Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Projects

Showing 6 matching records.
Automated Combinatorial Testing for Software ACTS
Combinatorial testing is a proven method for more effective software testing at lower cost. The key insight underlying combinatorial testing’s effectiveness resulted from a series of studies by NIST from 1999 to 2004. NIST research showed that most...
Cryptographic Algorithm Validation Program CAVP
The Cryptographic Algorithm Validation Program (CAVP) provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms and their individual components. Cryptographic algorithm validation is a prerequisite of cryptographic...
Entropy as a Service EaaS
Cryptography is critical for securing data at rest or in transit over the IoT. But cryptography fails when a device uses easy-to-guess (weak) keys generated from low-entropy random data. Standard deterministic computers have trouble producing good...
Open Security Controls Assessment Language OSCAL
NIST is developing the Open Security Controls Assessment Language (OSCAL), a set of hierarchical, formatted, XML- and JSON-based formats that provide a standardized representation for different categories of information pertaining to the publication...
Program Review for Information Security Assistance PRISMA
The Program Review for Information Security Management Assistance (PRISMA) includes many review options and incorporates guidelines contained in Special Publication 800-53 (Revision 3), Recommended Security Controls for Federal Information...
Roots of Trust RoT
Modern computing devices consist of various hardware, firmware, and software components at multiple layers of abstraction. Many security and protection mechanisms are currently rooted in software that, along with all underlying components, must be...