U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1926 through 1950 of 13539 matching records.
Publications Journal Article July 19, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/vulnerability-trends-measuring-progress

Journal: IT Professional Abstract: We analyzed data from the National Vulnerability Database (NVD). Designed and operated by the National Institute of Standards and Technology (NIST) with support from the Department of Homeland Security, the NVD provides fine-grained search capabilities of all publicly reported software vulnerabiliti...

Publications Journal Article July 14, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/measuring-security-risk-of-networks-using-attack-graphs

Journal: International Journal of Next Generation Computing Abstract: Today’s computer systems face sophisticated attackers who combine multiple vulnerabilities to penetrate networks with devastating impact. The overall security of a network cannot be determined by simply counting the number of vulnerabilities. To accurately assess the security of networked systems, o...

Publications NISTIR 7559 June 30, 2010
https://csrc.nist.rip/publications/detail/nistir/7559/final

Abstract: Web services are currently a preferred way to architect and provide complex services. This complexity arises due to the composition of new services and dynamically invoking existing services. These compositions create service inter-dependencies that can be misused for monetary or other gains. When a...

Publications ITL Bulletin June 22, 2010
https://csrc.nist.rip/publications/detail/itl-bulletin/2010/06/how-to-identify-personnel-with-significant-responsibilities-for-/final

Abstract: This bulletin is written to assist federal departments and agencies to meet their information security training responsibilities. Determining who has significant responsibilities for information security is the crucial first step that allows an organization to focus its information security trainin...

Publications Conference Proceedings June 21, 2010
https://csrc.nist.rip/publications/detail/conference-paper/2010/06/21/authentication-assurance-level-taxonomies-for-smart-identity-tok

Conference: 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2010) Abstract: Authentication assurance level taxonomies that have been specified in many real-world smart identity token deployments do not fully reflect all the security properties associated with their underlying authentication mechanisms. In this paper we describe the development and application of a new metho...

Publications NISTIR 7676 June 18, 2010
https://csrc.nist.rip/publications/detail/nistir/7676/final

Abstract: NIST Special Publication 800-73-3 introduces the ability to store retired Key Management Keys within the Personal Identity Verification (PIV) Card Application on a PIV Card. This paper complements SP 800-73-3 by providing some of the rationale for the design of the mechanism for storing retired Key...

Publications Journal Article June 10, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/state-of-security-readiness

Journal: Crossroads Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. However, the security readiness of cloud computing is commonl...

Publications Journal Article June 1, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/adding-attributes-to-role-based-access-control

Journal: Computer (IEEE Computer) Abstract: Role based access control (RBAC) is a popular model for information security. It helps reduce the complexity of security administration and supports the review of permissions assigned to users, a feature critical to organizations that must determine their risk exposure from employee IT system access...

Publications Conference Proceedings May 20, 2010
https://csrc.nist.rip/publications/detail/conference-paper/2010/05/20/a-new-combinational-logic-minimization-technique-with-applicatio

Conference: 9th International Symposium on Experimental Algorithms (SEA 2010) Abstract: A new technique for combinational logic optimization is described. The technique is a two-step process. In the first step, the non-linearity of a circuit – as measured by the number of non-linear gates it contains – is reduced. The second step reduces the number of gates in the linear components of...

Publications SP 800-22 Rev. 1a April 30, 2010
https://csrc.nist.rip/publications/detail/sp/800-22/rev-1a/final

Abstract: This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may be used in many cryptographic applications, such as the generation of key material. Generators suitable for use in cryptographic applications may need to meet stro...

Publications ITL Bulletin April 28, 2010
https://csrc.nist.rip/publications/detail/itl-bulletin/2010/04/guide-to-protecting-personally-identifiable-information/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). Written by Erika McCallister, Tim Grance, and Karen Scarfone of NIST, the publication assists Federal agencies in carryin...

Publications Conference Proceedings April 13, 2010
https://csrc.nist.rip/publications/detail/conference-paper/2010/04/13/privacy-preserving-drm

Conference: 9th Symposium on Identity and Trust on the Internet (IDtrust '10) Abstract: This paper describes and contrasts two families of schemes that enable a user to purchase digital content without revealing to anyone what item he has purchased. One of the basic schemes is based on anonymous cash, and the other on blind decryption. In addition to the basic schemes, we present and c...

Publications SP 800-122 April 6, 2010
https://csrc.nist.rip/publications/detail/sp/800-122/final

Abstract: The purpose of this document is to assist Federal agencies in protecting the confidentiality of personally identifiable information (PII) in information systems. The document explains the importance of protecting the confidentiality of PII in the context of information security and explains its rela...

Publications Journal Article April 1, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/e-mail-security-an-overview-of-threats-and-safeguards

Journal: Journal of AHIMA Abstract: This publication discusses, at a high level, the ubiquitous threats facing email systems today and impresses the need to secure these systems. This article will provide high level tips and techniques for securing email systems and point to resources that an organization can use to further this cause...

Publications Journal Article April 1, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/on-hash-functions-using-checksums

Journal: International Journal of Information Security Abstract: We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one- way checksum functions, is not secure against the second preimage...

Publications NISTIR 7657 March 30, 2010
https://csrc.nist.rip/publications/detail/nistir/7657/final

Abstract: This document is based on the discussions and conclusions of the Privilege (Access) Management Workshop held on 1-3 September, 2009 at the Gaithersburg, Maryland facilities of the National Institute of Standards and Technology (NIST), sponsored by NIST and the National Security Agency (NSA). This do...

Publications Journal Article March 29, 2010
https://csrc.nist.rip/publications/detail/journal-article/2010/data-loss-prevention

Journal: IT Professional Abstract: In today's digital economy, data enters and leaves cyberspace at record rates. A typical enterprise sends and receives millions of email messages and downloads, saves, and transfers thousands of files via various channels on a daily basis. Enterprises also hold sensitive data that customers, busines...

Publications ITL Bulletin March 29, 2010
https://csrc.nist.rip/publications/detail/itl-bulletin/2010/03/revised-guide-helps-federal-organizations-improve-their-risk-man/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. Developed by NIST in partnership with the Joint Task Force Transformation Initiativ...

Publications NISTIR 7653 March 23, 2010
https://csrc.nist.rip/publications/detail/nistir/7653/final

Abstract: This annual report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during Fiscal Year 2009. It discusses all projects and programs within the Division, staff highlights, and publications.

Publications ITL Bulletin February 24, 2010
https://csrc.nist.rip/publications/detail/itl-bulletin/2010/02/secure-management-of-keys-in-cryptographic-applications-guidanc/final

Abstract: This bulletin summarizes the information presented in NIST Special Publication (SP) 800-57, Recommendation for Key Management, Part 3, Application Specific Key Management Guidance. The publication supplements Parts 1 and 2 of SP 800-57, by providing guidance on the management of keys and the selecti...

Publications NISTIR 7658 February 24, 2010
https://csrc.nist.rip/publications/detail/nistir/7658/final

Abstract: SIMfill is a proof-of-concept, open source, application developed by NIST to populate identity modules with test data, as a way to assess the recovery capability of mobile forensic tools. An initial set of test data is also provided with SIMfill as a baseline for creating other test cases. This repo...

Publications Book Section February 1, 2010
https://csrc.nist.rip/publications/detail/book/2010/attacking-paper-based-e2e-voting-systems

In: Towards Trustworthy Elections: New Directions in Electronic Voting (2010) Abstract: In this paper, we develop methods for constructing vote-buying/coercion attacks on end-to-end voting systems, and describe vote-buying/coercion attacks on three proposed end-to-end voting systems: Punchscan, Pret-a-voter, and ThreeBallot. We also demonstrate a different attack on Punchscan, which co...

Publications ITL Bulletin January 27, 2010
https://csrc.nist.rip/publications/detail/itl-bulletin/2010/01/security-metrics-measurements-to-support-the-continued-developm/final

Abstract: This bulletin summarizes the information that was presented in NIST Interagency Report (NISTIR)7564, Directions in Security Metrics Research, by Wayne Jansen. The publication examines past efforts to develop security measurements that could help organizations make informed decisions about the design...

Publications SP 800-38E January 18, 2010
https://csrc.nist.rip/publications/detail/sp/800-38e/final

Abstract: This publication approves the XTS-AES mode of the AES algorithm by reference to IEEE Std 1619-2007, subject to one additional requirement, as an option for protecting the confidentiality of data on storage devices. The mode does not provide authentication of the data or its source.

Publications NISTIR 7609 January 8, 2010
https://csrc.nist.rip/publications/detail/nistir/7609/final

Abstract: On June 8 and 9, 2009, NIST held a Cryptographic Key Management (CKM) Workshop at its Gaithersburg, Maryland, campus that attracted approximately 80 people attending the workshop in person, with another 75 participating through video conferencing, and an additional 36 participating via audio telecon...

<< first   < previous   66     67     68     69     70     71     72     73     74     75     76     77     78     79     80     81     82     83     84     85     86     87     88     89     90  next >  last >>