These are the proceedings of a summit held in June 2006 at the National Institute of Standards and Technology (NIST). This Static Analysis Summit is one of a series of meetings in the NIST Software Assurance Measurement and Tool Evaluation (SAMATE) project. This summit convened researchers, developers, and government and industrial users to explore the state of the art in software static analysis tools and techniques with an emphasis on software security. It is also served as a prelude to an international summit in Spring 2007. This proceeding includes the ten papers presented, the keynote...
These are the proceedings of a summit held in June 2006 at the National Institute of Standards and Technology (NIST). This Static Analysis Summit is o...
A log is a record of the events occurring within an organization's systems and networks. Logs are composed of log entries; each entry contains information related to a specific event that has occurred within a system or network. Many logs within an organization contain records related to computer security. These computer security logs are generated by many sources, including security software, such as antivirus software, firewalls, and intrusion detection and prevention systems; operating systems on servers, workstations, and networking equipment; and applications.
A log is a record of the events occurring within an organization's systems and networks. Logs are composed of log entries; each entry contains informa...
This document introduces the Border Gateway Protocol (BGP), explains its importance to the Internet, and provides a set of best practices that can help in protecting BGP. Best practices described here are intended to be implementable on nearly all currently available BGP routers. While a number of enhanced protocols for BGP have been proposed, these generally require substantial changes to the protocol and may not interoperate with current BGP implementations. While the recommendations in this documentcan contribute to greatly improved BGP security, they are not a complete defense against all...
This document introduces the Border Gateway Protocol (BGP), explains its importance to the Internet, and provides a set of best practices that can hel...
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology promotes the United States economy and public welfare by providing technical leadership for the Nation's measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof-of-concept implementations, and technical analyses to advance the development and productive use of information technology. ITL's responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of...
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology promotes the United States economy and public welfar...
Voice over IP - the transmission of voice over packet-switched IP networks - is one of the most important emerging trends in telecommunications. As with many new technologies, VOIP introduces both security risks and opportunities. VOIP has a very different architecture than traditional circuit-based telephony, and these differences result in significant security issues. Lower cost and greater flexibility are among the promises of VOIP for the enterprise, but VOIP should not be installed without careful consideration of the security problems introduced. Administrators may mistakenly assume...
Voice over IP - the transmission of voice over packet-switched IP networks - is one of the most important emerging trends in telecommunications. As wi...
Stephen W. Banovic National Institute of Standards and Tech
This report analyzes the structural steel available from World Trade Center (WTC) 1, 2, and 7 to determine the metallurgical and mechanical properties and quality of the metal, weldments, and connections and to provide these data for other analyses in the National Institute of Standards and Technology (NIST) Investigation.
This report analyzes the structural steel available from World Trade Center (WTC) 1, 2, and 7 to determine the metallurgical and mechanical properties...
National Institute of Standards and Tech Elizabeth Chew Marianne Swanson
This document is a guide to assist in the development, selection, and implementation of measures to be used at the information system and program levels. These measures indicate the effectiveness of security controls applied to information systems and supporting information security programs. Such measures are used to facilitate decision making, improve performance and increase accountability through the collection, analysis, and reporting of relevant performance-related data-providing a way to tie the implementation, efficiency, and effectiveness of information system and program security...
This document is a guide to assist in the development, selection, and implementation of measures to be used at the information system and program leve...
National Institute of Standards and Tech Ramaswamy Chandramoouli Dennis Bailey
The objectives of the guidelines in this document are to- Outline the requirements to be met by a PCI, the rationale for the requirements and the assessment procedures required to determine the satisfaction of those requirements by a PCI through a combination of policies, procedures, and operations. Describe an accreditation methodology that provides a framework for organizing the requirements and assessment procedures stated above and at the same time provides coverage for all the control objectives stated in HSPD-12. Demonstrate the fact that the application of the methodology will result...
The objectives of the guidelines in this document are to- Outline the requirements to be met by a PCI, the rationale for the requirements and the asse...