: The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability for existing access control mechanisms to enforce a comprehensive range of policy persists. While resear...

Publications Journal Article August 19, 2014
https://csrc.nist.rip/publications/detail/journal-article/2014/the-future-of-cybersecurity-education

Journal: Computer Abstract: By fostering public–private partnerships in cybersecurity education, the U.S. government is motivating federal agencies, industry, and academia to work more closely together to defend cyberspace.

Publications Conference Proceedings August 15, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/08/15/on-the-unification-of-access-control-and-data-services

Conference: 15th IEEE Conference on Information Reuse and Integration (IRI 2014) Abstract: A primary objective of enterprise computing (via a data center, cloud, etc.) is the controlled delivery of data services (DS). Typical DSs include applications such as email, workflow, and records management, as well as system level features, such as file and access control management. Although acce...

Publications SP 800-85B-4 (Draft) August 6, 2014
https://csrc.nist.rip/publications/detail/sp/800-85b/4/draft

Abstract: FIPS201 describes a variety of data model components as a part of the PIV logical credentials. Such components include biometric elements in the form of fingerprint information and facial imagery and security elements such as electronic keys, certificates, and signatures. FIPS201 incorporates by ref...

Publications Journal Article August 6, 2014
https://csrc.nist.rip/publications/detail/journal-article/2014/it-pro-conference-on-information-systems-governance

Journal: IT Professional Abstract: Approximately 100 IT professionals participated in the 2014 IT Pro Conference on Information Systems Governance, held at the National Institute of Standards and Technology (NIST) on May 22, 2014 (www.computer.org/itproconf). Information systems governance focuses on properly managing IT resources to...

Publications Journal Article August 1, 2014
https://csrc.nist.rip/publications/detail/journal-article/2014/elliptic-curves-arising-from-brahmagupta-quadrilaterals

Journal: Bulletin of the Australian Mathematical Society Abstract: A Brahmagupta quadrilateral is a cyclic quadrilateral whose sides, diagonals, and area are all integer values. In this article, we characterize the notions of Brahmagupta, introduced by K. R. S. Sastry, by means of elliptic curves. Motivated by these characterizations, we use Brahmagupta quadrilater...

Publications ITL Bulletin July 10, 2014
https://csrc.nist.rip/publications/detail/itl-bulletin/2014/07/release-of-nist-interagency-report-7946-cvss-implementation-gui/final

Abstract: The Common Vulnerability Scoring System (CVSS) is an open standard designed to convey severity and risk of information system vulnerabilities. CVSS was commissioned by the National Infrastructure Advisory Council (NIAC) in support of the global Vulnerability Disclosure Framework. It is currently mai...

Publications SP 800-168 July 2, 2014
https://csrc.nist.rip/publications/detail/sp/800-168/final

Abstract: Approximate matching is a promising technology for designed to identify similarities between two digital artifacts. It is used to find objects that resemble each other or to find objects that are contained in another object. This can be very useful for filtering data for security monitoring, digital...

Publications Conference Proceedings July 1, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/07/01/using-network-tainting-to-bound-the-scope-of-network-ingress-att

Conference: Eighth International Conference on Software Security and Reliability (SERE 2014) Abstract: This research describes a novel security metric, network taint, which is related to software taint analysis. We use it here to bound the possible malicious influence of a known compromised node through monitoring and evaluating network flows. The result is a dynamically changing defense-in-depth map...

Publications Conference Proceedings June 22, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/06/22/cognitive-behavioral-framework-user-password-mgmt-lifecycle

Conference: Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS 2014) Abstract: Passwords are the most commonly used mechanism in controlling users’ access to information systems. Little research has been established on the entire user password management lifecycle from the start of generating a password, maintaining the password, using the password to authenticate, then to the...

Publications Conference Proceedings June 22, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/06/22/character-strings-memory-and-passwords

Conference: Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS 2014) Abstract: Many users must authenticate to multiple systems and applications, often using different passwords, on a daily basis. At the same time, the recommendations of security experts are driving increases in the required character length and complexity of passwords. The thinking is that longer passwords wi...

Publications Conference Proceedings June 22, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/06/22/preserving-privacy-–-more-than-reading-a-message

Conference: 8th International Conference on Universal Access in Human-Computer Interaction (UAHCI 2014) Abstract: Social media has become a mainstream activity where people share all kinds of personal and intimate details about their lives. These social networking sites (SNS) allow users to conveniently authenticate to the third-party website by using their SNS credentials, thus eliminating the need of creating...

Publications Conference Proceedings June 22, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/06/22/scale-to-assess-linguistic-phonological-difficulty-of-passwords

Conference: 6th International Conference Cross-Cultural Design (CCD 2014) Abstract: Institutions often require or recommend that their employees use secure, system-generated passwords. It is not clear how well linguistic and phonological language properties map onto complex, randomly-generated passwords. Passwords containing a mix of letters, numbers, and other symbol characters ma...

Publications Conference Proceedings June 22, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/06/22/i-can't-type-that-pw0rd-entry-on-mobile-devices

Conference: Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS 2014) Abstract: Given the numerous constraints of onscreen keyboards, such as smaller keys and lack of tactile feedback, remembering and typing long, complex passwords—an already burdensome task on desktop computing systems—becomes nearly unbearable on small mobile touchscreens. Complex passwords require numerous s...

Publications ITL Bulletin June 5, 2014
https://csrc.nist.rip/publications/detail/itl-bulletin/2014/06/itl-forensic-science-program/final

Abstract: Forensic science provides the methodologies for understanding crime scenes. It is used for analyzing evidence, identifying suspects, and prosecuting and convicting criminals while exonerating innocent people. To maintain the integrity of the U.S. criminal justice system, the validity and reliability...

Publications Journal Article June 2, 2014
https://csrc.nist.rip/publications/detail/journal-article/2014/nist-cybersecurity-framework-addresses-risks-to-critical-infrast

Journal: ei Magazine Abstract: On February 12, 2014 President Obama issued a statement that, "[c]yber threats pose one the gravest national security dangers that the United States faces. To better defend our nation against this systemic challenge, one year ago I signed an Executive Order directing the Administration to take steps...

Publications Conference Proceedings May 29, 2014
https://csrc.nist.rip/publications/detail/conference-paper/2014/05/29/analysis-of-protection-options-for-virtualized-infrastructures-i

Conference: The Fifth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2014) Abstract: Infrastructure as a Service (IaaS) is one of the three main cloud service types where the cloud consumer consumes a great variety of resources such as computing (Virtual Machines or VMs), virtual network, storage and utility programs (DBMS). Any large-scale offering of this service is feasible only...

<< first   < previous   55     56     57     58     59     60     61     62     63     64     65     66     67     68     69     70     71     72     73     74     75     76     77     78     79  next >  last >>