U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1976 through 2000 of 13539 matching records.
Publications Conference Proceedings April 14, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/04/14/quantum-resistant-public-key-cryptography-a-survey

Conference: 8th Symposium on Identity and trust on the Internet (IDtrust '09) Abstract: Public key cryptography is widely used to secure transactions over the Internet. However, advances in quantum computers threaten to undermine the security assumptions upon which currently used public key cryptographic algorithms are based. In this paper, we provide a survey of some of the public key...

Publications Conference Proceedings March 31, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/03/31/a-location-based-mechanism-for-mobile-device-security

Conference: 2009 WRI World Congress on Computer Science and Information Engineering Abstract: While mobile handheld devices, such as cell phones and PDAs, provide productivity benefits, they also pose new risks. A vital safeguard against unauthorized access to a device s contents is authentication. This paper describes a location-based authentication mechanism that employs trusted servers ca...

Publications Conference Proceedings March 30, 2009
https://csrc.nist.rip/publications/detail/conference-paper/2009/03/30/making-the-case-for-eap-channel-bindings

Conference: IEEE Sarnoff Symposium, 2009 (SARNOFF '09) Abstract: In current networks that use EAP and AAA for authenticated admission control, such as WiFi, WiMAX, and various 3G internetworking protocols, a malicious base station can advertise false information to prospective users in an effort to manipulate network access in some way. This can result a number o...

Publications ITL Bulletin March 25, 2009
https://csrc.nist.rip/publications/detail/itl-bulletin/2009/03/the-cryptographic-hash-algorithm-family-revision-of-the-secure-/final

Abstract: This bulletin summarizes information disseminated in Federal Information Processing Standard (FIPS) 180-3, Secure Hash Standard; NIST Special Publication (SP) 800-107, Recommendation for Applications Using Approved Hash Algorithms, by Quynh Dang; SP 800-106, Randomized Hashing for Digital Signatures...

Publications Journal Article March 21, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/surviving-insecure-it-effective-patch-management

Journal: IT Professional Abstract: The amount of time to protect enterprise systems against potential vulnerability continues to shrink. Enterprises need an effective patch management mechanism to survive the insecure IT environment. Effective patch management is a systematic and repeatable patch distribution process which includes e...

Publications NISTIR 7536 March 16, 2009
https://csrc.nist.rip/publications/detail/nistir/7536/final

Abstract: This annual report covers the work conducted within the National Institute of Standards and Technology's Computer Security Division during Fiscal Year 2008. It discusses all projects and programs within the Division, staff highlights, and publications.

Publications ITL Bulletin February 26, 2009
https://csrc.nist.rip/publications/detail/itl-bulletin/2009/02/using-personal-identity-verification-piv-credentials-in-physic/final

Abstract: This bulletin summarizes information disseminated in NIST Special Publication (SP) 800-116, A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS), written by William MacGregor of NIST, Ketan Mehta of Mehta, Inc., and David Cooper and Karen Scarfone of NIST. The pu...

Publications SP 800-106 February 25, 2009
https://csrc.nist.rip/publications/detail/sp/800-106/final

Abstract: NIST-approved digital signature algorithms require the use of an approved cryptographic hash function in the generation and verification of signatures. Approved cryptographic hash functions and digital signature algorithms can be found in FIPS 180-3, Secure Hash Standard (SHS), and FIPS 186-3, Digit...

Publications Encyclopedia Entry February 13, 2009
https://csrc.nist.rip/publications/detail/book/2009/common-biometric-exchange-formats-framework-standardization

In: Encyclopedia of Biometrics (2009) Abstract: Common Biometric Exchange Formats Framework (CBEFF) provides a standardized set of definitions and procedures that support the interchange of biometric data in standard data structures called CBEFF biometric information records (BIRs). CBEFF permits considerable flexibility regarding BIR structures...

Publications Journal Article January 20, 2009
https://csrc.nist.rip/publications/detail/journal-article/2009/introducing-"insecure-it"

Journal: IT Professional Abstract: This article introduces "insecure IT", a new department for IT Professional that will cover security weaknesses in IT systems, ranging from desktops to global e-commerce networks. This regular feature will offer ideas to improve IT security, both by looking at ways it can go wrong as well as by cove...

Publications NISTIR 7539 December 22, 2008
https://csrc.nist.rip/publications/detail/nistir/7539/final

Abstract: This paper describes architectures for securely injecting secret keys onto smart cards. Specifically, this paper details key injection architectures based on the identity credentials available on the Personal Identify Verification (PIV) Card. The primary goal is to create additional opportunities fo...

Publications Conference Proceedings December 20, 2008
https://csrc.nist.rip/publications/detail/conference-paper/2008/12/20/property-verification-for-generic-access-control-models

Conference: 2008 IEEE/IFIP International Symposium on Trust, Security and Privacy for Pervasive Applications (TSP-08) Abstract: To formally and precisely capture the security properties that access control should adhere to, access control models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new general approach for property verification for acces...

Publications Book Section December 19, 2008
https://csrc.nist.rip/publications/detail/book/2008/assurance-for-identity-enabled-authorization-policies

In: Identity & Policy: a Common Platform for a Pervasive Policy Paradigm (2008) Abstract: In this chapter, we describe an authorization policy validation framework. Authorization (or access control) policies, just like device policies and privacy policies, are an important class of policies for safeguarding enterprise resources. Specifically, authorization policies provide confidentialit...

Publications NISTIR 7551 December 19, 2008
https://csrc.nist.rip/publications/detail/nistir/7551/final

Abstract: This report contains the results of NIST s research into technologies to improve the voting process for United States citizens living overseas. It splits the overseas voting process into three stages: voter registration and ballot request, blank ballot delivery, and voted ballot return. For each sta...

Publications Book Section December 19, 2008
https://csrc.nist.rip/publications/detail/book/2008/identity-enabled-privacy-policies

In: Identity & Policy: a Common Platform for a Pervasive Policy Paradigm (2008) Abstract: The primary motivation behind formulation of any privacy policy (policy in the context of this chapter refers to technical policies defined, specified and enforced within the relevant information systems) is to restrict the disclosure of identity of an individual (in certain locations, events or tra...

Publications ITL Bulletin December 18, 2008
https://csrc.nist.rip/publications/detail/itl-bulletin/2008/12/guide-to-information-security-testing-and-assessment/final

Abstract: This bulletin summarizes information disseminated in NIST Special Publication (SP) 800-115, Technical Guide to Information Security Testing and Assessment: Recommendations of the National Institute of Standards and Technology, which was written by Karen Scarfone and Murugiah Souppaya of NIST, and by...

Publications Conference Proceedings December 17, 2008
https://csrc.nist.rip/publications/detail/conference-paper/2008/12/17/two-new-efficient-cca-secure-online-ciphers--mhcbc-and-mcbc

Conference: 9th International Conference on Cryptology in India (INDOCRYPT 2008) Abstract: Online ciphers are those ciphers whose ciphertexts can be computed in an online manner. HCBC1 and HCBC2 are two known examples of Hash Cipher Block Chaining online ciphers. HCBC1 is secure against chosen plaintext adversary (or called CPA-secure) whereas HCBC2 is secure against chosen ciphertext adv...

Publications Conference Proceedings November 30, 2008
https://csrc.nist.rip/publications/detail/conference-paper/2008/11/30/security-challenges-in-seamless-mobility-how-to-``handover''-th

Conference: 4th International ICST Conference on Wireless Interet (WICON 2008) Abstract: In this paper, we discuss key management challenges for seamless handovers across heterogeneous wireless networks. We focus on fast access authentication protocols that allow expedited network entry by utilizing existing keying material from previous access authentications. For a seamless handover,...

Publications Conference Proceedings November 13, 2008
https://csrc.nist.rip/publications/detail/conference-paper/2008/11/13/access-control-policy-composition-for-resource-federation-networ

Conference: 2008 International Computer Symposium (ICS 2008) Abstract: The availability of global, pervasive information relies on seamless access to federated resources through sharing and trust between the participating members. However, most of the current architectures for federation networks are designed based on a centralized authorization management schema that...

Publications Conference Proceedings October 29, 2008
https://csrc.nist.rip/publications/detail/conference-paper/2008/10/29/vulnerability-scoring-for-security-configuration-settings

Conference: 4th ACM Workshop on Quality of Protection (QoP'08) Abstract: The best-known vulnerability scoring standard, the Common Vulnerability Scoring System (CVSS), is designed to quantify the severity of security-related software flaw vulnerabilities. This paper describes our efforts to determine if CVSS could be adapted for use with a different type of vulnerability...

Publications SP 800-66 Rev. 1 October 23, 2008
https://csrc.nist.rip/publications/detail/sp/800-66/rev-1/final

Abstract: Special Publication 800-66 Rev. 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, which discusses security considerations and resources that may provide value when implementing the requirements of the HIPAA Security...

Publications ITL Bulletin October 15, 2008
https://csrc.nist.rip/publications/detail/itl-bulletin/2008/10/keeping-information-technology-it-system-servers-secure--a-ge/final

Abstract: This bulletin summarizes information disseminated in NIST Special Publication (SP) 800-123, Guide to General Server Security: Recommendations of the National Institute of Standards and Technology, which was written by Karen Scarfone and Wayne Jansen of NIST and by Miles Tracy of Federal Reserve Info...

Publications Encyclopedia Entry October 7, 2008
https://csrc.nist.rip/publications/detail/book/2008/electronic-voting

In: Encyclopaedia Britannica Online (2009) Abstract: Definition of electronic voting. General discussion of issues related to the deployment of this technology in different countries.

Publications SP 800-115 September 30, 2008
https://csrc.nist.rip/publications/detail/sp/800-115/final

Abstract: The purpose of this document is to assist organizations in planning and conducting technical information security tests and examinations, analyzing findings, and developing mitigation strategies. The guide provides practical recommendations for designing, implementing, and maintaining technical info...

Publications ITL Bulletin September 18, 2008
https://csrc.nist.rip/publications/detail/itl-bulletin/2008/09/using-performance-measurements-to-evaluate-and-strengthen-inform/final

Abstract: This bulletin summarizes information disseminated in NIST Special Publication (SP) 800-55, Revision 1, Performance Measurement Guide for Information Security, by Elizabeth Chew, Marianne Swanson, Kevin Stine, Nadya Bartol, Anthony Brown, and Will Robinson. The guide provides specific advice on devel...

<< first   < previous   68     69     70     71     72     73     74     75     76     77     78     79     80     81     82     83     84     85     86     87     88     89     90     91     92  next >  last >>