Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects

Showing 4 matching records.
Access Control Policy Testing ACPT
Access control systems are among the most critical security components. Faulty policies, misconfigurations, or flaws in software implementation can result in serious vulnerabilities. The specification of access control policies is often a challenging problem. Often a system’s privacy and security are compromised due to the misconfiguration of access control policies instead of the failure of cryptographic primitives or protocols. This problem becomes increasingly severe as software systems...
AppVet Mobile App Vetting System AppVet
AppVet is a web application for managing and automating the app vetting process. AppVet facilitates the app vetting workflow by providing an intuitive user interface for submitting and testing apps, managing reports, and assessing risk. Through the specification of APIs, schemas and requirements, AppVet is designed to easily and seamlessly integrate with a wide variety of clients including users, apps stores, and continuous integration environments as well as third-party tools including...
Mobile Forensics
Mobile Forensics There is a critical need in the law enforcement community to ensure the reliability of mobile forensic tools. The Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) establishes methodologies for testing computer forensic software tools by development of general tool specifications, test procedures, test criteria, test sets, and test hardware. The results provide the information necessary for toolmakers to improve tools,...
Roots of Trust RoT
Modern computing devices consist of various hardware, firmware, and software components at multiple layers of abstraction. Many security and protection mechanisms are currently rooted in software that, along with all underlying components, must be trustworthy. A vulnerability in any of those components could compromise the trustworthiness of the security mechanisms that rely upon those components. Stronger security assurances may be possible by grounding security mechanisms in roots of trust....