U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1751 through 1775 of 13539 matching records.
Publications Conference Proceedings January 17, 2013
https://csrc.nist.rip/publications/detail/conference-paper/2013/01/17/mapping-evidence-graphs-to-attack-graphs

Conference: IEEE International Workshop on Information Forensics and Security 2012 (WIFS 2012) Abstract: Attack graphs compute potential attack paths from a system configuration and known vulnerabilities of a system. Evidence graphs model intrusion evidence and dependencies among them for forensic analysis. In this paper, we show how to map evidence graphs to attack graphs. This mapping is useful for a...

Publications Conference Proceedings January 16, 2013
https://csrc.nist.rip/publications/detail/conference-paper/2013/01/16/using-attack-graphs-in-forensic-examinations

Conference: Fifth International Workshop on Digital Forensics (WSDF 2012) Abstract: Attack graphs are used to compute potential attackpaths from a system configuration and known vulnerabilities of asystem. Attack graphs can be used to eliminate knownvulnerability sequences that can be eliminated to make attacksdifficult and help forensic examiners in identifying manypotential attac...

Publications Journal Article January 11, 2013
https://csrc.nist.rip/publications/detail/journal-article/2013/changes-in-federal-information-processing-standard-fips-180-4

Journal: Cryptologia Abstract: This paper describes the changes between FIPS 180-3 and FIPS 180-4. FIPS 180-4 specifies two new secure cryptographic hash algorithms: SHA-512/224 and SHA-512/256; it also includes a method for determining initial value(s) for any future SHA-512-based hash algorithm(s). FIPS 180-4 also removes a req...

Publications White Paper January 10, 2013
https://csrc.nist.rip/publications/detail/white-paper/2013/01/10/summary-of-the-workshop-on-cryptographic-key-management-systems-/final

Abstract: A workshop was held on September 10-11, 2012 to discuss two documents that have been posted for public comment: SP 800-130 (A Framework for Designing Cryptographic Key Management Systems) and a table of proposed requirements for SP 800-152 (A Profile for U. S. Federal Cryptographic Key Management Sy...

Publications Journal Article January 1, 2013
https://csrc.nist.rip/publications/detail/journal-article/2013/advances-in-biometric-standardisation-–-addressing-global-requir

Journal: International Journal of Biometrics Abstract: The paper discusses the current status of biometric standards development activities, with a focus on international standards developments. Published standards, as well as standards under development or planned for the near future, are addressed. The work of Joint Technical Committee 1 of ISO and IE...

Publications ITL Bulletin December 19, 2012
https://csrc.nist.rip/publications/detail/itl-bulletin/2012/12/generating-secure-cryptographic-keys-a-critical-component-of-cr/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-133, Recommendation for Cryptographic Key Generation. The publication helps federal government organizations generate the cryptographic keys that are to be used with approved cryptographic algorithms to protect i...

Publications Journal Article December 14, 2012
https://csrc.nist.rip/publications/detail/journal-article/2012/securing-america’s-digital-infrastructure-through-education

Journal: The Next Wave - The National Security Agency's Review of Emerging Technologies Abstract: This article provides an overview of the establishment of the National Initiative for Cybersecurity Education (NICE), its government structure, and it goals. Parallels are drawn between the strategic R&D thrust, Developing Scientific Foundations, described in "Trustworthy Cyberspace: Strategic Plan...

Publications Journal Article December 14, 2012
https://csrc.nist.rip/publications/detail/journal-article/2012/introducing-the-federal-cybersecurity-rd-strategic-plan

Journal: The Next Wave - The National Security Agency's Review of Emerging Technologies Abstract: In December 2011, the White House Office of Science and Technology Policy (OSTP) released the Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program —a framework for a set of coordinated Federal strategic priorities and objectives for cybersecurity rese...

Publications SP 800-38F December 13, 2012
https://csrc.nist.rip/publications/detail/sp/800-38f/final

Abstract: This publication describes cryptographic methods that are approved for “key wrapping,” i.e., the protection of the confidentiality and integrity of cryptographic keys. In addition to describing existing methods, this publication specifies two new, deterministic authenticated-encryption modes of oper...

Publications Conference Paper December 7, 2012
https://csrc.nist.rip/publications/detail/conference-paper/2012/12/07/security-ontologies-for-enterprise-level-risk-assessment

Conference: 2012 Annual Computer Security Applications Conference (ACSAC 2012) Abstract: Ontology for Modeling Enterprise Level Security Risk using RDF (Resource Description Framework) and OWL (Web Ontology Language). Knowledge of threats and corresponding countermeasures is integrated into this ontology framework. This ontology was applied to a test network for image management applic...

Publications Journal Article December 3, 2012
https://csrc.nist.rip/publications/detail/journal-article/2012/protecting-wireless-local-area-networks

Journal: IT Professional Abstract: This article summarizes the information that was presented in the February 2012 Information Technology Laboratory (ITL) bulletin, Guidelines for Securing Wireless Local Area Networks (WLANs). The bulletin, which was noted by WERB in February 2012, was based on NIST Special Publication (SP) 800-153,...

Publications White Paper December 1, 2012
https://csrc.nist.rip/publications/detail/white-paper/2012/12/01/proof-of-concept-for-an-ict-scrm-enterprise-assessment-package/final

Abstract: The Supply Chain Management Center of The RH Smith School Of Business, University Of Maryland has completed a third phase of research for NIST ITL built upon its prior activities; and developed an Enterprise ICT SCRM Assessment Package as a proof of concept. This Package is delivered through an...

Publications NISTIR 7817 November 29, 2012
https://csrc.nist.rip/publications/detail/nistir/7817/final

Abstract: A large number of Identity Management Systems (IDMSs) are being deployed worldwide that use different technologies for the population of their users. With the diverse set of technologies, and the unique business requirements for organizations to federate, there is no uniform approach to the federati...

Publications ITL Bulletin November 27, 2012
https://csrc.nist.rip/publications/detail/itl-bulletin/2012/11/practices-for-managing-supply-chain-risks-to-protect-federal-inf/final

Abstract: This bulletin summarizes the information that is included in NISTIR 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. This publication provides federal departments and agencies with a notional set of repeatable and commercially reasonable supply chain assurance m...

Publications White Paper November 19, 2012
https://csrc.nist.rip/publications/detail/white-paper/2012/11/19/challenging-security-requirements-for-usg-cloud-adoption/final

Abstract: The Federal Cloud Strategy, February 8, 2010, outlines a federal cloud computing program that identifies program objectives aimed at accelerating the adoption of cloud computing across the federal government. NIST, along with other agencies, was tasked with a key role and specific activities in supp...

Publications NISTIR 7896 November 15, 2012
https://csrc.nist.rip/publications/detail/nistir/7896/final

Abstract: The National Institute of Standards and Technology (NIST) opened a public competition on November 2, 2007, to develop a new cryptographic hash algorithm – SHA-3, which will augment the hash algorithms specified in the Federal Information Processing Standard (FIPS) 180-4, Secure Hash Standard (SHS)....

Publications Journal Article November 6, 2012
https://csrc.nist.rip/publications/detail/journal-article/2012/class-numbers-via-3-isogenies-and-elliptic-surfaces

Journal: International Journal of Number Theory Abstract: We show that a character sum attached to a family of 3-isogenies defined on the fibers of a certain elliptic surface over Fp relates to the class number of the quadratic imaginary number field Q(\sqrt{p}). In this sense, this provides a higher-dimensional analog of some recent class number formula...

Publications SP 800-164 (Draft) October 31, 2012
https://csrc.nist.rip/publications/detail/sp/800-164/draft

Abstract: The guidelines in this document are intended to provide a common baseline of security technologies that can be implemented across a wide range of mobile devices to help secure organization-issued mobile devices as well as devices brought into an organization, such as personally-owned devices used in...

Publications NISTIR 7878 October 26, 2012
https://csrc.nist.rip/publications/detail/nistir/7878/final

Abstract: Combinatorial testing applies factor covering arrays to test all t-way combinations of input or configuration state space. In some testing situations, it is not practical to use covering arrays, but any set of tests covers at least some portion of t-way combinations up to t [less than or equal to] n...

Publications ITL Bulletin October 25, 2012
https://csrc.nist.rip/publications/detail/itl-bulletin/2012/10/conducting-information-security-related-risk-assessments--updat/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-30 Rev.1, Guide to Conducting Risk Assessments. This publication was developed by the Joint Task Force Transformation Initiative, a joint partnership among the Department of Defense, the Intelligence Community, N...

Publications Conference Proceedings October 16, 2012
https://csrc.nist.rip/publications/detail/conference-paper/2012/10/16/efficient-algorithms-for-t-way-test-sequence-generation

Conference: 2012 17th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS 2012) Abstract: Combinatorial testing has been shown to be a very effective testing strategy. Most work on combinatorial testing focuses on t-way test data generation, where each test is an unordered set of parameter values. In this paper, we study the problem of t-way test sequence generation, where each test is a...

Publications NISTIR 7622 October 16, 2012
https://csrc.nist.rip/publications/detail/nistir/7622/final

Abstract: This publication is intended to provide a wide array of practices that, when implemented, will help mitigate supply chain risk to federal information systems. It seeks to equip federal departments and agencies with a notional set of repeatable and commercially reasonable supply chain assurance metho...

Publications Conference Proceedings October 11, 2012
https://csrc.nist.rip/publications/detail/conference-paper/2012/10/11/aggregating-cvss-base-scores-for-semantics-rich-netsec-metrics

Conference: 2012 IEEE 31st Symposium on Reliable Distributed Systems (SRDS) Abstract: A network security metric is desirable in evaluating the effectiveness of security solutions in distributed systems. Aggregating CVSS scores of individual vulnerabilities provides a practical approach to network security metric. However, existing approaches to aggregating CVSS scores usually cause u...

Publications ITL Bulletin September 27, 2012
https://csrc.nist.rip/publications/detail/itl-bulletin/2012/09/revised-guide-helps-organizations-handle-security-related-incide/final

Abstract: This bulletin summarizes the information that is included in NIST Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide. This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effe...

Publications SP 800-30 Rev. 1 September 17, 2012
https://csrc.nist.rip/publications/detail/sp/800-30/rev-1/final

Abstract: The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance in Special Publication 800-39. Risk assessments, carried out at all three tiers in the risk management hierarchy, are part of an...

<< first   < previous   59     60     61     62     63     64     65     66     67     68     69     70     71     72     73     74     75     76     77     78     79     80     81     82     83  next >  last >>