Inspection and Sanitization Guidance for Portable Network Graphic (PNG)
The purpose of this document is to provide guidance for the development of a sanitization or analysis software tool for Portable Network Graphics (PNG) files. This document analyzes the various elements contained within the PNG images and then discusses data...
31 January 2018 41 page(s) pdf
Inspection and Sanitization Guidance for the Department of Defense (DOD) Electronic Biometric Transmissions Specifications (EBTS) File Format
The purpose of this document is to provide guidance for the development of sanitization and analysis software for Department of Defense (DOD) Electronic Biometric Transmission Specification (EBTS) biometric files. This document analyzes elements and objects contained within the EBTS file...
31 January 2018 81 page(s) pdf
Analysis of Optical Character Recognition (OCR) Techniques for Security Marking Detection
This document deconstructs the problem of automated character recognition and defines a methodology for conducting optical character recognition (OCR) on images for boundary protection devices to determine their classification. This research can be leveraged in order to make determinations on...
31 January 2018 38 page(s) pdf
This paper provides guidance for creating JSON schemas. Validating JSON instance documents against properly designed JSON schemas can reduce the risk of transferring unauthorized or malicious data. Note that schema validation alone is not enough to prevent transfer of unauthorized...
31 January 2018 54 page(s) pdf
Inspection and Sanitization Guidance for Exchangeable Image Format (EXIF)
Exif is structured, tagged metadata contained within some media file formats. This data is used by digital camera manufacturers and applications that process digital images to provide additional information about media files. The metadata includes manufacturer specific information such as...
31 January 2018 37 page(s) pdf
VPN Registration Form (version 15)
This document is the registration form for VPN.
01 June 2015 5 page(s) pdf
Mobile Device Management: Capability Gaps for High-Security Use Cases
This paper, intended for mobile device platform vendors as well as risk decision makers, provides an overview of MDM platform components and then outlines these gaps in capability.
01 August 2012 2 page(s) pdf
Securing Data and Handling Spillage Events
Data spillage is the transfer of classified or sensitive information to unaccredited or unauthorized systems, individuals, applications, or media. A spillage can be from a higher level classification to a lower one. The data itself may be residual (hidden) data...
01 October 2012 2 page(s) pdf
Suite B Implementer’s Guide to FIPS 186-3 (ECDSA)
This document specifies the Elliptic Curve Digital Signature Algorithm (ECDSA) from the "Digital Signature Standard" [FIPS186-3] that will be used in future and existing cryptographic protocols for Suite B products. It also includes the Suite B elliptic curve domain parameters,...
03 February 2010 35 page(s) pdf
Information Assurance Top 9 Architectural Tenets
This document describes the top 9 Information Assurance Architectural Tenets to address cyber threats and reduce the frequency and impact of incidents.
16 March 2016 2 page(s) pdf
Mathematical routines for the NIST prime elliptic curves
Described in this document are routines for implementing primitives for elliptic curve cryptography on the NIST elliptic curves P–192, P–224, P–256, P–384, and P–521 given in [FIPS186-2]. Also included are specialized routines for field arithmetic over the relevant prime fields...
05 April 2010 44 page(s) pdf
Joint Information Environment
NSA is the Security Advisor for the development of the Joint Information Environment (JIE) cyber security architecture. This document provides an overview of the JIE development process and Cyber Security Reference Architecture (CS RA) security framework.
16 March 2016 2 page(s) pdf
Add all new keywords to this page so they will show in the keyword list for all pages below.
22 December 2015
1-13 of 13 results returned for: "keywords:"data protection""