FY 2000 ITL Publications
Note that some documents are published in more than one place. Due to the large number of documents, publications listed in previous ITL Technical Accomplishment reports are not repeated.
Fenimore, Charles; Mastering and Archiving Uncompressed Digital Video Test Materials; Proceedings of the SMPTE 142nd Technical Conference, Pasadena, California, October 18- 21, 2000; 10/18/2000
This is a report on the status of a Society of Motion Picture and Television Engineers (SMPTE) Ad Hoc Group charged with creating a master set of images for subjective testing of electronic systems. The images are to be sold at cost by SMPTE for use in the evaluation of electronic systems. The first task is creation of a master representation of the image sequences to enable preservation of the images in a consistent and stable storage environment. With the restoration of the many images available to the Society and the return to a pristine image state when possible, image sequences will be provided to the SMPTE in a digital file format. The Society will then offer the sequences for sale in various formats [both in digital data media and uncompressed digital video] for the purpose of subjective testing of electronic systems. This report also includes representative images from each sequence in the set of standard definition materials, the first fruits of the AHG. Finally, the report is a request for feedback and suggestions on the quality of, and the interest in, this process.
Ferraiolo, David, Mell, Peter; Operating System Security: Adding to the Arsenal of Security Techniques; ITL Bulletin, December 1999; 12/28/1999
The purpose of this bulletin is twofold. First, it provides an overview of some security features that have often been neglected in mainstream operating systems. It describes the extent to which these features have been implemented and how users can take full advantage of the available capabilities. Second, it warns users that OS security along with most other mainstream security mechanisms is imperfect and can not stop all attacks. Despite this
fact, using a combination of different security mechanisms can create a strong security barrier against attacks. Understanding the strengths and weaknesses of these techniques can aid one in the development of appropriate security policies, risk management plans, and in the purchasing of security technology.
Fiscus, Jonathan G., Doddington, George, R.; Results of the 1999 Topic Detection and Tracking Evaluation in Mandarin and English; 6th International Conference on Spoken Language Processing (ICSLP) Beijing, China
The National Institute of Standards and Technology (NIST) administered the second open evaluation of Topic Detection and Tracking (TDT) technologies in 1999. The TDT project supports development of technologies that automatically organize event-related news stories. The program leverages expertise in core technologies, Automatic Speech Recognition (ASR), Document Retrieval (DR), and Machine Translation (MT) to build the TDT technologies. The 1999 TDT project extended the 1998 TDT project in two dimensions, first by adding Mandarin Chinese audio and text sources and second by adding two new evaluation tasks. Through experimental controls and conditioned analysis of system performance, the 1999 evaluation yielded numerous insights into the effects of multilingual texts on TDT technologies. Three notable generalizations arise from the evaluation: (1) English and Mandarin story segmentation performance is similar, (2) cross-lingual topic tracking performance is 44% worse than monolingual tracking, and (3) multilingual topic detection performance is 37% worse than monolingual topic detection.
Fisher, G.E., Cherry, M.; Y2K Embedded System Testing Guidelines; Web page; 10/27/1999
Guidelines for what to test in the embedded systems world are presented with respect to the year 2000 problem.
Fowler, H.A., Devaney, J.E., Hagedorn, J.G.; Growth Model for Filamentary Streamers in an Ambient Field; NISTIR 6504 and IEEE Transactions on Dielectrics and Electrical Insulation; 4/3/2000
We have simulated the fast streamer stage of liquid dielectric breakdown as stochastic growth of a branching fractal tree. Breakdown and threshold properties of the fluid are represented in the random filter procedure. A range of fractal densities, from sparse to bushy, is approximated by the choice of power law (4th power to linear). The choice of threshold (cutoff) voltage also significantly affects the growth form. These parameters combine with the shape and concentration on the electric field, to regulate the distribution and directedness of the local discharge pattern. A large grid (128 cubed) is used for the discretization. Diagonal growth paths to neighbor-vertices are included, increasing the choice of available directions for each discharge event. We use a combination of data-parallel programming and three-dimensional visualization. Complete grow histories, evolving from the voltage distribution, can be displayed in animation or in color banding against the "trials" variable, which simulates a time tick. Side vies of the structures provide comparison against sub-microsecond snapshots from experiment. Results include sparse, directed trees evolving from a 4th power-law filter; also dense trees from a linear filter, whose conical upper-envelope boundary is strongly influenced by choice of threshold (cutoff) potential.
Galtier, Virginie, Mills, Kevin L., Carlinet, Yannick, Leigh, Stefan, Rukhin, Andrew; Calibrating an Active Network Node, Proceedings of 2nd Workshop on Active MiddleWare Services
Active Network technology envisions deployment of virtual execution environments within network elements, so that nonhomogeneous processing can be applied to network traffic. For management purposes, each node must have a meaningful understanding of resource requirements -- in terms of bandwidth, memory, and processing. To express the processing requirements in a platform-independent manner, we are developing a model of CPU time usage, which comes in two parts: a node model and an application model. In order to generate instances of the model, one needs to gather some metrics relative to the platform, that is, to calibrate a node. We have investigated what factors this process of calibration should account for, and especially how background load on a node affects our ability to obtain accurate calibrations for the CPU time used by node operating system calls and by virtual execution environments. We have shown that a background load, either computation intensive or input/output intensive, has little influence on the calibration. On the contrary, a memory consuming background load introduces an overhead in some measurements. The paper draws the conclusion that the calibration of a node can be done whatever the background load, provided that the memory consuming loads can be suppressed if necessary.
Galtier, Virginie, Mills, Kevin L., Carlinet, Yannick, Leigh, Stefan, Rukhin, Andrew; Expressing Meaningful Processing Requirements Among Heterogeneous Nodes in an Active Network; Proceedings of 2nd International Workshop in Software Performance
Active Network technology envisions deployment of virtual execution environments within network elements, such as switches and routers, so that nonhomogeneous processing can be applied to network traffic associated with services, flows, or even individual packets. To use such a technology safely and efficiently, individual nodes must provide mechanisms to enforce resource limits associated with specific network traffic. In order to provide enforcement mechanisms, each node must have a meaningful understanding of the resource requirements for specific network traffic. In Active Network nodes, resource requirements typically come in three categories: bandwidth, memory, and processing. Well-accepted metrics exist for expressing bandwidth (bits per second) and memory (bytes) in units independent of the capabilities of particular nodes. Unfortunately, no well-accepted metric exists for expressing processing (i.e., CPU time) requirements in a platform-independent form. This paper investigates a method to express the CPU time requirements of Active Applications (similar to distributed, mobile agents) in a form that can be meaningfully interpreted among heterogeneous nodes in an Active Network. The model consists of two parts: a node model and an application model. For modeling applications, the paper describes and evaluates a semi-stochastic state-transition model intended to represent the CPU usage requirements of Active Applications. Using measurement data, the general model is instantiated for two Active Applications, ping and multicast. The instantiated models are simulated, and the simulation results are compared against real measurements. For both Active Applications, the simulated and measured CPU time usage compare within 5% for the mean and for high percentiles. The paper also evaluates three different scaling factors that might be used to transform a model accurate on one node into terms that prove accurate on another node. We found that scaling yields inaccurate results when based on the ratio of processor speeds or on the ratio of performance on a preliminary node calibration workload. When we used an arbitrary scaling factor to achieve a close correspondence between simulation and real measurements for the ping application, that same scaling factor proved effective for transforming a model of the multicast application.
Garofolo, J.S., Auzanne, C.G.P., Voorhees, E.M.; The TREC Spoken Document Retrieval Track: A Success Story; Included in NIST SP 500-246 and Proceedings of RIAO-2000, Content-Based Multimedia Information Access, Paris, France, 2000
This paper describes work within the NIST Text REtrieval Conference (TREC) over the last three years in designing and implementing evaluations of Spoken Document Retrieval (SDR) technology within a broadcast news domain. SDR involves the search and retrieval of excerpts from spoken audio recordings using a combination of automatic speech recognition and information retrieval technologies. The TREC SDR Track has provided an infrastructure for the development and evaluation of SDR technology and a common forum for the exchange of knowledge between the speech recognition and information retrieval research communities. The SDR Track can be declared a success in that it has provided objective, demonstrable proof that this technology can be successfully applied to realistic audio collections using a combination of existing technologies and that it can be objectively evaluated. The design and implementation of each of the SDR evaluations are presented and the results are summarized. Plans for the 2000 TREC SDR Track are presented and thoughts about how the track might evolve are discussed.
Garris, M.D., McCabe, R.M.; NIST Special Database 27Fingerprint Minutiaefrom Latent and Matching Tenprint Images; NISTIR 6534; 6/30/2000
The National Institute of Standards and Technology in conjunction with the Federal Bureau of Investigation has developed a new database of grayscale fingerprint images and corresponding minutiae data. The database contains latent fingerprints from crime scenes and their matching rolled fingerprint mates. In all, there are 258 latent cases. Each case includes the latent image, the matching tenprint image, and four sets of minutiae that have been validated by a professional team of latent examiners. One set of minutiae contains all minutiae points on the latent fingerprint; the second set contains all minutiae points on the tenprint mate; the other two sets contain the minutiae points in common between the latent fingerprint and tenprint
mate. In all, there are 27,426 minutiae recorded across the set of tenprints with 5460 minutiae in common with their matching latent fingerprint. All data files are formatted according to the ANSI/NIST-ITL 1-2000 standard using Type-1, 9, 13, & 14 records. Software utilities are provided to read, write, and manipulate these files. The database can be used to develop and test new fingerprint algorithms, test commercial and research AFIS systems, train latent examiners, and promote the ANSI/NIST file format standard.
George, W. L., Hagedorn, J.G., Devaney, J.E.; IMPI: Making MPI Interoperable; NIST Journal of Research, Vol. 105, No. 3, May-June 2000; 6/1/2000
The Message Passing Interface (MPI) is the de facto standard for writing parallel scientific applications in the message passing programming paradigm. Implementations of MPI were not designed to interoperate thus limiting the environments in which parallel jobs could be run. We briefly describe here a set of protocols, designed by a steering committee of current implementors of MPI, that enable two or more implementations of MPI to interoperate within
a single application. Specifically, we introduce the set of protocols collectively called Interoperable MPI (IMPI). These protocols make use of novel techniques to handle difficult requirements such as maintaining interoperability among all IMPI implementations while also allowing for the independent evolution of the collective communication algorithms used in IMPI. Our contribution to this effort has been as a facilitator for meetings, editor of the
IMPI Standard document, and as an early testbed for implementations of IMPI. This testbed is in the form of an IMPI conformance tester; a system that can verify the correct operation of an IMPI-enabled version of MPI.
Golmie, N., Mouveaux, F.; The Impact of WLAN Interference on Bluetooth: Initial Results; Proceedings of INFOCOM'2001, Anchorage, Alaska, April 22-26, 2001; 4/22/2001
The emergence of Bluetooth devices operating in the same 2.4 GHz ISM frequency band as existing Wireless Local Area Network devices implementing the IEEE 802.11 standard specifications may lead to signal interference and result in significant performance degradation of both systems. In this paper, we attempt to quantify the performance of Bluetooth devices operating in the same environment as WLAN devices. We derive a probability of packet collision at the Bluetooth receiver based on frequency and packet frequency overlap time and use it to give preliminary results on the impact of interference on Bluetooth systems. Performance is measured in terms of packet loss and access delay for voice and data traffic. We show the effect of FEC on the results for different symbol error rates.
Golmie, N., Mouveaux, F.; Modeling and Simulation of MAC Protocols for Wireless Devices: Coexistence Performance Evaluation; Proceedings of OPNETWORK 2000, Washington, DC, August 28-September 1, 2000; 8/28/2000
The IEEE 802 has recently formed a new working group, 802.15, for developing Physical and Medium Access Control layer specifications for Wireless Personal Area Networks (WPANs) that allow proximal devices to share information and resources. One technology from the Bluetooth Special Interest Group is candidate for adoption by 802.15. Bluetooth employs the 2.4 GHZ ISM band sharing it with Wireless LAN (WLAN) products implementing the IEEE 802.11 standard. It is anticipated that some interference will result from WLAN and WPAN devices sharing the same air space. The conditions such as network topology, device parameters and protocol implemented that may render WPAN and WLAN devices non-operable are currently under study by the IEEE 802.15 Task
Group on coexistence. This presentation focuses on the effort undertaken by NIST to model MAC protocols of WPAN and WLAN devices using OPNET and evaluate the system performance of these devices in an interference environment.
Grother, P., Casasent, D.; Optical Path Difference Measurement Techniques for SLMs; Optical Communications
A simple measurement method to obtain 2-D spatial point-by-point optical path difference (OPD) data for spatial light modulators (SLMs) is described. A simple imaging system is used that allows measurements of all SLM parameters on the same laboratory systems. Simple digital processing of the output image for a uniform applied input voltage provides OPD data. Simple methods to confirm amplitude-mostly SLM operations are also provided. Results are
presented for Kopin and CRL liquid crystal SLMs.
Gutta, S., Huang, J., Phillips, P.J., Wechsler, H.; Mixture of Experts for Classification of Gender, Ethnic Origin, and Pose of Human Faces; IEEE Transactions Neural Networks
In this paper we describe the application of mixtures of experts on gender and ethnic classification of human faces, and pose classification, and show their feasibility on the FERET database of facial images. The FERET database allows us to demonstrate performance on hundreds or thousands of images. The mixture of experts is implemented using the "divide and conquer" modularity principle with respect to the granularity and/or the locality of information. The mixture of experts consists of an ensembles of radial basis functions (RBF). Inductive decision trees (DT) and support vector machines (SVM) implement the "gating network" components for deciding which of the experts should be used to determine the classification output and to restrict the support of the input space. Both the Ensemble of RBFs (ERBF) and SVM use the RBF kernel ("expert") for gating the inputs. Our experimental results yield an average accuracy rate of 96% on gender classification and 92% on ethnic classification using the ERBF / DT approach from frontal face images, while the SVM yield 100% on pose classification.
Hagedorn, J., Devaney, J.E.; Parallel Genetic Programming Poster; Workshop on Combinatorial Materials Science, NIST, May 31-June 1, 2000; 5/31/2000
This project is developing a generic Genetic Programming system that is inherently parallel. Genetic Programming uses Darwinian selection and reproduction to evolve a solution to a problem, where individuals are represented by computer programs. A user defined fitness function drives the evolutionary process. We are parallelizing our GP system with our AutoMap and AutoLink MPI Libraries (http://www.nist.gov/itl/div895/savg/auto/). These libraries facilitate two MPI operations: the creation of MPI data types through examination of the C code, and the sending and receiving of linked (i.e. with pointers) data structures. Communication can be either blocking or non-blocking. Additionally, a packet size tuning tool is available to enable the
best choice of packet size for the communication network the code is run on. Individuals are constructed out of basic operations that can be tailored to the specific application. Likewise, the fitness function determines degree of success and is chosen for the problem. Applications are many and varied.
Hawking, D., Voorhees, E., Craswell, N., Bailey, P.; Overview of the TREC-8 Web Track; Included in NIST SP 500-246
The TREC-8 Web Track defined ad hoc retrieval tasks over a 100 gigabyte collection of spidered Web documents (Large Web Task) and a selected 2 gigabyte subset of those documents (Small Web Task). Here, the guidelines and resources for both tasks are described and results presented and analyzed.
Hersh, W., Over, P.; TREC-8 Interactive Track Report; Included in NIST SP 500-246
This report is an introduction to the work of the TREC-8 Interactive Track with its goal of investigating interactive information retrieval by examining the process as well as the results. Seven research groups ran a total of 14 interactive information retrieval (IR) systems on a shared problem: a question-answering task, six statements of information need, and a collection of 210,158 articles from the Financial Times of London 1991-1994. This report summarizes the shared experimental framework, which for TREC-8 was designed to support analysis and comparison of system performance only within sites. The report refers the reader to separate discussions of the experiments performed by each participating group - their hypotheses, experimental systems, and results. The papers from each of the participating groups and the raw and evaluated results are available via the TREC home page (trec.nist.gov).
Hunt, F.Y., Marx, E., Meyer, G.W., Vorburger, T.V., Walker, P.A., Westlund, H.B.; A First Step Towards Photorealistic Rendering of Coated Surfaces and Computer Based Standards of Appearance; Submitted to the 2nd Service Life Prediction Symposium on Methodology and Metrologies
We seek to explore the feasibility of producing computer graphic images to visualize the color and gloss of surfaces using optical and surface topographical data.
Hunt, Fern Y.; Attractors, Chain Transitive Sets, and Invariant Measures; Proceedings of the Equadiff '99 Conference on Differential Equations, Berlin, Germany, August 1-7, 1999
This paper discusses an easy to implement procedure for approximating the long time behavior of iterates of maps. Applications include to finding the roots of a complex polynomial and approximating attractors. The method uses the theory of Markov chains.
Jansen, W.A, Mell, P., Karygiannis A., Marks, D., Mobile Agents in Intrusion Detection and Response; Canadian Information Technology Symposium
Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile software agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This paper is an initial look at the relatively unexplored terrain of using mobile agents for intrusion detection and response. It looks not only at the benefits derived from mobility, but also those associated with software agent technology. We explore these benefits in some detail and propose a number of innovative ways to apply agent mobility to address the shortcomings of current IDS designs and implementations. We also look at new approaches for automating response to an intrusion, once detected.
Jansen, W.A., Karygiannis, T.; Mobile Agents in Intrusion Detection and Response; Proceedings of the 23rd National Information System Security Symposium; 10/16/2000
Most mobile agent systems use internal data structures within an agent to control and specify its security requirements and properties. These structures typically contain authorization information regarding access to computational resources on distributed systems and conceptually serve as an internal passport for the agent. While these structures are often very similar semantically, they differ greatly in their implementation depending to a large extent on the mechanisms used to protect their contents. This paper considers a general scheme for managing privileges using attribute certificates. An attribute certificate can be viewed as an external, digitally signed agent passport, which allows greater flexibility in meeting the needs of an application and overlaying a suitable management scheme. The paper presents the benefits of this approach and gives an example of how an agent system could be enhanced with this mechanism.
Jansen, W.A., Karygiannis, T.; Security Implications of Active Content; ITL Bulletin, March 2000; 3/30/2000
Active content documents offer several benefits to both the users of these documents and their authors. Java applets, JavaScript, and ActiveX provide more functionality to static Web pages, plug-ins enable browsers to support new types of content, Postscript offloads the processing and interpretation of the presentation of documents to the printer, and macros automate repetitive word processing and spreadsheet tasks. The benefits of each of these active content technologies must be carefully weighed against the new risks they pose to an organization's computing environment. Security is not black or white, but shades of gray. When employing active content technology, security measures should be put in place to reduce risk to a pragmatic level and to quickly recover if an incident occurs.
Jansen, W.A., Mell, P., Karygiannis, T., Marks, D.; Applying Mobile Agents to Intrusion Detection and Response; NISTIR 6416; 10/31/1999
Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This report is an initial foray into the relatively unexplored terrain of using Mobile Agents for Intrusion Detection Systems (MAIDS). It suggests a number of innovative ways to apply agent mobility to address shortcomings of current IDS designs and implementations, and explores several new paradigms involving mobile agents. The report looks not only at the benefits derived from mobility, but also those inherent to agent technology, such as autonomous components. We explore these benefits in some detail and propose specific research topics in both the intrusion detection and intrusion response areas. We also discuss performance advantages and disadvantages that occur when using mobile agents in intrusion detection and response. The report concludes with a rating of the proposed research topics, falling under three main areas: performance enhancements, design improvements, and response improvements.
Kacker, Raghu N.; A Method to Quantify Uncertainty Due to Bias in Chemical Analyses; Proceedings of the Measurement Science Conference 2000
Two non-random equally trustworthy and independent chemical analysis methods are often used by measurement laboratories such as NIST to determine the certified value of the concentration of one or more analytes in a reference material. This is a widely accepted approach to assure that the certified concentration represents the true composition. This paper explains the concept of bias based on the Guide to the Expression of Uncertainty in Measurement (GUM) then provides a simple formula for the consensus value and the standard uncertainty due to method bias. The results for two methods can be extended to more than two methods.
Kacker, Raghu N.; Uncertainty Due to Unaccounted Effects in Certification of Chemical Reference Materials; NIST Journal of Research
Two non-random equally trustworthy and independent chemical analysis methods are often used by measurement laboratories such as NIST to determine the certified value of the concentration of one or more analytes in a reference material. This is a widely accepted approach to assure that the certified concentration represents the true composition. This paper explains the concept of bias based on the Guide to the Expression of Uncertainty in Measurement (GUM) then provides a simple formula for the consensus value and the standard uncertainty due to method bias. The results for two methods can be extended to more than two methods.
Kacker, Raghu N.; An Interpretation of the Guide to the Expression of Uncertainty in Measurement; NIST SP 500-244, Proceedings of the NCSL (National Conference of Standards Laboratories) Meeting 2000 and Metrologia; 5/31/2000
The Guide to the Expression of Uncertainty in Measurement (GUM) is intended for all scientific and technological measurements in science, engineering, commerce, industry, and regulation. So the GUM must have an unambiguous interpretation. But its terminology and recommendations straddle two different ways of doing statistics: frequentist and Bayesian. Therefore as presented the GUM is somewhat ambiguous. This paper attempts to clear up the ambiguity of the GUM due to mixing up of the frequentist and the Bayesian concepts. Our hope is that the clarifications provided here will promote a more consistent use of the GUM and facilitate its application to situations not explicitly covered in the original document.
Kantor, P.B., Voorhees, E.M.; The TREC-5 Confusion Track: Comparing Retrieval Methods for Scanned Text; Information Retrieval
A known-item search is a particular information retrieval task in which the system is asked to find a single target document in a large document set. The TREC-5 confusion track used a set of 49 known-item tasks to study the impact of data corruption on retrieval system performance. Two corrupted versions of a 55,600 document corpus whose true content was known were created by applying OCR techniques to page images. The first version of the corpus used the page images as scanned, resulting in an estimated character error rate of approximately 5 percent. The second version used page images that had been down-sampled, resulting in an estimated character error rate of approximately 20 percent. The true text and each of the corrupted versions were then searched using the same set of 49 questions. In general, retrieval methods that attempted a robabilistic reconstruction of the original clean text fared better than methods that simply accepted corrupted versions of the query text.
Kearsley, A.J.; Global and Local Optimization Algorithms for Optimal Signal Set Design; NIST Journal of Research
The problem of choosing an optimal signal set for non-Gaussian detection was reduced to a smooth inequality constrained mini-max nonlinear programming problem by Goeckenbach and Kearsley (SIAM J. Opt., 1998). Here we consider the application of several optimization algorithms, both global and local, to this problem. The most promising results are obtained when special-purpose Sequential Quadratic Programming (SQP) algorithms are embedded into stochastic global algorithms.
Kuhn, David R.; Security for Private Branch Exchange Systems; ITL Bulletin, August 2000; 8/17/2000
This document provides an introduction to security for private branch exchange systems (PBXs). The primary audience is agency system administrators and others responsible for the installation and operation of PBX systems. Major threat classes are explained, common vulnerabilities identified, and countermeasures are suggested to enhance the security of PBXs. Readers are referred to a NIST Special Publication on PBX security for more detailed coverage of the issues.
Kuhn, David R.; PBX Vulnerability Analysis; NIST SP 800-24
This report presents a generic methodology for conducting an analysis of a Private Branch Exchange (PBX) in order to identify security vulnerabilities. The report focuses on digital-based PBXs and addresses the following areas for study: System Architecture; Hardware; Maintenance; Administrative Database/Software; User Features. The methods described in this report are designed to assist administrators in conducting this type of testing.
Computer based telephony systems and new techniques such as voice over IP (VOIP) present an entirely new collection of vulnerabilities and are not addressed in this report. However, some of the evaluation methods described here may be applied to these systems as well.
Lee, Annabelle; Guideline for Implementing Cryptography in the Federal Government; ITL Bulletin, February 2000; 2/1/2000
In the current environment of increasingly open and interconnected systems and networks, network and data security are essential for the optimum use of information technology. Cryptography should be considered for data that is sensitive, has a high value, or represents a high value if it is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptographic methods provide important functionality to protect against intentional and accidental compromise and alteration of data. These methods support communications security by encrypting the communication prior to transmission and decrypting it at receipt. These methods also provide file/data security by encrypting the data prior to placement on a storage medium and decrypting it after retrieval from the storage medium. The purpose of this bulletin is to provide a synopsis of the Guideline for Implementing Cryptography in the Federal Government.
Lee, Annabelle; Guideline for Implementing Cryptography in the Federal Government; NIST SP 800-21; 11/1/1999
In the current environment of increasingly open and interconnected systems and networks, network and data security are essential for the optimum use of information technology. Cryptography should be considered for data that is sensitive, has a high value, or represents a high value if it is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptographic methods provide important functionality to protect against intentional and accidental compromise and alteration of data. These methods support communications security by encrypting the communication prior to transmission and decrypting it at receipt. These methods also provide file/data security by encrypting the data prior to placement on a storage medium and decrypting it after retrieval from the storage medium.
The purpose of this document is to provide guidance to federal agencies on how to select cryptographic controls for protecting Sensitive Unclassified information. This document focuses on federal standards documented in Federal Information Processing Standards Publications (FIPS PUBs) and the cryptographic modules and algorithms that are validated against these standards. This document was written for federal employees, who are responsible for designing systems, and procuring, installing, and operating security products to meet identified security requirements. The goal is to provide these individuals with sufficient information to allow them to make informed decisions about the cryptographic methods that will meet their specific needs to protect the confidentiality, authentication, and integrity of data that is transmitted and/or stored in a system or network. This guideline provides information on selecting cryptographic services and methods and implementing the methods in new or existing systems.
Levenson, M.S., Banks, D.L., Eberhardt, K.R., Gill, L.M., Guthrie, W.F., Liu, H.K., Vangel, M.G., Yen, J.H., Zhang, N.F.; An Approach to Combining Results from Multiple Methods Motivated by the ISO GUM; NIST Journal of Research, Vol. 105, No. 4, July-August 2000; 8/1/2000
The problem of determining a consensus value and its uncertainty from the results of multiple methods or laboratories is discussed. Desirable criteria of a solution are presented. A solution based on the ISO Guide to the Expression of Uncertainty in Measurement is introduced and applied in a detailed worked example. A Bayesian hierarchical model motivated by the proposed solution is presented and compared to the solution.
L'Hostis, Pierre, Byers, Frederick, Podio, Fernando, Tang, Xiao; Microscopic Image Analysis of Defect Areas in Optical Disks; NISTIR 6547and Proceedings of SPIE Conference on Recent Advances in Metrology, Characterization, and Standards for Optical Digital Data Disks
This paper presents techniques developed in the Information Technology Laboratory of the U.S. National Institute of Standards and Technology (NIST/ITL) for enabling microscopic image analysis of optical data storage media such as optical discs. These non-destructive techniques allow investigators to easily locate on the disc a predetermined series of media defects. The techniques can be applied to any type of optical disks including CDs and DVDs. The paper describes the experimental setup and the techniques utilized to achieve localization and registration of media defects. These techniques include data acquisition, computer control, auto focus, image processing, and remote control and observation. An extension of this setup utilizing available graphical programming environments can allow investigators at different locations to share and discuss the information of media defects by use of the Internet.
Liggett, W. S., Low, S. R., Pitchure, D. J., Song, J.; Capability in Rockwell C Scale Hardness; NIST Journal of Research, Vol. 105, No. 4, July-August 2000; 8/1/2000
To determine the capability of a system for Rockwell C scale hardness, one must make test measurements, which can be planned and interpreted as explained in this paper. Uncertainty, which is one part of capability, is treated specifically, and product specification limits, the other part, are covered more generally. The uncertainty involves several components, which we designate as lack of repeatability, lack of reproducibility, machine error and indenter error. Component-by-component assessment leads to understanding of mechanisms and thus to guidance on system upgrades if these are necessary. Assessment of some components calls only for good-quality test blocks, and assessment of others requires NIST SRM test blocks. The important innovation introduced is this paper is improved handling of the hardness variation across test-block surfaces.
Liggett, Walter S., Buckley, Chris; The Effect of Query Choice On Information Retrieval; 23rd Annual International ACM SIGIR Conference on Research and Development in Information Retrieval; 8/1/2000
Analysis of the Query Track of the Eighth Text Retrieval Conference (TREC-8) shows how the presence or absence of a word or two in a query can make a large difference in information retrieval performance. The Query Track contains results from 8 systems each run on 21 natural-language queries that were formulated for each topic of 50. To compare the queries for a topic, we consider both discrimination against irrelevant documents and ordering of relevant documents in system outputs. Each of these aspects of performance leads to a graph. We present these graphs for 8 topics and summarize what is shown for the other 42. The 50 topics demonstrate the performance effects of word omissions, word additions, meaningful word substitutions, and word
changes with only system ramifications. Regarding query formulation, the analysis in this paper shows the need to overcome mismatches between query terms and terms used in the documentation collection.
Lozier, D.W.; The DLMF Project: A New Initiative in Classical Special Functions; Proceedings of the International Workshop on Special Functions, Hong Kong, June 21-25, 1999, World Scientific Publishing Co., Inc., London WC 2H 9HE, England
NIST (formerly, National Bureau of Standards) has started an ambitious project that aims to produce a successor to Abramowitz and Stegun's {\em Handbook of Mathematical Functions}, published by the National Bureau of Standards in 1964 and reprinted by Dover in 1965. Both editions continue to sell briskly and are widely cited in the scientific literature. However, with the many advances in the theory, computation and application of special functions that have occurred since 1960, a new standard reference is badly needed. NIST intends to satisfy this need by providing a Digital Library of Mathematical Functions (DLMF) as a free Web site together with an associated book and CD-ROM. The Web site will provide many capabilities that are impossible to provide in print media alone.
Lyle, J.R., Laamanen, M.T., Carlson, N.M.; PEST: Programs to Evaluate Software Testing Tools and Techniques; ISSTA 2000
PEST is a collection of reference materials for the empirical evaluation and comparison of software testing techniques. Often the publication of a new testing technique or strategy includes a theoretical analysis and an ad hoc empirical evaluation. Because each researcher usually uses a different set of programs for an empirical evaluation, there is little basis for comparison between different techniques. The project objective is to develop and make
available to software testing researchers and tool vendors a set of reference materials for the empirical evaluation and comparison of software testing techniques. This set of reference materials includes a diverse suite of program modules that can be the subject of a testing technique, testing support tools and examples of using PEST. Each module contains a program specification, a correct implementation in C that can be used as an oracle and several
faulty C implementations, each seeded with a single fault from some commonly available fault taxonomy. The programs are designed such that a common test harness can be used to execute each faulty variant over test data for comparison against the oracle. This allows for the computation of metrics to compare the relative effectiveness of test data generated by different techniques.
Lyon, G.E.; Assurance Protocols and Small Web Retailers; Proceedings of the 2000 ACM Symposium on Applied Computing, Como, Italy, March 19-21, 2000, 3/19/2000
Many Web areas are in an early technological period of rapid evolution and intense competitive selection. Nowhere is this truer than with electronic commerce. While much is being considered today for business-to-business transactions, the Web also represents a marvelous opportunity for small retail establishments. However, the needs of small establishments differ from those of larger firms. In particular, customer assurance is very important. Several assurance protocols are examined for their utility to small retail sellers on the Web. One new possibility involves using bankcard records to build assurance ratings.
Lyons-Burke, K. L. (editor), Federal Public Key Infrastructure Steering Committee; Federal Agency Use of Public Key Technology for Digital Signatures and Authentication; NIST SP 800-25
This guidance document was developed by the Federal Public Key Infrastructure Steering Committee to assist Federal agencies that are considering the use of public key technology for digital signatures or authentication over open networks such as the Internet. This includes communications with other Federal or non-Federal entities, such as members of the public, private firms, citizen groups, and state and local governments. Most public key technology applications for digital signatures provide for user authentication as well. However, public key technology can be used for user authentication only without digital signatures. Standards such as X.509 provide for that functionality. This document encourages the thoughtful use of public key technology by Federal agencies as set forth in guidance published by the Office of Management and Budget implementing the Government Paperwork Elimination Act (GPEA). It also amplifies upon principles contained in the GPEA guidance and separately in Access with Trust issued in September 1998 by the Office of Management and Budget, the National Partnership for Reinventing Government, and the Government Information Technology Services Board. Finally, it discusses briefly the government-wide Public Key Infrastructure (PKI) which is developing to enable applications programs to effectively use public key technology across Federal agencies.
Majurski W., Dima A., Laamanen, M.; Flits: Pervasive Computing for Processor and Memory Constrained Systems; International Workshop on Pervasive Computing in Conjunction with The 29th International Conference on Parallel Processing, Toronto, Canada, Aug. 21-24, 2000
Many pervasive computing software technologies are targeted for 32-bit desktop platforms. However, there are innumerable 8, 16, and 32-bit microcontroller and microprocessor-based embedded systems that do not support the resource requirements of these technologies. We describe ongoing research whose goal is to explore the feasibility of creating a portable runtime-environment capable of executing across a wide variety of 8, 16, and 32-bit processors and offering mobile code and high-level language support. Our solution adapts a version of the language Forth called Fcode and its environment to fit these needs. We go on to define the concept of a flit - a software construct similar to an applet but tailored to the needs of lower resource solutions to pervasive computing. We then describe our laboratory prototype and some early performance measurements.
Martin, A.F., Przybocki, M.A.; The NIST 1999 Speaker Recognition Evaluation - An Overview; Digital Signal Processing Journal - Special Issue on the 1999 NIST Speaker Recognition Evaluation; 1/1/2000
This article summarizes the 1999 NIST Speaker Recognition Evaluation. It discusses the overall research objectives, the three task definitions, the development and evaluation data sets, the specified performance measures and their manner of presentation, the overall quality of the results, and the officially declared winners. More than a dozen sites from the United States, Europe, and Asia participated in this evaluation. There were three primary tasks for which automatic systems could be designed: one-speaker detection, two-speaker detection, and speaker tracking. All three tasks were performed in the context of mu-law encoded conversational telephone speech. The one-speaker detection task used single channel data, while the other two tasks used summed two-channel data. About 500 target speakers were specified, with two minutes of training speech data provided for each. Both multiple and single speaker test segments were selected from about 2000 conversations that were not used for training material. The duration of the multiple speaker test data was nominally one minute, while the duration of the single speaker test segments varied from near zero up to sixty seconds. For each task, systems had to make independent decisions for selected combinations of a test segment and a hypothesized target speaker. The data sets for each task were designed to be large enough to provide statistically meaningful results on test subsets of interest. Results were analyzed with respect to various conditions including, duration, pitch differences, and handset types.
McCabe, R.M.; Data Format for the Interchange of Fingerprint, Facial, and Scar Mark and Tattoo Information (ANSI/NIST-ITL 1-2000); NIST SP 500-245 and ANSI/NIST-ITL 1/2000; 7/27/2000
Defines the content, format, and units of measurement for the exchange of fingerprint, palmprint, facial/mugshot, and scar, mark, and tattoo (SMT) image information that may be used in the identification process of a subject. The information consists of a variety of mandatory and optional items, including scanning parameters, related descriptive and record data, digitized fingerprint information and compressed or uncompressed images. This information is intended for interchange among criminal justice administrations or organization that rely on automated fingerprint (AFIS) and palmprint identification systems or use facial or SMT data for identification purposes.
McCormick, G. P., Witzgall, C.; On Weekly Analytic and Faithfully Convex Functions in Convex Programming; NISTIR 6426; 6/30/2000
Weekly-analytic convex, faithfully convex, and self-concordant functions are considered, and their relationships described.
McFadden, G.B., Coriell, S.R., Sekerka, R.F.; Effect of Surface Free Energy Anisotropy on Dendrite Tip Shape; Acta Materialia 48 (2000), pp. 3177-3181
In previous work, we found approximate solutions for paraboloids having perturbations with four-fold axial symmetry in order to model dendritic growth in cubic materials. These solutions provide self-consistent corrections through second order in a shape parameter, to the Peclet number -- supercooling relation of the Ivantsov solution. The parameter, is proportional to the amplitude of the four-fold correction to the dendrite shape, as measured from the Ivantsov paraboloid of revolution. We calculate, by comparing the dendrite tip shape to the portion of the equilibrium shape near the [001] direction for a four-fold anisotropic surface free energy. This comparison results in good agreement with the measured value, ¯ -0.008 of LaCombe et al.
Medlock, R.J.; A Comparison of the SSE-CMM and NVLAP IT Security Testing; First Annual International Systems Security Engineering Conference
This paper describes the general accreditation requirements of the NIST National Voluntary Laboratory Accreditation Program (NVLAP) and the specific accreditation requirements for the Cryptographic Module Testing (CMT) and Common Criteria Testing (CCT) programs, which are part of the NVLAP newly established Information Technology Security Testing Program. The paper discusses the similarities and Maturity Model (SSE-CMM) Model and Appraisal Method. For an organization that has been SSE-CMM appraised, it identifies areas that would be almost the same, areas that could be tailored to meet the NVLAP requirements, and areas that would be new if the organization intended to meet the NVLAP requirements.
Mell, Peter; Acquiring and Deploying Intrusion Detection Systems; ITL Bulletin, November 1999; 11/30/1999
This ITL Bulletin provides basic information about intrusion detection systems (IDSs) to help organizations avoid common pitfalls in acquiring, deploying, and maintaining IDSs.
Mell, Peter; Identifying Critical Patches with ICAT; ITL Bulletin, July 2000; 7/14/2000
The NIST computer security division has created a searchable index containing 700 of the most important computer vulnerabilities. This index, called the ICAT Metabase, enables your security personnel to search the set of vulnerabilities at a fine granularity and to identify the most critical vulnerabilities for your organization. When a vulnerability is selected, ICAT provides a summary of the vulnerability and links to patch information. ICAT is available at: http://csrc.nist.gov/icat.
Mell, Peter, Marks, Donald, McLarnon, Mark; A Denial of Service Resistant Intrusion Detection Architecture; IEEE Computer Networks Journal
As the capabilities of intrusion detection systems (IDS) advance, attackers may attempt to disable an organization's IDS before attempting to penetrate more valuable targets. As IDSs evolve into distributed systems with interdependent components, they are becoming more vulnerable to such attacks. To counter this threat, we present an intrusion detection architecture which is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to an attacker's normal means of "seeing" in a network. In the event of a successful attack, the architecture allows IDS components to relocate from attacked hosts to operational hosts thereby mitigating the effects of that attack. These capabilities are obtained by using mobile agent technology, utilizing network topology features, and by restricting the communication allowed between different types of IDS components.
Mell, Peter, Wack, John; Mitigating Emerging Hacker Threats; ITL Bulletin, June 2000; 6/22/2000
This ITL Bulletin analyzes current hacking trends and discusses mitigators to these emerging threats. First, we summarize the most significant computer vulnerabilities and attacks that have occurred in the past 16 months. Next, we discuss both novel and continuing hacking trends. Finally, we summarize the threats created by these new trends and techniques, and provide guidance on mitigating that threat.
Michel, M., Devaney, J.E.; A Generalized Approach for Transferring Data-Types with Arbitrary Communication Libraries; International Conference on Parallel and Distributed Systems (Icpads'00) -- MultiMedia Network System (MNNS'2000) Workshop, Iwate, Japan, July 4-7, 2000; 7/4/2000
We present a generalized algorithm for implementing a communications library for dynamic data structures created with heterogeneous composed data types such as multiple C structs, and where the data-types may be nested and may contain pointers. This algorithm is divided into an absolute part that is the same for all instantiations, and a relative part that is specific to the communications mechanism used, such as PVM or MPI. We describe the algorithm in terms of our AutoMap/AutoLink implementation in C/MPI. First, we will talk of the MPI case and of the AutoMap and AutoLink solutions (with ideas from version 3.0). Then we discuss what is to be followed in order to generalize the data-types transfer concepts presented in this article. With this addition to AutoMap/AutoLink we can extend the functions provided from the current send and receive functions (blocking and non blocking) available for any data-types, to any kind of transfer function; from broadcast to reduce (as long as the reduce called process is ``message aware''). This will also simplify the extension of this work to data-types load balancing.
Mink, A., Snelick, R.D.; Symposium on the Foundations of Interactive Digital TV Application Software Environment (DASE); NISTIR 6503; 5/23/2000
As the co-chairs of the DASE Symposium 2000, we would like to welcome you to this inaugural symposium. We have the pleasure of holding the DASE Symposium 2000 at the National Institute of Standards and Technology, just outside our nation's capital, Washington, D.C. The emergence of interactive digital television (DTV) brings about a host of exciting opportunities for broadcasters, content providers, tool developers, and equipment manufacturers. Interactive DTV combines aspects of traditional television and the Internet that inspires applications in e-commerce, targeted advertising, video-on-demand, and enhanced viewing services. An enabling technology for applying interactive DTV is being developed by the Advanced Television Systems Committee (ATSC) Digital TV Application Software Environment (DASE) standards group. The emerging DASE standard, currently a work-in-progress, and how it relates to DTV is the focus of this Symposium. Such a standard environment fosters the interoperability concept of write once, run anywhere applications. The DASE symposium brings together the DTV industry players to promote commerce and provide an opportunity to learn about DASE technologies in a focused setting. We hasten to mention that although significant work has been accomplish in the DASE consortium and the structure of the standard is fairly mature, it is important to note that the standard is not finalized and is a work-in-progress.
Mink, Alan, Carpenter, Robert J., Courson, Michel; Time Synchronized Measurements in Cluster Computing Systems; ISCA - PDCS-2000 Conference
We describe hardware time synchronization instrumentation that we have developed which achieves time synchronization of better than one microsecond. The purpose of this instrumentation is for Quality of Service characterization of parallel and distributed computing and of network communications. Using this instrumentation we measure the accuracy achieved by the NIST Autolock time synchronization algorithm, built upon the well-known Network Time Protocol (NTP) time exchange, and the various factors contributing to its performance for both local and remote computing clusters. We show that such software algorithms, once their parameters are tuned for the expected delays, can achieve accuracy close to single digit microseconds.
Mitchell, William F.; Portable Graphics from Fortran with OpenGL; Compaq Visual Fortran Newsletter
This article describes how to use f90gl and OpenGL to portably produce graphics from Fortran.
Moon, H., Phillips, P.J.; Computational and Performance Aspects of PCA-Based Face Recognition Algorithms; NISTIR 6486 and Perception
Principal component analysis (PCA) based algorithms form the basis of numerous algorithms and studies in the psychological and algorithmic face recognition literature. PCA is a statistical technique and its incorporation into a face recognition algorithm requires numerous design decisions. We explicitly state the design decisions by introducing a generic modular PCA-algorithm. This allows us to investigate these decisions including those not documented in the literature. We experiment with different implementations of each module, and evaluate the different implementations using the September 1996 FERET evaluation protocol (the de facto standard method for evaluating face recognition algorithms). We experiment with (1) changing the illumination normalization procedure; (2) studying effects on algorithm performance of compressing images using JPEG and wavelet compression algorithms; (3) varying the number of eigenvectors in the representation; and (4) changing the similarity measure in classification process. We perform two experiments. In the first experiment, we report performance results on the standard September 1996 FERET large gallery image sets. In the second experiment, we examine the variability in algorithm performance on different sets of facial images. The basis of the study is 100 randomly generated image sets (galleries) of the same size.
Morse, E., Steves, M. P.; CollabLogger: A Tool for Visualizing Groups At Work; The IEEE 9th International Workshop on Enabling Technologies: Infrastructure Collaborative Enterprises
The CollabLogger is a visual tool that has been developed to support usability analyses of human-computer interaction in a team environment. The participants in the computer-mediated activity were engaged in a small-scale manufacturing testbed project. Interactions of the group were mediated by Teamwave Workplace and the members performed both synchronous and asynchronous activities depending on their availability, project requirements, and serendipity due to accidental meetings in the collaborative space. The software was instrumented to log users' interactions with the system and each other. The CollabLogger addresses the problem of helping investigators analyze the volumes of log data that groupware tools can generate. Visual tools are powerful when large amounts of diverse data present themselves. The place-based collaboration environment offered by Teamwave Workplace provided a level of organization that allowed us to create a visual interface with which to perform exploratory sequential data analysis.
Morse, E.L.; The IUSR Project and the Common Industry Reporting Format; Conference on Universal Usability Proceedings
For three years, the National Institute of Standards and Technology (NIST) has been leading the Industry USability Reporting (IUSR) project. The purpose of the project is to increase the visibility of software usability. Participants are from major software suppliers and customer organizations. This poster presents an overview of the IUSR project. Major emphasis is placed on the Common Industry Format (CIF) for reporting the results of usability tests. The current focus of the group centers around Pilot Testing to validate of the use of the CIF. Additional information about the IUSR project can be found at: iusr@nist.gov.