Search CSRC

Type: Presentation

Type: Presentation

Type: Presentation

Type: Presentation

Type: Presentation

Type: Presentation

NIST and the National Security Agency (NSA) co-hosted the Privilege Management Workshop at NIST in Gaithersburg, Maryland, on September 1-3, 2009. Workshop Results NISTIR 7665, Proceedings of the Privilege Management Workshop, September 1-3, 2009 NISTIR 7657, A Report on the Privilege (Access) Management Workshop Workshop Materials Vision Statement for the Workshop Risk-Adaptable Access Control (RAdAC) A Survey of Access Control Models Presentations Tuesday, September 1 Opening Remarks from NIST Ms. Donna Dodson NIST Workshop Overview Ms. Sandi Roddy, NSA Privilege...

The Cyber Security Research Alliance (CSRA) and National Institute of Standards and Technology (NIST) are sponsoring a two day workshop to explore emerging research needs for cybersecurity in cyber-physical systems with the diverse cyber-physical community at large. The sponsoring organizations seek to have lively discussion on the following topics: Buying the Black Box: Security in Acquisition and Implementation Getting Reliable Information on Vulnerabilities and Threats Working with What We Have: Securing the Base Supply Chain: Its Impact on Securing CPS Approaches to Assurance and...

This workshop will discuss substantive public comments, including open issues) on a draft report about actions to address automated and distributed threats to the digital ecosystem as part of the activity directed by Executive Order 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” In this workshop, the Departments of Commerce and Homeland Security seek to engage all interested stakeholders—including private industry, academia, civil society, and other security experts—on this draft report, its characterization of the threat landscape, the goals laid...

Abstract: The National Institute of Standards and Technology (NIST) Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS) specifies the procedures involved in validating implementations of the Triple DES algorithm in ANSI X9.52 - 1998, Triple Data Encryption Algorithm Modes of...

Abstract: The Standard specifies a suite of algorithms that can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature as evidence...

Abstract: This standard specifies five hash algorithms that can be used to generate digests of messages. The digests are used to detect whether messages have been changed since the digests were generated.

Abstract: This standard specifies four secure hash algorithms, SHA-1, SHA-256, SHA-384, and SHA-512. All four of the algorithms are iterative, one-way hash functions that can process a message to produce a condensed representation called a message digest. These algorithms enable the determination of a message...

Abstract: This standard specifies four secure hash algorithms, SHA-1, SHA-256, SHA-384, and SHA-512. All four of the algorithms are iterative, one-way hash functions that can process a message to produce a condensed representation called a message digest. These algorithms enable the determination of a message...

Abstract: This standard describes a keyed-hash message authentication code (HMAC), a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative Approved cryptographic hash function, in combination with a shared secret key. The cryptographic strength of HMAC de...

Abstract: This standard specifies a suite of algorithms which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature in provin...

Abstract: The National Institute of Standards and Technology (NIST) Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS) specifies the procedures involved in validating implementations of the Triple DES algorithm in ANSI X9.52 - 1998, Triple Data Encryption Algorithm Modes of...

Abstract: This standard specifies a suite of algorithms which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature in provin...

Abstract: The National Institute of Standards and Technology (NIST) Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS) specifies the procedures involved in validating implementations of the Triple DES algorithm in ANSI X9.52 - 1998, Triple Data Encryption Algorithm Modes of...

Abstract: This standard specifies a suite of algorithms which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature in provin...

Abstract: The National Institute of Standards and Technology (NIST) Modes of Operation Validation System (MOVS) specifies the procedures involved in validating implementations of the DES algorithm in FIPS PUB 46-2 The Data Encryption Standard (DES) and the Skipjack algorithm in FIPS PUB 185, Escrowed Encrypti...

Abstract: This standard specifies a Digital Signature Algorithm (DSA) which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signa...

Abstract: This standard specifies a Digital Signature Algorithm (DSA) which can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signa...

Abstract: The predominant application architecture for cloud-native applications consists of multiple microservices, accompanied in some instances by a centralized application infrastructure, such as a service mesh, that provides all application services. This class of applications is generally developed usin...

Abstract: Providing devices with the credentials and policy needed to join a network is a process known as network-layer onboarding. Establishing trust between a network and an IoT device prior to such onboarding is crucial for mitigating the risk of potential attacks. There are two sides of this attack: one...