Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "

Showing 1551 through 1575 of 16390 matching records.
Publications Conference Paper (Final) May 18, 2020
https://csrc.nist.gov/pubs/conference/2020/05/18/defining-actionable-rules-for-verifying-iot-securi/final

Conference: 41st IEEE Symposium on Security and Privacy Abstract: Internet of Things (IoT) is being widely adopted in recent years. Security, however, has lagged behind, as evidenced by the increasing number of attacks that use IoT devices (e.g., an arson that uses a smart oven, burglary via a smart lock). Therefore, the transparency and accountability of those de...

Publications IR 8196 (Final) May 11, 2020
https://csrc.nist.gov/pubs/ir/8196/final

Abstract: Public safety practitioners utilizing the forthcoming Nationwide Public Safety Broadband Network (NPSBN) will have smartphones, tablets, and wearables at their disposal. Although these devices should enable first responders to complete their missions, any influx of new technologies will introduce ne...

Publications SP 800-57 Part 1 Rev. 5 (Final) May 4, 2020
https://csrc.nist.gov/pubs/sp/800/57/pt1/r5/final

Abstract: This Recommendation provides cryptographic key-management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material, including definitions of the security services that may be provided when using cryptography and the...

Publications IR 8294 (Final) April 29, 2020
https://csrc.nist.gov/pubs/ir/8294/final

Abstract: Electric vehicles are becoming common on the Nation’s roads, and the electric vehicle supply equipment infrastructure (EVSE) is being created to support that growth. The NIST Information Technology Lab (ITL) hosted a one-day symposium to showcase federally funded research into the potential cybersec...

Publications IR 8011 Vol. 4 (Final) April 28, 2020
https://csrc.nist.gov/pubs/ir/8011/v4/final

Abstract: The NISTIR 8011 capability-specific volumes focus on the automation of security control assessment within each individual information security capability. They add tangible detail to the more general overview given in NISTIR 8011 Volume 1, providing a template for transition to a detailed, NIST stan...

Publications Other (Final) April 24, 2020
https://csrc.nist.gov/pubs/other/2020/04/24/protecting-data-from-ransomware-and-other-data-los/final

Abstract: The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) developed this publication to help managed service providers (MSPs) improve their cybersecurity and the cybersecurity of their customers. MSPs have become an attractive target for cyb...

Publications CSWP 13 (Final) (Withdrawn) April 23, 2020

https://csrc.nist.gov/pubs/cswp/13/mitigating-risk-of-software-vulnerabilities-ssdf/final

Abstract: Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure the software being developed is well secured. This white paper recommends a core set of high-level secure s...

Publications Project Description (Final) April 13, 2020
https://csrc.nist.gov/pubs/pd/2020/04/13/5g-cybersecurity-preparing-a-secure-evolution-to-5/final

Abstract: Cellular networks will be transitioning from 4G to 5G, and 5G networks will provide increased cybersecurity protections. This project will identify several 5G use case scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet indust...

Publications Conference Paper (Final) April 10, 2020
https://csrc.nist.gov/pubs/conference/2020/04/10/combinatorial-rank-attacks-against-rectangular-sim/final

Conference: 11th International Workshop on Post-Quantum Cryptography (PQCrypto 2020) Abstract: In 2013, Tao et al. introduced the ABC Simple Matrix Scheme for Encryption, a multivariate public key encryption scheme. The scheme boasts great efficiency in encryption and decryption, though it suffers from very large public keys. It was quickly noted that the original proposal, utilizing square m...

Publications Journal Article (Final) April 9, 2020
https://csrc.nist.gov/pubs/journal/2020/04/narrow-spectrum-software-testing-addressing-comple/final

Journal: Computer Abstract: Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Publications SP 800-175B Rev. 1 (Final) March 31, 2020
https://csrc.nist.gov/pubs/sp/800/175/b/r1/final

Abstract: This document provides guidance to the Federal Government for using cryptography and NIST’s cryptographic standards to protect sensitive but unclassified digitized information during transmission and while in storage. The cryptographic methods and services to be used are discussed.

Publications Project Description (Final) March 30, 2020
https://csrc.nist.gov/pubs/pd/2020/03/30/critical-cybersecurity-hygiene-patching-the-enterp/final

Abstract: Cyber hygiene describes recommended mitigations for the small number of root causes responsible for many cybersecurity incidents. Implementing a few simple practices can address these common root causes. Patching is a particularly important component of cyber hygiene, but existing tools and processe...

Publications Project Description (Final) March 26, 2020
https://csrc.nist.gov/pubs/pd/2020/03/26/validating-the-integrity-of-servers-and-client-dev/final

Abstract: Product integrity and the ability to distinguish trustworthy products is a critical foundation of cyber supply chain risk management (C-SCRM). Authoritative information regarding the provenance and integrity of the components provides a strong basis for trust in a computing device, whether it is a c...

Publications SP 800-140C (Final) (Withdrawn) March 20, 2020

https://csrc.nist.gov/pubs/sp/800/140/c/final

Abstract: NIST Special Publication (SP) 800-140C replaces the approved security functions of ISO/IEC 19790 Annex C. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety. This document supersedes ISO/IEC 19790 Annex C and ISO/IEC 24759 6.15.

Publications SP 800-140 (Final) March 20, 2020
https://csrc.nist.gov/pubs/sp/800/140/final

Abstract: NIST Special Publication (SP) 800-140 specifies the modifications of the Derived Test Requirements (DTR) for Federal Information Processing Standard (FIPS) 140-3. SP 800-140 modifies the test (TE) and vendor (VE) evidence requirements of International Organization for Standardization/International E...

Publications SP 800-140A (Final) March 20, 2020
https://csrc.nist.gov/pubs/sp/800/140/a/final

Abstract: NIST Special Publication (SP) 800-140A modifies the vendor documentation requirements of ISO/IEC 19790 Annex A. As a validation authority, the Cryptographic Module Validation Program (CMVP) may modify, add, or delete Vendor Evidence (VE) and/or Test Evidence (TE) as specified under paragraph 5.2 of...

Publications SP 800-140B (Final) (Withdrawn) March 20, 2020

https://csrc.nist.gov/pubs/sp/800/140/b/final

Abstract: NIST Special Publication (SP) 800-140B is to be used in conjunction with ISO/IEC 19790 Annex B and ISO/IEC 24759 section 6.14. The special publication modifies only those requirements identified in this document. SP 800-140B also specifies the content of the tabular and graphical information require...

Publications SP 800-140E (Final) March 20, 2020
https://csrc.nist.gov/pubs/sp/800/140/e/final

Abstract: NIST Special Publication (SP) 800-140E replaces the approved authentication mechanism requirements of ISO/IEC 19790 Annex E. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety with its own list of approved authentication mechanisms....

Publications SP 800-140F (Final) March 20, 2020
https://csrc.nist.gov/pubs/sp/800/140/f/final

Abstract: NIST Special Publication (SP) 800-140F replaces the approved non-invasive attack mitigation test metric requirements of ISO/IEC 19790 Annex F. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety. This document supersedes ISO/IEC 1979...

Publications SP 800-140D (Final) (Withdrawn) March 20, 2020

https://csrc.nist.gov/pubs/sp/800/140/d/final

Abstract: NIST Special Publication (SP) 800-140D replaces the approved sensitive security parameter generation and establishment methods of ISO/IEC 19790 Annex D. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety. This document supersedes IS...

Publications IR 8170 (Final) (Withdrawn) March 19, 2020

https://csrc.nist.gov/pubs/ir/8170/final

Abstract: The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards, guidelines, and practices. These examples incl...

Publications ITL Bulletin (Final) March 18, 2020
https://csrc.nist.gov/pubs/itlb/2020/03/security-for-enterprise-telework-remote-access-and/final

Abstract: Today, many people are teleworking (also known as telecommuting), which is the ability of an organization's employees, contractors, business partners, vendors, and other users to perform work from locations other than the organization's facilities. Teleworkers use various client devices, such as des...

Publications Conference Paper (Final) March 16, 2020
https://csrc.nist.gov/pubs/conference/2020/03/16/automatic-recognition-of-advanced-persistent-threa/final

Conference: 6th ACM International Workshop on Security and Privacy Analytics 2020 Abstract: Advanced Persistent Threats (APT) has become the concern of many enterprise networks. APT can remain undetected for a long time span and lead to undesirable consequences such as stealing of sensitive data, broken workflow, and so on. To achieve the attack goal, attackers usually leverage specific ta...

Publications SP 800-206 (Final) March 13, 2020
https://csrc.nist.gov/pubs/sp/800/206/final

Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...

Publications SP 800-63A (Final) March 2, 2020
https://csrc.nist.gov/pubs/sp/800/63/a/upd2/final

Abstract: These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the enrollment and verification of an identity for use in digital authe...

<< first   < previous   51     52     53     54     55     56     57     58     59     60     61     62     63     64     65     66     67     68     69     70     71     72     73     74     75  next >  last >>