|
Search
CSRC
Search
Vulnerability
Archive
|
|
Computer Scientist
National Institute of Standards
and Technology
Computer Security Division
Phone: 301-975-3348
Fax: 301-926-2733
E-mail address
photo by R. J. Nelson, 1995
Projects:
- Public Key
Infrastructure (PKI).
PKI is a major focus area for the Computer Security Division. I am currently
developing technical specifications for interoperable PKI components and
planning development of a reference implementation of those specifications.
I participate in the IETF's Internet Public Key Infrastructure (PKI-X)
standards development, and am supporting government agencies planning
near-term procurements of PKI components.
Professional Publications:
Here is a partial list of professional
publications. Where possible, I have included links to an electronic copy
of the document. If unspecified, the document is in PostScript. Some documents
are available in other forms on the division's web server.
- Polk, W. Timothy.
Federal Public Key Infrastructure (PKI) Technical
Specifications, Part A: Requirements. 31 January 1996. [265366 bytes]
- Polk, W. Timothy. A Mapping of Standards and DGSA Standards Requirements,
for DISA/CFS 15 November 1994.
- Bassham, Lawrence E. III and W. Timothy Polk. NISTIR 5283 Security
of SQL-based Implementations of Product Data Exchange Using STEP, October
1993.
- Polk, W. Timothy. Approximating Clark-Wilson "Access Triples" With
Basic UNIX Controls in UNIX Security Symposium IV Proceedings. 4-6 October,
1993.
- Polk, W. Timothy and Lawrence E. Bassham III.
NIST Special Publication 800-8 Security Issues in the Database Language
SQL, August 1993. [309397 bytes]
- Polk, W. Timothy and Lawrence E. Bassham III. Choosing Anti-Virus Tools,
in ABUINetwork News Volume 6, Number 3. May/June 1993.
- Polk, W. Timothy NIST
SP 800-6 Automated Tools for Testing Computer System Vulnerability,
December 1992. [309577 bytes]
- Polk, W. Timothy and Lawrence E. Bassham III.
NIST SP 800-5 A Guide to the Selection of Anti-Virus Tools and Techniques,
December 1992. [403464 bytes]
- Bassham, Lawrence E. III and W. Timothy Polk. Precise Identification
of Computer Viruses, in the proceedings of the 15th National Computer
Security Conference, Vol. II, 13-16 October 1992.
- Bassham, Lawrence E. III and W. Timothy Polk. NISTIR
4939 Threat Assessment of Malicious Code and External Attacks,
October 1992. [in HTML]
- Polk, W. Timothy and Lawrence E. Bassham, III. Security Tools for UNIX
Systems, in the Proceedings of the Fifth International Computer Virus &
Security Conference, 11-13 March 1992.
- Hsiao, Benjamin and W. Timothy Polk. Computer-Assisted Audit Techniques
for UNIX, in the 14th Department of Energy Computer Security Group Conference
Proceedings, 7-9 May 1991.
- Ruthberg, Zella G. and William T. Polk. NIST SP 500-168 Report of the
Invitational Workshop on Data Integrity, September 1989.
- Polk, W. Timothy and Lawrence E. Bassham, III. Expert Assistance for
the Manipulation of SGML Document Type Definitions, in the Proceedings
of the ACM Conference on Document Processing Systems, 5-9 December 1988.
Interests:
- My family, my sail boat, and
my woodworking.
|