U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1951 through 1975 of 13539 matching records.
Publications NISTIR 7665 January 1, 2010
https://csrc.nist.rip/publications/detail/nistir/7665/final

Abstract: Privilege management is large and complex, often the source of heated debate and opinion, and fraught with widely-understood, yet ill-defined terminology and concepts. The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) sponsored the first Privilege Manag...

Publications Conference Proceedings December 4, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/12/04/indifferentiability-characterization-of-hash-functions-and-optim

Conference: 10th International Conference on Cryptology in India (INDOCRYPT 2009) Abstract: Abstract. Understanding what construction strategy has a chance to be a good hash function is extremely important. Nowadays it is getting more importance due to current SHA3 competition which is intended to make a standard for hash functions. In TCC 04, Maurer et al introduced the notion of indiffer...

Publications Journal Article November 20, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/practical-interdomain-routing-security

Journal: IT Professional Abstract: This article reviews risks and vulnerabilities in interdomain routing, and best practices that can have near-term benefits for routing security. It includes examples of routing failures and common attacks on routers, and coutermeasures to reduce router vulnerabilities.

Publications ITL Bulletin November 19, 2009
https://csrc.nist.rip/publications/detail/itl-bulletin/2009/11/cybersecurity-fundamentals-for-small-business-owners/final

Abstract: This bulletin summarizes the information that was published in NIST Interagency Report (NISTIR) 7621, Small Business Information Security: The Fundamentals, by Richard Kissel. The publication presents three major areas that small businesses should address to provide security for their information, s...

Publications Conference Proceedings November 3, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/11/03/herding-second-preimage-and-trojan-message-attacks-beyond-merk

Conference: 16th International Workshop, Selected Areas in Cryptography (SAC 2009) Abstract: In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this tech...

Publications ITL Bulletin October 29, 2009
https://csrc.nist.rip/publications/detail/itl-bulletin/2009/10/protecting-information-systems-with-firewalls-revised-guideline/final

Abstract: Firewalls are essential devices or programs that help organizations protect their networks and systems, and help home users protect their computers, from hostile attacks, break-ins, viruses, and malicious software. Firewalls control the flow of network traffic between networks and between hosts that...

Publications Conference Proceedings October 16, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/10/16/random-vs-combinatorial-methods-for-simulation-of-grid-computer

Conference: MODSIM World 2009 Abstract: This study compared random and t-way combinatorial inputs of a network simulator, to determine if these two approaches produce significantly different deadlock detection for varying network configurations. Modeling deadlock detection is important for analyzing configuration changes that could inadve...

Publications Conference Proceedings October 14, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/10/14/an-analysis-of-cvss-version-2-vulnerability-scoring

Conference: 5th International Workshop on Security Measurements and Metrics, 2009 (MetriSec 2009) Abstract: The Common Vulnerability Scoring System (CVSS) is a specification for measuring the relative severity of software vulnerabilities. Finalized in 2007, CVSS version 2 was designed to address deficiencies found during analysis and use of the original CVSS version. This paper analyzes how effectively CV...

Publications NISTIR 7617 October 14, 2009
https://csrc.nist.rip/publications/detail/nistir/7617/final

Abstract: This report concerns the theoretical and practical issues with automatically populating mobile devices with reference test data for use as reference materials in validation of forensic tools. It describes an application and data set developed to populate identity modules and highlights subtleties in...

Publications Journal Article October 6, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/open-issues-in-secure-dns-deployment

Journal: IEEE Security & Privacy Abstract: This paper describes some practical administrative issues and challenges in the deployment of DNSSEC - an IETF specified suite of security measures for securing the Domain Name System (DNS). The issues covered include: (a) Choice of Cryptographic algorithms and Key Sizes (2) Roll over schemes for Cr...

Publications NISTIR 7581 September 30, 2009
https://csrc.nist.rip/publications/detail/nistir/7581/final

Abstract: This report contains a list of selected acronyms and abbreviations for system and network security terms with their generally accepted or preferred definitions. It is intended as a resource for Federal agencies and other users of system and network security publications.

Publications SP 800-41 Rev. 1 September 28, 2009
https://csrc.nist.rip/publications/detail/sp/800-41/rev-1/final

Abstract: Firewalls are devices or programs that control the flow of network traffic between networks or hosts employing differing security postures. This publication provides an overview of several types of firewall technologies and discusses their security capabilities and their relative advantages and disa...

Publications Conference Paper September 25, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/09/25/desirable-properties-of-voting-systems

Conference: End-to-End Voting Systems Workshop Abstract: This paper provides definitions for some desirable properties of voting systems, including auditability, ballot secrecy, incoercibility, usability and accessibility. In the context of these desirable properties, it defines the class of end-to-end independently verifiable (E2E) voting systems that pr...

Publications NISTIR 7620 September 23, 2009
https://csrc.nist.rip/publications/detail/nistir/7620/final

Abstract: The National Institute of Standards and Technology is in the process of selecting a new cryptographic hash algorithm through a public competition. The new hash algorithm will be referred to as “SHA-3” and will complement the SHA-2 hash algorithms currently specified in FIPS 180-3, Secure Hash Standa...

Publications SP 800-102 September 23, 2009
https://csrc.nist.rip/publications/detail/sp/800-102/final

Abstract: Establishing the time when a digital signature was generated is often a critical consideration. A signed message that includes the (purported) signing time provides no assurance that the private key was used to sign the message at that time unless the accuracy of the time can be trusted. With the ap...

Publications NISTIR 7611 August 14, 2009
https://csrc.nist.rip/publications/detail/nistir/7611/final

Abstract: This document describes the use of ISO/IEC 24727 in enabling client-applications to access identity credentials issued by different credential issuers.

Publications Book Section August 12, 2009
https://csrc.nist.rip/publications/detail/book/2009/security--privacy-issues-in-agent-based-location-aware-mobile-commerce

In: Safety and Security in Multiagent Systems: Research Results from 2004-2006 (2009) Abstract: Mobile commerce and location-aware services promise to combine the conveniences of both online and offline bricks-and-mortar services. Just as agent-enabled desktop computers can be used to improve a user s e-commerce experience, so can agent-enabled mobile devices be used to improve a user s mobile...

Publications Journal Article August 7, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/combinatorial-software-testing

Journal: Computer (IEEE Computer) Abstract: Developers of large data-intensive software often notice an interesting – though not surprising – phenomenon: when usage of an application jumps dramatically, components that have operated for months without trouble suddenly develop previously undetected errors. For example, newly added customers ma...

Publications ITL Bulletin July 23, 2009
https://csrc.nist.rip/publications/detail/itl-bulletin/2009/07/risk-management-framework--helping-organizations-implement-effe/final

Abstract: This bulletin summarizes information about the Risk Management Framework (RMF) and points to NIST standards and guidelines that assist agencies in achieving effective security for their information technology (IT) systems. The RMF guides agencies through a series of steps, taking into account the ri...

Publications Conference Proceedings July 21, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/07/21/fast-and-secure-cbc-type-mac-algorithms

Conference: 16th International Workshop, Fast Software Encryption (FSE 2009) Abstract: The CBC-MAC, or cipher block chaining message authentication code, is a well-known method to generate message authentication codes. Unfortunately, it is not forgery-secure over an arbitrary domain. There are several secure variants of CBC-MAC, among which OMAC (or one-key CBC-MAC) is a widely-used c...

Publications Conference Proceedings July 10, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/07/10/access-specification-and-validation-framework-for-secure-smart-i

Conference: 13th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI 2009) Abstract: Deployment of smart cards as identity tokens (Smart ID Cards) requires the support of an enterprise system called Identity Management System (IDMS) for collection, storage, processing and distribution of personal identity credentials. Secure configuration of IDMS for this application domain (IDMS-SC...

Publications Conference Proceedings June 29, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/06/29/characterizing-padding-rules-of-md-hash-functions-preserving-col

Conference: 14th Australasian Conference on Information Security and Privacy (ACISP 2009) Abstract: This paper characterizes collision preserving padding rules and provides variants of Merkle-Damgard (MD) which are having less or no overhead costs due to length. We first show that suffix-free property of padding rule is necessary as well as sufficient to preserve the collision security of MD hash...

Publications Book Section June 15, 2009
https://csrc.nist.rip/publications/detail/book/2009/cyber-security-standards

In: Wiley Handbook of Science and Technology for Homeland Security (2010) Abstract: The goal of cyber security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures. A cyber security standard defines both functional and assurance requirements within a product, system, process, or technology environment. Well-developed cy...

Publications Journal Article May 27, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/understanding-insecure-it-practical-risk-assessment

Journal: IT Professional Abstract: IT systems have long been at risk from vulnerable software, malicious actions, or inadvertent user errors, in addition to run-of-the-mill natural and human-made disasters. As we discussed in the last issue ( Surviving Insecure IT: Effective Patch Management, pp. 49 51), effective patch management is...

Publications NISTIR 7564 April 30, 2009
https://csrc.nist.rip/publications/detail/nistir/7564/final

Abstract: More than 100 years ago, Lord Kelvin insightfully observed that measurement is vital to deep knowledge and understanding in physical science. During the last few decades, researchers have made various attempts to develop measures and systems of measurement for computer security with varying degrees...

<< first   < previous   67     68     69     70     71     72     73     74     75     76     77     78     79     80     81     82     83     84     85     86     87     88     89     90     91  next >  last >>