A review of security of electronic health records.

PubMed

Win, Khin Than

The objective of this study is to answer the research question, "Are current information security technologies adequate for electronic health records (EHRs)?" In order to achieve this, the following matters have been addressed in this article: (i) What is information security in the context of EHRs? (ii) Why is information security important for EHRs? and (iii) What are the current technologies for information security available to EHRs? It is concluded that current EHR security technologies are inadequate and urgently require improvement. Further study regarding information security of EHRs is indicated.

Evaluation of United States Department of Agriculture-sponsored consumer materials addressing food security.

PubMed

Tolma, Eleni; John, Robert; Garner, Jane

2007-01-01

Food insecurity in the United States is a major public health issue. The main objective of this study was to evaluate the availability and quality of printed materials addressing food security targeted to special populations by the United States Department of Agriculture (USDA). Nutrition education resources addressing food security available from USDA websites were selected for analysis. Not applicable. The review team consisted of project staff (n = 6), two of who were fluent in Spanish. Selection criteria were established to identify the food-security materials, and a group of reviewers assessed the quality of each publication both quantitatively and qualitatively. A consensus meeting among the reviewers was held to make final determinations of the quality of the materials. The quantitative data analysis consisted of basic descriptive statistics. Among the 27 materials initially identified, 20 were either irrelevant or of low relevance to food security. Moreover, very few of them were intended for minority populations. The quality of most of the materials ranged from "average" to "good." Some of the major weaknesses include readability level, lack of cultural relevance, and inadequate coverage of food insecurity. Very few materials on food insecurity are of high quality. In the development of such materials, emphasis should be given to the readability level, content, and cultural relevance.

Barriers to Securing Data on Bluetooth®-Enabled Mobile Devices: A Phenomenological Study

ERIC Educational Resources Information Center

Hines, Natasha

2015-01-01

Company data on mobile devices is vulnerable and subject to unauthorized access. The general problem is that information security incidents compromise the integrity and authenticity of electronic data. The specific problem is that organizational security policies, procedures, and training do not adequately address the vulnerabilities associated…

How can we exploit above–belowground interactions to assist in addressing the challenges of food security?

PubMed Central

Orrell, Peter; Bennett, Alison E.

2013-01-01

Can above–belowground interactions help address issues of food security? We address this question in this manuscript, and review the intersection of above–belowground interactions and food security. We propose that above–belowground interactions could address two strategies identified by Godfray etal. (2010): reducing the Yield Gap, and Increasing Production Limits. In particular, to minimize the difference between potential and realized production (The Yield Gap) above–belowground interactions could be manipulated to reduce losses to pests and increase crop growth (and therefore yields). To Increase Production Limits we propose two mechanisms: utilizing intercropping (which uses multiple aspects of above–belowground interactions) and breeding for traits that promote beneficial above–belowground interactions, as well as breeding mutualistic organisms to improve their provided benefit. As a result, if they are managed correctly, there is great potential for above–belowground interactions to contribute to food security. PMID:24198821

4 CFR 200.14 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2010 CFR

2010-01-01

... identifiable personal data and automated systems shall be adequately trained in the security and privacy of... the security and privacy of such records. (5) The disposal and destruction of identifiable personal....14 Section 200.14 Accounts RECOVERY ACCOUNTABILITY AND TRANSPARENCY BOARD PRIVACY ACT OF 1974 § 200...

Security Requirements Management in Software Product Line Engineering

NASA Astrophysics Data System (ADS)

Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

10 CFR 1304.114 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2010 CFR

2010-01-01

... the security and privacy of personal data. (4) The disposal and disposition of identifiable personal... contained in a system of records are adequately trained to protect the security and privacy of such records....114 Section 1304.114 Energy NUCLEAR WASTE TECHNICAL REVIEW BOARD PRIVACY ACT OF 1974 § 1304.114...

78 FR 9987 - Social Security Ruling, SSR 13-1p; Titles II and XVI: Agency Processes for Addressing Allegations...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-12

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0071] Social Security Ruling, SSR 13-1p; Titles II and XVI: Agency Processes for Addressing Allegations of Unfairness, Prejudice, Partiality, Bias, Misconduct, or Discrimination by Administrative Law Judges (ALJs); Correction AGENCY: Social Security...

"It's Like Moving the Titanic:" Community Organizing to Address Food (In)Security.

PubMed

Okamoto, Kristen E

2017-08-01

Health communication scholars are uniquely positioned to examine the ways in which individuals organize to address current and future exigencies related to social ills. In particular, organizations are key sites in understanding our health decisions related to food choice. From a young age, children develop habits of eating that stay with them throughout their life. More specifically, food insecurity impacts childhood nutrition. Children from low-income homes experience disproportional negative health outcomes. Appalachian Ohio is an area within the United States that experiences severe poverty. In 2013, community members in a small public school district in Appalachian Ohio formed the Appalachian Nutrition Advisory Council to address the nutritional needs of students in schools. This project stories the ways in which community members creatively organized to supplement existing structures in place designed to address school nutrition and food security.

Security Considerations for E-Mental Health Interventions

PubMed Central

Bennett, Anthony James; Griffiths, Kathleen Margaret

2010-01-01

Security considerations are an often overlooked and underfunded aspect of the development, delivery, and evaluation of e-mental health interventions although they are crucial to the overall success of any eHealth project. The credibility and reliability of eHealth scientific research and the service delivery of eHealth interventions rely on a high standard of data security. This paper describes some of the key methodological, technical, and procedural issues that need to be considered to ensure that eHealth research and intervention delivery meet adequate security standards. The paper concludes by summarizing broad strategies for addressing the major security risks associated with eHealth interventions. These include involving information technology (IT) developers in all stages of the intervention process including its development, evaluation, and ongoing delivery; establishing a wide-ranging discourse about relevant security issues; and familiarizing researchers and providers with the security measures that must be instituted in order to protect the integrity of eHealth interventions. PMID:21169173

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

NASA Astrophysics Data System (ADS)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

The Role of Food Banks in Addressing Food Insecurity: A Systematic Review.

PubMed

Bazerghi, Chantelle; McKay, Fiona H; Dunn, Matthew

2016-08-01

Food banks play a major role in the food aid sector by distributing donated and purchased groceries directly to food insecure families. The public health implications of food insecurity are significant, particularly as food insecurity has a higher prevalence among certain population groups. This review consolidates current knowledge about the function and efficacy of food banks to address food insecurity. A systematic review was conducted. Thirty-five publications were reviewed, of which 14 examined food security status, 13 analysed nutritional quality of food provided, and 24 considered clients' needs in relation to food bank use. This review found that while food banks have an important role to play in providing immediate solutions to severe food deprivation, they are limited in their capacity to improve overall food security outcomes due to the limited provision of nutrient-dense foods in insufficient amounts, especially from dairy, vegetables and fruits. Food banks have the potential to improve food security outcomes when operational resources are adequate, provisions of perishable food groups are available, and client needs are identified and addressed.

Security systems engineering overview

NASA Astrophysics Data System (ADS)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

Addressing security issues related to virtual institute distributed activities

NASA Astrophysics Data System (ADS)

Stytz, Martin R.; Banks, Sheila B.

2008-03-01

One issue confounding the development and experimentation of distributed modeling and simulation environments is the inability of the project team to identify and collaborate with resources, both human and technical, from outside the United States. This limitation is especially significant within the human behavior representation area where areas such as cultural effects research and joint command team behavior modeling require the participation of various cultural and national representatives. To address this limitation, as well as other human behavior representation research issues, NATO Research and Technology Organization initiated a project to develop a NATO virtual institute that enables more effective and more collaborative research into human behavior representation. However, in building and operating a virtual institute one of the chief concerns must be the cyber security of the institute. Because the institute "exists" in cyberspace, all of its activities are susceptible to cyberattacks, subterfuge, denial of service and all of the vulnerabilities that networked computers must face. In our opinion, for the concept of virtual institutes to be successful and useful, their operations and services must be protected from the threats in the cyber environment. A key to developing the required protection is the development and promulgation of standards for cyber security. In this paper, we discuss the types of cyber standards that are required, how new internet technologies can be exploited and can benefit the promulgation, development, maintenance, and robustness of the standards. This paper is organized as follows. Section One introduces the concept of the virtual institutes, the expected benefits, and the motivation for our research and for research in this area. Section Two presents background material and a discussion of topics related to VIs, uman behavior and cultural modeling, and network-centric warfare. Section Three contains a discussion of the

A Security Audit Framework to Manage Information System Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

4 CFR 200.14 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2011 CFR

2011-01-01

... identifiable personal data and automated systems shall be adequately trained in the security and privacy of....14 Section 200.14 Accounts RECOVERY ACCOUNTABILITY AND TRANSPARENCY BOARD PRIVACY ACT OF 1974 § 200... records in which identifiable personal data are processed or maintained, including all reports and output...

Security culture for nuclear facilities

NASA Astrophysics Data System (ADS)

Gupta, Deeksha; Bajramovic, Edita

2017-01-01

Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

FAA computer security : recommendations to address continuing weaknesses

DOT National Transportation Integrated Search

2000-12-01

In September, testimony before the Committee on Science, House of Representatives, focused on the Federal Aviation Administration's (FAA) computer security program. In brief, we reported that FAA's agency-wide computer security program has serious, p...

Canada's Compassionate Care Benefit: is it an adequate public health response to addressing the issue of caregiver burden in end-of-life care?

PubMed

Williams, Allison M; Eby, Jeanette A; Crooks, Valorie A; Stajduhar, Kelli; Giesbrecht, Melissa; Vuksan, Mirjana; Cohen, S Robin; Brazil, Kevin; Allan, Diane

2011-05-18

An increasingly significant public health issue in Canada, and elsewhere throughout the developed world, pertains to the provision of adequate palliative/end-of-life (P/EOL) care. Informal caregivers who take on the responsibility of providing P/EOL care often experience negative physical, mental, emotional, social and economic consequences. In this article, we specifically examine how Canada's Compassionate Care Benefit (CCB)--a contributory benefits social program aimed at informal P/EOL caregivers--operates as a public health response in sustaining informal caregivers providing P/EOL care, and whether or not it adequately addresses known aspects of caregiver burden that are addressed within the population health promotion (PHP) model. As part of a national evaluation of Canada's Compassionate Care Benefit, 57 telephone interviews were conducted with Canadian informal P/EOL caregivers in 5 different provinces, pertaining to the strengths and weaknesses of the CCB and the general caregiving experience. Interview data was coded with Nvivo software and emerging themes were identified by the research team, with such findings published elsewhere. The purpose of the present analysis was identified after comparing the findings to the literature specific to caregiver burden and public health, after which data was analyzed using the PHP model as a guiding framework. Informal caregivers spoke to several of the determinants of health outlined in the PHP model that are implicated in their burden experience: gender, income and social status, working conditions, health and social services, social support network, and personal health practises and coping strategies. They recognized the need for improving the CCB to better address these determinants. This study, from the perspective of family caregivers, demonstrates that the CCB is not living up to its full potential in sustaining informal P/EOL caregivers. Effort is required to transform the CCB so that it may fulfill the

Canada's Compassionate Care Benefit: Is it an adequate public health response to addressing the issue of caregiver burden in end-of-life care?

PubMed Central

2011-01-01

Background An increasingly significant public health issue in Canada, and elsewhere throughout the developed world, pertains to the provision of adequate palliative/end-of-life (P/EOL) care. Informal caregivers who take on the responsibility of providing P/EOL care often experience negative physical, mental, emotional, social and economic consequences. In this article, we specifically examine how Canada's Compassionate Care Benefit (CCB) - a contributory benefits social program aimed at informal P/EOL caregivers - operates as a public health response in sustaining informal caregivers providing P/EOL care, and whether or not it adequately addresses known aspects of caregiver burden that are addressed within the population health promotion (PHP) model. Methods As part of a national evaluation of Canada's Compassionate Care Benefit, 57 telephone interviews were conducted with Canadian informal P/EOL caregivers in 5 different provinces, pertaining to the strengths and weaknesses of the CCB and the general caregiving experience. Interview data was coded with Nvivo software and emerging themes were identified by the research team, with such findings published elsewhere. The purpose of the present analysis was identified after comparing the findings to the literature specific to caregiver burden and public health, after which data was analyzed using the PHP model as a guiding framework. Results Informal caregivers spoke to several of the determinants of health outlined in the PHP model that are implicated in their burden experience: gender, income and social status, working conditions, health and social services, social support network, and personal health practises and coping strategies. They recognized the need for improving the CCB to better address these determinants. Conclusions This study, from the perspective of family caregivers, demonstrates that the CCB is not living up to its full potential in sustaining informal P/EOL caregivers. Effort is required to

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 13 2011-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 13 2012-01-01 2012-01-01 false Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 13 2014-01-01 2013-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 13 2013-01-01 2013-01-01 false Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 13 2010-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

Security systems engineering overview

DOE Office of Scientific and Technical Information (OSTI.GOV)

Steele, B.J.

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, andmore » counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).« less

Privacy and Security Issues Surrounding the Protection of Data Generated by Continuous Glucose Monitors.

PubMed

Britton, Katherine E; Britton-Colonnese, Jennifer D

2017-03-01

Being able to track, analyze, and use data from continuous glucose monitors (CGMs) and through platforms and apps that communicate with CGMs helps achieve better outcomes and can advance the understanding of diabetes. The risks to patients' expectation of privacy are great, and their ability to control how their information is collected, stored, and used is virtually nonexistent. Patients' physical security is also at risk if adequate cybersecurity measures are not taken. Currently, data privacy and security protections are not robust enough to address the privacy and security risks and stymies the current and future benefits of CGM and the platforms and apps that communicate with them.

Privacy and Security Issues Surrounding the Protection of Data Generated by Continuous Glucose Monitors

PubMed Central

Britton, Katherine E.; Britton-Colonnese, Jennifer D.

2017-01-01

Being able to track, analyze, and use data from continuous glucose monitors (CGMs) and through platforms and apps that communicate with CGMs helps achieve better outcomes and can advance the understanding of diabetes. The risks to patients’ expectation of privacy are great, and their ability to control how their information is collected, stored, and used is virtually nonexistent. Patients’ physical security is also at risk if adequate cybersecurity measures are not taken. Currently, data privacy and security protections are not robust enough to address the privacy and security risks and stymies the current and future benefits of CGM and the platforms and apps that communicate with them. PMID:28264188

27 CFR 19.966 - Security.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2010-04-01 2010-04-01 false Security. 19.966 Section 19.966 Alcohol, Tobacco Products and Firearms ALCOHOL AND TOBACCO TAX AND TRADE BUREAU, DEPARTMENT OF... and Security § 19.966 Security. Proprietors shall provide security adequate to deter the unauthorized...

Addressing security, collaboration, and usability with tactical edge mobile devices and strategic cloud-based systems

NASA Astrophysics Data System (ADS)

Graham, Christopher J.

2012-05-01

Success in the future battle space is increasingly dependent on rapid access to the right information. Faced with a shrinking budget, the Government has a mandate to improve intelligence productivity, quality, and reliability. To achieve increased ISR effectiveness, leverage of tactical edge mobile devices via integration with strategic cloud-based infrastructure is the single, most likely candidate area for dramatic near-term impact. This paper discusses security, collaboration, and usability components of this evolving space. These three paramount tenets outlined below, embody how mission information is exchanged securely, efficiently, with social media cooperativeness. Tenet 1: Complete security, privacy, and data integrity, must be ensured within the net-centric battle space. This paper discusses data security on a mobile device, data at rest on a cloud-based system, authorization and access control, and securing data transport between entities. Tenet 2: Lack of collaborative information sharing and content reliability jeopardizes mission objectives and limits the end user capability. This paper discusses cooperative pairing of mobile devices and cloud systems, enabling social media style interaction via tagging, meta-data refinement, and sharing of pertinent data. Tenet 3: Fielded mobile solutions must address usability and complexity. Simplicity is a powerful paradigm on mobile platforms, where complex applications are not utilized, and simple, yet powerful, applications flourish. This paper discusses strategies for ensuring mobile applications are streamlined and usable at the tactical edge through focused features sets, leveraging the power of the back-end cloud, minimization of differing HMI concepts, and directed end-user feedback.teInput=

Transoral bisected resection for T1-2 oral tongue squamous cell carcinoma to secure adequate deep margin.

PubMed

Choi, Nayeon; Cho, Jae-Keun; Lee, Eun Kyu; Won, Sung Jun; Kim, Bo Young; Baek, Chung-Hwan

2017-10-01

To investigate the clinical usefulness of transoral bisected resection (TBR) asa new method to secure adequate deep resection margin in T1-2 oral tongue squamous cell carcinomas (SCC). Among 75 patients with cT1-2N0 oral tongue SCCs, 45 (60%) received transoral en-bloc resection (TER) while 30 (40%) received patients underwent TBR. Primary tumor resection was performed with 1.5-cm surgical resection margin for both groups. Mucosal and deep resection margins, adjuvant treatments including re-resection of the tongue and cheomoradiotherapy, local and regional recurrence free survival, and overall survival were compared between the two groups. Mean deep resection margin in the TBR group was 9.9mm (95% CI: 8.4-11.4mm), which was significantly (P<0.001) wider than that of the TER group (mean: 5.4mm, 95% CI: 4.5-6.3mm). However, mucosal resection margins were not significantly (P=0.153) different between the two groups. Re-resection of tongue was performed for 6 (13.3%) of 17 (37.8%) patients with inadequate deep resection margin in the TER group and none (0%) in 4 (13.3%) patients with inadequate deep resection margin in the TBR group. Adjuvant radiation due to inadequate deep resection margin was performed for 6.7% of patients in both groups. The TBR group had better local recurrence free survival than the TER group. However, regional recurrence free survival and overall survival were not significantly different between the two groups. TBR could provide adequate deep resection margin for early stage tongue cancers with better local tumor control than TER. It can decrease the necessity of adjuvant treatment for re-resection of the tongue. Copyright © 2017 Elsevier Ltd. All rights reserved.

36 CFR 1275.22 - Security.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 36 Parks, Forests, and Public Property 3 2011-07-01 2011-07-01 false Security. 1275.22 Section... THE NIXON ADMINISTRATION Preservation and Protection § 1275.22 Security. The Archivist is responsible for providing adequate security for the Presidential historical materials. ...

36 CFR 1275.22 - Security.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 36 Parks, Forests, and Public Property 3 2010-07-01 2010-07-01 false Security. 1275.22 Section... THE NIXON ADMINISTRATION Preservation and Protection § 1275.22 Security. The Archivist is responsible for providing adequate security for the Presidential historical materials. ...

36 CFR 1275.22 - Security.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 36 Parks, Forests, and Public Property 3 2012-07-01 2012-07-01 false Security. 1275.22 Section... THE NIXON ADMINISTRATION Preservation and Protection § 1275.22 Security. The Archivist is responsible for providing adequate security for the Presidential historical materials. ...

36 CFR 1275.22 - Security.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 36 Parks, Forests, and Public Property 3 2014-07-01 2014-07-01 false Security. 1275.22 Section... THE NIXON ADMINISTRATION Preservation and Protection § 1275.22 Security. The Archivist is responsible for providing adequate security for the Presidential historical materials. ...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 12 2010-01-01 2010-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 12 2011-01-01 2011-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

27 CFR 19.704 - Security.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2014-04-01 2014-04-01 false Security. 19.704 Section... Construction, Equipment, and Security § 19.704 Security. (a) General. The proprietor of an alcohol fuel plant must provide adequate security measures at the alcohol fuel plant in order to protect against the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 12 2012-01-01 2012-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 12 2013-01-01 2013-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

27 CFR 19.704 - Security.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2012-04-01 2012-04-01 false Security. 19.704 Section... Construction, Equipment, and Security § 19.704 Security. (a) General. The proprietor of an alcohol fuel plant must provide adequate security measures at the alcohol fuel plant in order to protect against the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 12 2014-01-01 2013-01-01 true Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

27 CFR 19.704 - Security.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2011-04-01 2011-04-01 false Security. 19.704 Section... Construction, Equipment, and Security § 19.704 Security. (a) General. The proprietor of an alcohol fuel plant must provide adequate security measures at the alcohol fuel plant in order to protect against the...

27 CFR 19.704 - Security.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2013-04-01 2013-04-01 false Security. 19.704 Section... Construction, Equipment, and Security § 19.704 Security. (a) General. The proprietor of an alcohol fuel plant must provide adequate security measures at the alcohol fuel plant in order to protect against the...

Capturing security requirements for software systems.

PubMed

El-Hadary, Hassan; El-Kassas, Sherif

2014-07-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

PubMed Central

El-Hadary, Hassan; El-Kassas, Sherif

2014-01-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

One Health in food safety and security education: A curricular framework.

PubMed

Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

2016-02-01

The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts. Copyright © 2015 The Authors. Published by Elsevier Ltd.. All rights reserved.

Food and nutritional security requires adequate protein as well as energy, delivered from whole-year crop production.

PubMed

Coles, Graeme D; Wratten, Stephen D; Porter, John R

2016-01-01

Human food security requires the production of sufficient quantities of both high-quality protein and dietary energy. In a series of case-studies from New Zealand, we show that while production of food ingredients from crops on arable land can meet human dietary energy requirements effectively, requirements for high-quality protein are met more efficiently by animal production from such land. We present a model that can be used to assess dietary energy and quality-corrected protein production from various crop and crop/animal production systems, and demonstrate its utility. We extend our analysis with an accompanying economic analysis of commercially-available, pre-prepared or simply-cooked foods that can be produced from our case-study crop and animal products. We calculate the per-person, per-day cost of both quality-corrected protein and dietary energy as provided in the processed foods. We conclude that mixed dairy/cropping systems provide the greatest quantity of high-quality protein per unit price to the consumer, have the highest food energy production and can support the dietary requirements of the highest number of people, when assessed as all-year-round production systems. Global food and nutritional security will largely be an outcome of national or regional agroeconomies addressing their own food needs. We hope that our model will be used for similar analyses of food production systems in other countries, agroecological zones and economies.

Adequate supervision for children and adolescents.

PubMed

Anderst, James; Moffatt, Mary

2014-11-01

Primary care providers (PCPs) have the opportunity to improve child health and well-being by addressing supervision issues before an injury or exposure has occurred and/or after an injury or exposure has occurred. Appropriate anticipatory guidance on supervision at well-child visits can improve supervision of children, and may prevent future harm. Adequate supervision varies based on the child's development and maturity, and the risks in the child's environment. Consideration should be given to issues as wide ranging as swimming pools, falls, dating violence, and social media. By considering the likelihood of harm and the severity of the potential harm, caregivers may provide adequate supervision by minimizing risks to the child while still allowing the child to take "small" risks as needed for healthy development. Caregivers should initially focus on direct (visual, auditory, and proximity) supervision of the young child. Gradually, supervision needs to be adjusted as the child develops, emphasizing a safe environment and safe social interactions, with graduated independence. PCPs may foster adequate supervision by providing concrete guidance to caregivers. In addition to preventing injury, supervision includes fostering a safe, stable, and nurturing relationship with every child. PCPs should be familiar with age/developmentally based supervision risks, adequate supervision based on those risks, characteristics of neglectful supervision based on age/development, and ways to encourage appropriate supervision throughout childhood. Copyright 2014, SLACK Incorporated.

Addressing China's grand challenge of achieving food security while ensuring environmental sustainability.

PubMed

Lu, Yonglong; Jenkins, Alan; Ferrier, Robert C; Bailey, Mark; Gordon, Iain J; Song, Shuai; Huang, Jikun; Jia, Shaofeng; Zhang, Fusuo; Liu, Xuejun; Feng, Zhaozhong; Zhang, Zhibin

2015-02-01

China's increasingly urbanized and wealthy population is driving a growing and changing demand for food, which might not be met without significant increase in agricultural productivity and sustainable use of natural resources. Given the past relationship between lack of access to affordable food and political instability, food security has to be given a high priority on national political agendas in the context of globalization. The drive for increased food production has had a significant impact on the environment, and the deterioration in ecosystem quality due to historic and current levels of pollution will potentially compromise the food production system in China. We discuss the grand challenges of not only producing more food but also producing it sustainably and without environmental degradation. In addressing these challenges, food production should be considered as part of an environmental system (soil, air, water, and biodiversity) and not independent from it. It is imperative that new ways of meeting the demand for food are developed while safeguarding the natural resources upon which food production is based. We present a holistic approach to both science and policy to ensure future food security while embracing the ambition of achieving environmental sustainability in China. It is a unique opportunity for China to be a role model as a new global player, especially for other emerging economies.

A life-cycle approach to food and nutrition security in India.

PubMed

Rai, Rajesh Kumar; Kumar, Sandhya; Sekher, Madhushree; Pritchard, Bill; Rammohan, Anu

2015-04-01

India's poor performance on critical food and nutrition security indicators despite substantial economic prosperity has been widely documented. These failings not only hamper national progress, but also contribute significantly to the global undernourished population, particularly children. While the recently passed National Food Security Act 2013 adopts a life-cycle approach to expand coverage of subsidized food grains to the most vulnerable households and address food security, there remains much to be desired in the legislation. Access to adequate food for 1.24 billion people is a multifaceted problem requiring an interconnected set of policy measures to tackle the various factors affecting food and nutrition security in India. In the present opinion paper, we discuss a fivefold strategy that incorporates a life-cycle approach, spanning reproductive health, bolstering citizen participation in existing national programmes, empowering women, advancing agriculture and better monitoring the Public Distribution System in order to fill the gaps in both access and adequacy of food and nutrition.

Social Security Administration

MedlinePlus

... Plan Costs my Social Security Check out your Social Security Statement , change your address & manage your benefits online today. Social Security Number Your Social Security number remains your ...

17 CFR 171.3 - Business address; hours.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Business address; hours. 171.3 Section 171.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO... MEMBER RESPONSIBILITY ACTIONS General Provisions § 171.3 Business address; hours. The principal office of...

17 CFR 12.3 - Business address; hours.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Business address; hours. 12.3 Section 12.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO REPARATIONS General Information and Preliminary Consideration of Pleadings § 12.3 Business address; hours. The...

17 CFR 12.3 - Business address; hours.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Business address; hours. 12.3 Section 12.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO REPARATIONS General Information and Preliminary Consideration of Pleadings § 12.3 Business address; hours. The...

17 CFR 171.3 - Business address; hours.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Business address; hours. 171.3 Section 171.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO... MEMBER RESPONSIBILITY ACTIONS General Provisions § 171.3 Business address; hours. The principal office of...

17 CFR 12.3 - Business address; hours.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Business address; hours. 12.3 Section 12.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO REPARATIONS General Information and Preliminary Consideration of Pleadings § 12.3 Business address; hours. The...

17 CFR 12.3 - Business address; hours.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Business address; hours. 12.3 Section 12.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO REPARATIONS General Information and Preliminary Consideration of Pleadings § 12.3 Business address; hours. The...

17 CFR 171.3 - Business address; hours.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Business address; hours. 171.3 Section 171.3 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO... MEMBER RESPONSIBILITY ACTIONS General Provisions § 171.3 Business address; hours. The principal office of...

Governing for Enterprise Security (Briefing Charts)

DTIC Science & Technology

2005-01-01

governance/stakeholder.html © 2005 by Carnegie Mellon University page 16 Adequate Security and Operational Risk “Appropriate business security is that which...Sherwood 03] Sherwood, John; Clark; Andrew; Lynas, David. “Systems and Business Security Architecture.” SABSA Limited, 17 September 2003. Available at

36 CFR § 1275.22 - Security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true Security. § 1275.22 Section Â... THE NIXON ADMINISTRATION Preservation and Protection § 1275.22 Security. The Archivist is responsible for providing adequate security for the Presidential historical materials. ...

7 CFR 772.6 - Subordination of security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.6 Subordination of security. (a) Eligibility. The Agency shall grant a subordination of Minor Program loan security when the transaction will... still be adequately secured after the subordination, or the value of the loan security will be increased...

17 CFR 10.4 - Business address; hours.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Business address; hours. 10.4 Section 10.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES OF PRACTICE General Provisions § 10.4 Business address; hours. The Office of Proceedings is located at Three Lafayette...

17 CFR 10.4 - Business address; hours.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Business address; hours. 10.4 Section 10.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES OF PRACTICE General Provisions § 10.4 Business address; hours. The Office of Proceedings is located at Three Lafayette...

17 CFR 10.4 - Business address; hours.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Business address; hours. 10.4 Section 10.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES OF PRACTICE General Provisions § 10.4 Business address; hours. The Office of Proceedings is located at Three Lafayette...

17 CFR 10.4 - Business address; hours.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Business address; hours. 10.4 Section 10.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES OF PRACTICE General Provisions § 10.4 Business address; hours. The Office of Proceedings is located at Three Lafayette...

7 CFR 762.126 - Security requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 7 2012-01-01 2012-01-01 false Security requirements. 762.126 Section 762.126... AGRICULTURE SPECIAL PROGRAMS GUARANTEED FARM LOANS § 762.126 Security requirements. (a) General. (1) The lender is responsible for ensuring that proper and adequate security is obtained and maintained to fully...

Africa: addressing growing threats to food security.

PubMed

Rukuni, Mandivamba

2002-11-01

Africa remains the only region in the world where the number of hungry people will still be on the increase in 2020, and the number of malnourished children will have increased correspondingly. In this report I have acknowledged the general public policy trends across Africa in terms of macroeconomic policy reforms and political transitions. These welcome trends have to still produce stable nations and economies. Although economic development is the long-term solution to Africa's challenge on hunger and poverty, this will take time. And it follows therefore that African nations have to pursue policies and strategies that promote long-term growth while at the same time offering short-term safety nets for the poorest of the poor. The growth and development strategy will have at its core the need to increase significantly the levels of public-sector investment in agriculture and rural development and to give top priority to the commercialization of smallholder agriculture so as to increase productivity and competitiveness. But food security at the household level is ultimately a balance between availability and access, and in this regard governments need complementary food security policies that increase the probability of food access by the vulnerable groups.

Automatic address validation and health record review to identify homeless Social Security disability applicants.

PubMed

Erickson, Jennifer; Abbott, Kenneth; Susienka, Lucinda

2018-06-01

Homeless patients face a variety of obstacles in pursuit of basic social services. Acknowledging this, the Social Security Administration directs employees to prioritize homeless patients and handle their disability claims with special care. However, under existing manual processes for identification of homelessness, many homeless patients never receive the special service to which they are entitled. In this paper, we explore address validation and automatic annotation of electronic health records to improve identification of homeless patients. We developed a sample of claims containing medical records at the moment of arrival in a single office. Using address validation software, we reconciled patient addresses with public directories of homeless shelters, veterans' hospitals and clinics, and correctional facilities. Other tools annotated electronic health records. We trained random forests to identify homeless patients and validated each model with 10-fold cross validation. For our finished model, the area under the receiver operating characteristic curve was 0.942. The random forest improved sensitivity from 0.067 to 0.879 but decreased positive predictive value to 0.382. Presumed false positive classifications bore many characteristics of homelessness. Organizations could use these methods to prompt early collection of information necessary to avoid labor-intensive attempts to reestablish contact with homeless individuals. Annually, such methods could benefit tens of thousands of patients who are homeless, destitute, and in urgent need of assistance. We were able to identify many more homeless patients through a combination of automatic address validation and natural language processing of unstructured electronic health records. Copyright © 2018. Published by Elsevier Inc.

Addressing China’s grand challenge of achieving food security while ensuring environmental sustainability

PubMed Central

Lu, Yonglong; Jenkins, Alan; Ferrier, Robert C.; Bailey, Mark; Gordon, Iain J.; Song, Shuai; Huang, Jikun; Jia, Shaofeng; Zhang, Fusuo; Liu, Xuejun; Feng, Zhaozhong; Zhang, Zhibin

2015-01-01

China’s increasingly urbanized and wealthy population is driving a growing and changing demand for food, which might not be met without significant increase in agricultural productivity and sustainable use of natural resources. Given the past relationship between lack of access to affordable food and political instability, food security has to be given a high priority on national political agendas in the context of globalization. The drive for increased food production has had a significant impact on the environment, and the deterioration in ecosystem quality due to historic and current levels of pollution will potentially compromise the food production system in China. We discuss the grand challenges of not only producing more food but also producing it sustainably and without environmental degradation. In addressing these challenges, food production should be considered as part of an environmental system (soil, air, water, and biodiversity) and not independent from it. It is imperative that new ways of meeting the demand for food are developed while safeguarding the natural resources upon which food production is based. We present a holistic approach to both science and policy to ensure future food security while embracing the ambition of achieving environmental sustainability in China. It is a unique opportunity for China to be a role model as a new global player, especially for other emerging economies. PMID:26601127

An evaluation of security measures implemented to address physical threats to water infrastructure in the state of Mississippi.

PubMed

Barrett, Jason R; French, P Edward

2013-01-01

The events of September 11, 2001, increased and intensified domestic preparedness efforts in the United States against terrorism and other threats. The heightened focus on protecting this nation's critical infrastructure included legislation requiring implementation of extensive new security measures to better defend water supply systems against physical, chemical/biological, and cyber attacks. In response, municipal officials have implemented numerous safeguards to reduce the vulnerability of these systems to purposeful intrusions including ongoing vulnerability assessments, extensive personnel training, and highly detailed emergency response and communication plans. This study evaluates fiscal year 2010 annual compliance assessments of public water systems with security measures that were implemented by Mississippi's Department of Health as a response to federal requirements to address these potential terrorist threats to water distribution systems. The results show that 20 percent of the water systems in this state had at least one security violation on their 2010 Capacity Development Assessment, and continued perseverance from local governments is needed to enhance the resiliency and robustness of these systems against physical threats.

Cyber Security--Are You Prepared?

ERIC Educational Resources Information Center

Newman, Scott

2007-01-01

During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

Personal health record systems and their security protection.

PubMed

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

Execution of a self-directed risk assessment methodology to address HIPAA data security requirements

NASA Astrophysics Data System (ADS)

Coleman, Johnathan

2003-05-01

This paper analyzes the method and training of a self directed risk assessment methodology entitled OCTAVE (Operationally Critical Threat Asset and Vulnerability Evaluation) at over 170 DOD medical treatment facilities. It focuses specifically on how OCTAVE built interdisciplinary, inter-hierarchical consensus and enhanced local capabilities to perform Health Information Assurance. The Risk Assessment Methodology was developed by the Software Engineering Institute at Carnegie Mellon University as part of the Defense Health Information Assurance Program (DHIAP). The basis for its success is the combination of analysis of organizational practices and technological vulnerabilities. Together, these areas address the core implications behind the HIPAA Security Rule and can be used to develop Organizational Protection Strategies and Technological Mitigation Plans. A key component of OCTAVE is the inter-disciplinary composition of the analysis team (Patient Administration, IT staff and Clinician). It is this unique composition of analysis team members, along with organizational and technical analysis of business practices, assets and threats, which enables facilities to create sound and effective security policies. The Risk Assessment is conducted in-house, and therefore the process, results and knowledge remain within the organization, helping to build consensus in an environment of differing organizational and disciplinary perspectives on Health Information Assurance.

Realization and Addressing Analysis In Blockchain Bitcoin

NASA Astrophysics Data System (ADS)

Sakti Arief Daulay, Raja; Michrandi Nasution, Surya; Paryasto, Marisa W.

2017-11-01

The implementation research and analyze address blockchain on this bitcoin will have the results that refers to making address bitcoin a safe and boost security of address the bitcoin. The working mechanism of blockchain in making address bitcoin which is already in the blockchain system.

42 CFR 3.106 - Security requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., maintenance, storage, removal, disclosure, transmission and destruction. (b) Security framework. A PSO must... subsection. In addressing the framework that follows, the PSO may develop appropriate and scalable security...) Security management. A PSO must address: (i) Maintenance and effective implementation of written policies...

42 CFR 3.106 - Security requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., maintenance, storage, removal, disclosure, transmission and destruction. (b) Security framework. A PSO must... subsection. In addressing the framework that follows, the PSO may develop appropriate and scalable security...) Security management. A PSO must address: (i) Maintenance and effective implementation of written policies...

42 CFR 3.106 - Security requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., maintenance, storage, removal, disclosure, transmission and destruction. (b) Security framework. A PSO must... subsection. In addressing the framework that follows, the PSO may develop appropriate and scalable security...) Security management. A PSO must address: (i) Maintenance and effective implementation of written policies...

Addressing the Economic Security Issues Facing Same-Sex Couples.

ERIC Educational Resources Information Center

Dolan, Elizabeth M.; Stum, Marlene S.; Rupured, Michael

1999-01-01

Provides educators and researchers with an awareness of the financial security issues faced by same-sex couples and offers suggestions for incorporating the discussion of these ideas into existing curricula and research. (Author/JOW)

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

NASA Astrophysics Data System (ADS)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

75 FR 11610 - Notice Announcing Addresses for Service of Process

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-11

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2009-0076] Notice Announcing Addresses for Service of Process AGENCY: Social Security Administration. ACTION: Notice announcing addresses for summonses and complaints. SUMMARY: The Office of the General Counsel (OGC) is responsible for processing and...

Developing a Security Profile.

ERIC Educational Resources Information Center

Woodcock, Chris

1999-01-01

Examines the questions schools should address when re-evaluating how to protect people, property, and assets. Questions addressed include where and how to begin to improve security in a school, getting the most protection economically, establishing where electronic security should be used, using surveillance cameras and systems, and what the role…

The United States, Russia, Europe, and Security: How to Address the Unfinished Business of the Post-Cold War Era

DTIC Science & Technology

2012-04-01

offered transparency and force limitations through clear rules of the game, enabling former enemies to keep suspicions in check. It guarantees...will have to change. Of course, it will change should oil prices drop to the point of getting Russia on its knees . Beyond such a scenario, there will...and addressing security challenges in and around Europe. Today’s declaratory policy hardly matches the facts on the ground, and the rules of the

HOMELAND SECURITY: Challenges and Strategies in Addressing Short- and Long-Term National Needs

DTIC Science & Technology

2001-11-07

air travel has already prompted attention to chronic problems with airport security that we and others have been pointing to for years. Moreover, the...capital for certain areas such as intelligence, public health and airport security will also be necessary as well to foster and maintain the skill...Weaknesses in Airport Security and Options for Assigning Screening Responsibilities, (GAO-01-1165T, Sept. 21, 2001). Aviation Security: Terrorist Acts

Computer Security Systems Enable Access.

ERIC Educational Resources Information Center

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

Military Education Workshop Addresses Threats to Stability and Security

DTIC Science & Technology

2007-08-01

for an upcoming National Intelligence Estimate (NIE), the National Inteligence Council (NIC) has reached out to a broad group of U.S. government...OFFICIAL BUSINESS resource competition and conflict; water and food security; health and disease, and the stability of governments. The Army should be

Recent advances to address European Union Health Security from cross border chemical health threats.

PubMed

Duarte-Davidson, R; Orford, R; Wyke, S; Griffiths, M; Amlôt, R; Chilcott, R

2014-11-01

The European Union (EU) Decision (1082/2013/EU) on serious cross border threats to health was adopted by the European Parliament in November 2013, in recognition of the need to strengthen the capacity of Member States to coordinate the public health response to cross border threats, whether from biological, chemical, environmental events or events which have an unknown origin. Although mechanisms have been in place for years for reporting cross border health threats from communicable diseases, this has not been the case for incidents involving chemicals and/or environmental events. A variety of collaborative EU projects have been funded over the past 10 years through the Health Programme to address gaps in knowledge on health security and to improve resilience and response to major incidents involving chemicals. This paper looks at the EU Health Programme that underpins recent research activities to address gaps in resilience, planning, responding to and recovering from a cross border chemical incident. It also looks at how the outputs from the research programme will contribute to improving public health management of transnational incidents that have the potential to overwhelm national capabilities, putting this into context with the new requirements as the Decision on serious cross border threats to health as well as highlighting areas for future development. Crown Copyright © 2014. Published by Elsevier Ltd. All rights reserved.

Interactive Programming Support for Secure Software Development

ERIC Educational Resources Information Center

Xie, Jing

2012-01-01

Software vulnerabilities originating from insecure code are one of the leading causes of security problems people face today. Unfortunately, many software developers have not been adequately trained in writing secure programs that are resistant from attacks violating program confidentiality, integrity, and availability, a style of programming…

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2010 CFR

2010-01-01

... meet the following standards: (1) Address each vulnerability identified in the facility's Security Vulnerability Assessment, and identify and describe the security measures to address each such vulnerability; (2... updates, revises or otherwise alters its Security Vulnerability Assessment pursuant to § 27.215(d), the...

Food Security-A Commentary: What Is It and Why Is It So Complicated?

PubMed

Gibson, Mark

2012-12-03

Every year over 10 million people die of hunger and hunger related diseases. Nearly six million of these are children under the age of five; that is one child's death approximately every six seconds. Understanding how this still occurs amid the ever increasing social enlightenment of the 21st century-and under the auspices of a vigilant global developmental community-is one of the key challenges of our time. The science of food security aims to address such concerns. By understanding the multiplicity of the phenomenon, practitioners of global multilateral hegemony seek to shape appropriate policy to address these issues. The difficulty however is that the phenomenon is increasingly wrapped up inside an ever growing bundle of societal aspirations including inter-alia under-nutrition, poverty, sustainability, free trade, national self sufficiency, reducing female subjugation and so on. Any solutions therefore, involve fully understanding just what is indeed included, implied, understood or excluded within the food security catchall. Indeed, until such time as consensus can be found that adequately binds the phenomenon within a fixed delineated concept, current efforts to address the multitude of often divergent threads only serves to dilute efforts and confound attempts to once-and-for-all bring these unacceptable figures under control.

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2013 CFR

2013-10-01

... record systems. The Chief Information Officer has the responsibility of maintaining adequate technical... the Chief Information Officer. The log shall be maintained at all times. (6) The Institute shall... identifiable personal information. Such safeguards must be sufficient to prevent negligent, accidental, or...

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2012 CFR

2012-10-01

... record systems. The Chief Information Officer has the responsibility of maintaining adequate technical... the Chief Information Officer. The log shall be maintained at all times. (6) The Institute shall... identifiable personal information. Such safeguards must be sufficient to prevent negligent, accidental, or...

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2014 CFR

2014-10-01

... record systems. The Chief Information Officer has the responsibility of maintaining adequate technical... the Chief Information Officer. The log shall be maintained at all times. (6) The Institute shall... identifiable personal information. Such safeguards must be sufficient to prevent negligent, accidental, or...

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2011 CFR

2011-10-01

... record systems. The Chief Information Officer has the responsibility of maintaining adequate technical... the Chief Information Officer. The log shall be maintained at all times. (6) The Institute shall... identifiable personal information. Such safeguards must be sufficient to prevent negligent, accidental, or...

Linking hospital security to customer service: making the case for 'world class' security.

PubMed

Hill, Scott A

2011-01-01

The reluctance of many hospitals today to invest money and resources into security and safety while at the same time promoting customer good will is a fallacy that has to be corrected, according to the author. He demonstrates how high customer satisfaction scores, as well as regulatory compliance, can only be achieved if a hospital takes the steps necessary to provide adequate safety and security to patients, visitors, physicians and to all who come to the hospital.

Exploring the Future of Security in the Caribbean: a Regional Security Partnership?

DTIC Science & Technology

2007-12-14

by these organizations and their members. 25 CHAPTER 2 LITERATURE REVIEW Psychologist Abraham Maslow posited that safety [read security] is one...addressing the security needs of the Caribbean Basin and the United States? Of necessity , there are several secondary questions which must be...development of models/ theories of security. These theories of security abound, and have evolved as the international arena has changed. Realists, idealists and

Information Systems, Security, and Privacy.

ERIC Educational Resources Information Center

Ware, Willis H.

1984-01-01

Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

Ways to Improve DoD 8570 IY Security Certification

ERIC Educational Resources Information Center

Bates, Justin D.

2017-01-01

The goal of this research was to discover a list of changes that can be applied to IT security certifications to enhance the day-to-day capabilities of IT security professionals. Background: IT security professionals are often required to obtain certifications that do not adequately prepare them for the full scope of work that will be necessary…

A 3S Risk ?3SR? Assessment Approach for Nuclear Power: Safety Security and Safeguards.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Forrest, Robert; Reinhardt, Jason Christian; Wheeler, Timothy A.

Safety-focused risk analysis and assessment approaches struggle to adequately include malicious, deliberate acts against the nuclear power industry's fissile and waste material, infrastructure, and facilities. Further, existing methods do not adequately address non- proliferation issues. Treating safety, security, and safeguards concerns independently is inefficient because, at best, it may not take explicit advantage of measures that provide benefits against multiple risk domains, and, at worst, it may lead to implementations that increase overall risk due to incompatibilities. What is needed is an integrated safety, security and safeguards risk (or "3SR") framework for describing and assessing nuclear power risks that canmore » enable direct trade-offs and interactions in order to inform risk management processes -- a potential paradigm shift in risk analysis and management. These proceedings of the Sandia ePRA Workshop (held August 22-23, 2017) are an attempt to begin the discussions and deliberations to extend and augment safety focused risk assessment approaches to include security concerns and begin moving towards a 3S Risk approach. Safeguards concerns were not included in this initial workshop and are left to future efforts. This workshop focused on four themes in order to begin building out a the safety and security portions of the 3S Risk toolkit: 1. Historical Approaches and Tools 2. Current Challenges 3. Modern Approaches 4. Paths Forward and Next Steps This report is organized along the four areas described above, and concludes with a summary of key points. 2 Contact: rforres@sandia.gov; +1 (925) 294-2728« less

Aviation Security: Slow Progress in Addressing Long-Standing Screener Performance Problems

DTIC Science & Technology

2000-03-16

aviation security , in particular airport screeners. Securing an air transportation system the size of this nation’s-with hundreds of airports, thousands of aircraft, and tens of thousands of flights daily carrying millions of passengers and pieces of baggage-is a difficult task. Events over the past decade have shown that the threat of terrorism against the United States is an ever-present danger. Aviation is an attractive target for terrorists, and because the air transportation system is critical to the nation’s well-being, protecting it is an important

How strong is the Social Security safety net? Using the Elder Index to assess gaps in economic security.

PubMed

Mutchler, Jan E; Li, Yang; Xu, Ping

2018-04-16

Older Americans rely heavily on Social Security benefits (SSBs) to support independent lifestyles, and many have few or no additional sources of income. We establish the extent to which SSBs adequately support economic security, benchmarked by the Elder Economic Security Standard Index. We document variability across U.S. counties in the adequacy levels of SSBs among older adults. We find that the average SSBs fall short of what is required for economic security in every county in the United States, but the level of shortfall varies considerably by location. Policy implications relating to strengthening Social Security and other forms of retirement income are discussed.

48 CFR 832.202-4 - Security for Government financing.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 5 2012-10-01 2012-10-01 false Security for Government... for Government financing. An offeror's financial condition may be considered adequate security to protect the Government's interest when the Government provides contract financing. In assessing the...

48 CFR 832.202-4 - Security for Government financing.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Security for Government... for Government financing. An offeror's financial condition may be considered adequate security to protect the Government's interest when the Government provides contract financing. In assessing the...

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

On the security of consumer wearable devices in the Internet of Things.

PubMed

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

On the security of consumer wearable devices in the Internet of Things

PubMed Central

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands. PMID:29668756

School Security Technologies

ERIC Educational Resources Information Center

Schneider, Tod

2010-01-01

Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

Insider Threat Security Reference Architecture

DTIC Science & Technology

2012-04-01

this challenge. CMU/SEI-2012-TR-007 | 2 2 The Components of the ITSRA Figure 2 shows the four layers of the ITSRA. The Business Security layer......organizations improve their level of preparedness to address the insider threat. Business Security Architecture Data Security Architecture

Falling short: how state laws can address health information exchange barriers and enablers.

PubMed

Schmit, Cason D; Wetter, Sarah A; Kash, Bita A

2018-06-01

Research on the implementation of health information exchange (HIE) organizations has identified both positive and negative effects of laws relating to governance, incentives, mandates, sustainability, stakeholder participation, patient engagement, privacy, confidentiality, and security. We fill a substantial research gap by describing whether comprehensive state and territorial HIE legal frameworks address identified legal facilitators and barriers. We used the Westlaw database to identify state and territorial laws relating to HIEs in effect on June 7, 2016 (53 jurisdictions). We blind-coded all laws and addressed coding discrepancies in peer-review meetings. We recorded a consensus code for each law in a master database. We compared 20 HIE legal attributes with identified barriers to and enablers of HIE activity in the literature. Forty-two states, the District of Columbia, and 2 territories have laws relating to HIEs. On average, jurisdictions address 8.32 of the 20 criteria selected in statutes and regulations. Twenty jurisdictions unambiguously address ≤5 criteria in statutes and regulations. None of the significant legal criteria are unambiguously addressed in >60% of the 53 jurisdictions. Laws can be barriers to or enablers of HIEs. However, jurisdictions are not addressing many significant issues identified by researchers. Consequently, there is a substantial risk that existing legal frameworks are not adequately supporting HIEs. The current evidence base is insufficient for comparative assessments or impact rankings of the various factors. However, the detailed Centers for Disease Control and Prevention dataset of HIE laws could enable investigations into the types of laws that promote or impede HIEs.

46 CFR 107.117 - Coast Guard addresses.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Coast Guard addresses. 107.117 Section 107.117 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION General § 107.117 Coast Guard addresses. When approval of the Commandant is required under this...

46 CFR 107.117 - Coast Guard addresses.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Coast Guard addresses. 107.117 Section 107.117 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION General § 107.117 Coast Guard addresses. When approval of the Commandant is required under this...

46 CFR 107.117 - Coast Guard addresses.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Coast Guard addresses. 107.117 Section 107.117 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION General § 107.117 Coast Guard addresses. When approval of the Commandant is required under this...

46 CFR 107.117 - Coast Guard addresses.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Coast Guard addresses. 107.117 Section 107.117 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION General § 107.117 Coast Guard addresses. When approval of the Commandant is required under this...

46 CFR 107.117 - Coast Guard addresses.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Coast Guard addresses. 107.117 Section 107.117 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION General § 107.117 Coast Guard addresses. When approval of the Commandant is required under this...

6 CFR 37.41 - Security plan.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security plan. 37.41 Section 37.41 Domestic... Security plan. (a) In General. States must have a security plan that addresses the provisions in paragraph (b) of this section and must submit the security plan as part of its REAL ID certification under § 37...

Addressing the Challenges of Collective Security in West Africa: In View of Recent Conflicts

DTIC Science & Technology

2017-06-09

Distribution is Unlimited 13. SUPPLEMENTARY NOTES 14. ABSTRACT Understanding that achieving peace and security is a primary condition for an economic ...condition for an economic integration, ECOWAS has developped various approachs in resolving crises and overcoming threats within West Africa. Using...System CS Collective Security CSO Civil Society Organizations CSS Center for Security Studies EAC East Africa Community ECCAS Economic Community of

ASIS healthcare security benchmarking study.

PubMed

2001-01-01

Effective security has aligned itself into the everyday operations of a healthcare organization. This is evident in every regional market segment, regardless of size, location, and provider clinical expertise or organizational growth. This research addresses key security issues from an acute care provider to freestanding facilities, from rural hospitals and community hospitals to large urban teaching hospitals. Security issues and concerns are identified and addressed daily by senior and middle management. As provider campuses become larger and more diverse, the hospitals surveyed have identified critical changes and improvements that are proposed or pending. Mitigating liabilities and improving patient, visitor, and/or employee safety are consequential to the performance and viability of all healthcare providers. Healthcare organizations have identified the requirement to compete for patient volume and revenue. The facility that can deliver high-quality healthcare in a comfortable, safe, secure, and efficient atmosphere will have a significant competitive advantage over a facility where patient or visitor security and safety is deficient. Continuing changes in healthcare organizations' operating structure and healthcare geographic layout mean changes in leadership and direction. These changes have led to higher levels of corporate responsibility. As a result, each organization participating in this benchmark study has added value and will derive value for the overall benefit of the healthcare providers throughout the nation. This study provides a better understanding of how the fundamental security needs of security in healthcare organizations are being addressed and its solutions identified and implemented.

Secure and interoperable communication infrastructures for PPDR organisations

NASA Astrophysics Data System (ADS)

Müller, Wilmuth; Marques, Hugo; Pereira, Luis; Rodriguez, Jonathan; Brouwer, Frank; Bouwers, Bert; Politis, Ilias; Lykourgiotis, Asimakis; Ladas, Alexandros; Adigun, Olayinka; Jelenc, David

2016-05-01

The growing number of events affecting public safety and security (PS&S) on a regional scale with potential to grow up to large scale cross border disasters puts an increased pressure on agencies and organisation responsible for PS&S. In order to respond timely and in an adequate manner to such events, Public Protection and Disaster Relief (PPDR) organisations need to cooperate, align their procedures and activities, share the needed information and be interoperable. Existing PPDR/PMR technologies such as TETRA, TETRAPOL or P25, do not currently provide broadband capability nor is expected such technologies to be upgraded in the future. This presents a major limitation in supporting new services and information flows. Furthermore, there is no known standard that addresses interoperability of these technologies. In this contribution the design of a next generation communication infrastructure for PPDR organisations which fulfills the requirements of secure and seamless end-to-end communication and interoperable information exchange within the deployed communication networks is presented. Based on Enterprise Architecture of PPDR organisations, a next generation PPDR network that is backward compatible with legacy communication technologies is designed and implemented, capable of providing security, privacy, seamless mobility, QoS and reliability support for mission-critical Private Mobile Radio (PMR) voice and broadband data services. The designed solution provides a robust, reliable, and secure mobile broadband communications system for a wide variety of PMR applications and services on PPDR broadband networks, including the ability of inter-system, interagency and cross-border operations with emphasis on interoperability between users in PMR and LTE.

The adoption of IT security standards in a healthcare environment.

PubMed

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners..., DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.73 Physical security... adequate security for the area or building. If such security requires an alarm, such alarm, upon...

7 CFR 772.8 - Sale or exchange of security property.

Code of Federal Regulations, 2010 CFR

2010-01-01

... property. (a) For AMP loans. (1) Sale of all or a portion of the security property may be approved when all... according to lien priority. (2) Exchange of all or a portion of security property for an AMP loan may be... exchange; (iii) The AMP loan will be as adequately secured after the transaction as before; and (iv) It is...

The Application of materials attractiveness in a graded approach to nuclear materials security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ebbinghaus, B.; Bathke, C.; Dalton, D.

2013-07-01

The threat from terrorist groups has recently received greater attention. In this paper, material quantity and material attractiveness are addressed through the lens of a minimum security strategy needed to prevent the construction of a nuclear explosive device (NED) by an adversary. Nuclear materials are placed into specific security categories (3 or 4 categories) , which define a number of security requirements to protect the material. Materials attractiveness can be divided into four attractiveness levels, High, Medium, Low, and Very Low that correspond to the utility of the material to the adversary and to a minimum security strategy that ismore » necessary to adequately protect the nuclear material. We propose a graded approach to materials attractiveness that recognizes for instance substantial differences in attractiveness between pure reactor-grade Pu oxide (High attractiveness) and fresh MOX fuel (Low attractiveness). In either case, an adversary's acquisition of a Category I quantity of plutonium would be a major incident, but the acquisition of Pu oxide by the adversary would be substantially worse than the acquisition of fresh MOX fuel because of the substantial differences in the time and complexity required of the adversary to process the material and fashion it into a NED.« less

48 CFR 32.202-4 - Security for Government financing.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 1 2014-10-01 2014-10-01 false Security for Government... for Government financing. (a) Policy. (1) 10 U.S.C. 2307(f) and 41 U.S.C. 4505 require the Government to obtain adequate security for Government financing. The contracting officer shall specify in the...

A DHS Skunkworks Project: Defining and Addressing Homeland Security Grand Challenges

DTIC Science & Technology

2016-12-01

Peter Diamandis, Ansari XPRIZE, market failure, technology, stealth technologies, Pasteur’s quadrant, Heilmeier Catechism, Homeland Security Advanced...Judging and Scoring ....................................................................27 D. OPTIMIZING FOR AN EMERGING MARKET ...37 Figure 3. Market /Technology Chart

48 CFR 32.202-4 - Security for Government financing.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 1 2010-10-01 2010-10-01 false Security for Government... for Government financing. (a) Policy. (1) 10 U.S.C. 2307(f) and 41 U.S.C. 255(f) require the Government to obtain adequate security for Government financing. The contracting officer shall specify in the...

46 CFR 147.5 - Commandant (CG-522); address.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 5 2011-10-01 2011-10-01 false Commandant (CG-522); address. 147.5 Section 147.5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS CARGOES HAZARDOUS SHIPS' STORES General Provisions § 147.5 Commandant (CG-522); address. Commandant (CG-522) is the Office of Operating...

46 CFR 147.5 - Commandant (CG-522); address.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 5 2010-10-01 2010-10-01 false Commandant (CG-522); address. 147.5 Section 147.5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS CARGOES HAZARDOUS SHIPS' STORES General Provisions § 147.5 Commandant (CG-522); address. Commandant (CG-522) is the Office of Operating...

46 CFR 147.5 - Commandant (CG-OES); address.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Commandant (CG-OES); address. 147.5 Section 147.5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS CARGOES HAZARDOUS SHIPS' STORES General Provisions § 147.5 Commandant (CG-OES); address. Commandant (CG-OES) is the Office of Operating...

Consumer Attitudes and Perceptions on mHealth Privacy and Security: Findings From a Mixed-Methods Study.

PubMed

Atienza, Audie A; Zarcadoolas, Christina; Vaughon, Wendy; Hughes, Penelope; Patel, Vaishali; Chou, Wen-Ying Sylvia; Pritts, Joy

2015-01-01

This study examined consumers' attitudes and perceptions regarding mobile health (mHealth) technology use in health care. Twenty-four focus groups with 256 participants were conducted in 5 geographically diverse locations. Participants were also diverse in age, education, race/ethnicity, gender, and rural versus urban settings. Several key themes emerged from the focus groups. Findings suggest that consumer attitudes regarding mHealth privacy/security are highly contextualized, with concerns depending on the type of information being communicated, where and when the information is being accessed, who is accessing or seeing the information, and for what reasons. Consumers frequently considered the tradeoffs between the privacy/security of using mHealth technologies and the potential benefits. Having control over mHealth privacy/security features and trust in providers were important issues for consumers. Overall, this study found significant diversity in attitudes regarding mHealth privacy/security both within and between traditional demographic groups. Thus, to address consumers' concerns regarding mHealth privacy and security, a one-size-fits-all approach may not be adequate. Health care providers and technology developers should consider tailoring mHealth technology according to how various types of information are communicated in the health care setting, as well as according to the comfort, skills, and concerns individuals may have with mHealth technology.

7 CFR 772.8 - Sale or exchange of security property.

Code of Federal Regulations, 2014 CFR

2014-01-01

..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.8 Sale or exchange of security..., or sex in programs or activities receiving Federal financial assistance. Such provisions apply for as... security for the loan is adequate or will not change after the transaction. (iv) Sale proceeds remaining...

7 CFR 772.8 - Sale or exchange of security property.

Code of Federal Regulations, 2011 CFR

2011-01-01

..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.8 Sale or exchange of security..., or sex in programs or activities receiving Federal financial assistance. Such provisions apply for as... security for the loan is adequate or will not change after the transaction. (iv) Sale proceeds remaining...

7 CFR 772.8 - Sale or exchange of security property.

Code of Federal Regulations, 2012 CFR

2012-01-01

..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.8 Sale or exchange of security..., or sex in programs or activities receiving Federal financial assistance. Such provisions apply for as... security for the loan is adequate or will not change after the transaction. (iv) Sale proceeds remaining...

7 CFR 772.8 - Sale or exchange of security property.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.8 Sale or exchange of security..., or sex in programs or activities receiving Federal financial assistance. Such provisions apply for as... security for the loan is adequate or will not change after the transaction. (iv) Sale proceeds remaining...

A Quantitative Study on the Relationship of Information Security Policy Awareness, Enforcement, and Maintenance to Information Security Program Effectiveness

ERIC Educational Resources Information Center

Francois, Michael T.

2016-01-01

Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

[Statistical validity of the Mexican Food Security Scale and the Latin American and Caribbean Food Security Scale].

PubMed

Villagómez-Ornelas, Paloma; Hernández-López, Pedro; Carrasco-Enríquez, Brenda; Barrios-Sánchez, Karina; Pérez-Escamilla, Rafael; Melgar-Quiñónez, Hugo

2014-01-01

This article validates the statistical consistency of two food security scales: the Mexican Food Security Scale (EMSA) and the Latin American and Caribbean Food Security Scale (ELCSA). Validity tests were conducted in order to verify that both scales were consistent instruments, conformed by independent, properly calibrated and adequately sorted items, arranged in a continuum of severity. The following tests were developed: sorting of items; Cronbach's alpha analysis; parallelism of prevalence curves; Rasch models; sensitivity analysis through mean differences' hypothesis test. The tests showed that both scales meet the required attributes and are robust statistical instruments for food security measurement. This is relevant given that the lack of access to food indicator, included in multidimensional poverty measurement in Mexico, is calculated with EMSA.

46 CFR 147.5 - Commandant (CG-OES); address.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 5 2014-10-01 2014-10-01 false Commandant (CG-OES); address. 147.5 Section 147.5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS CARGOES HAZARDOUS SHIPS' STORES General Provisions § 147.5 Commandant (CG-OES); address. Commandant (CG-ENG) is the Office of Design and...

46 CFR 147.5 - Commandant (CG-OES); address.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 5 2013-10-01 2013-10-01 false Commandant (CG-OES); address. 147.5 Section 147.5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS CARGOES HAZARDOUS SHIPS' STORES General Provisions § 147.5 Commandant (CG-OES); address. Commandant (CG-ENG) is the Office of Design and...

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's abilitymore » to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.« less

Technologies to counter aviation security threats

NASA Astrophysics Data System (ADS)

Karoly, Steve

2017-11-01

The Aviation and Transportation Security Act (ATSA) makes TSA responsible for security in all modes of transportation, and requires that TSA assess threats to transportation, enforce security-related regulations and requirements, and ensure the adequacy of security measures at airports and other transportation facilities. Today, TSA faces a significant challenge and must address a wide range of commercial, military grade, and homemade explosives and these can be presented in an infinite number of configurations and from multiple vectors. TSA screens 2 million passengers and crew, and screens almost 5 million carry-on items and 1.2 million checked bags daily. As TSA explores new technologies for improving efficiency and security, those on the forefront of research and development can help identify unique and advanced methods to combat terrorism. Research and Development (R&D) drives the development of future technology investments that can address an evolving adversary and aviation threat. The goal is to rethink the aviation security regime in its entirety, and rather than focusing security at particular points in the enterprise, distribute security from the time a reservation is made to the time a passenger boards the aircraft. The ultimate objective is to reengineer aviation security from top to bottom with a continued focus on increasing security throughout the system.

33 CFR 72.01-35 - Change of address.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Change of address. 72.01-35 Section 72.01-35 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION MARINE INFORMATION Notices to Mariners § 72.01-35 Change of address. Persons receiving Notices to...

33 CFR 72.01-35 - Change of address.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Change of address. 72.01-35 Section 72.01-35 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION MARINE INFORMATION Notices to Mariners § 72.01-35 Change of address. Persons receiving Notices to...

7 CFR 3017.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 15 2010-01-01 2010-01-01 false Adequate evidence. 3017.900 Section 3017.900 Agriculture Regulations of the Department of Agriculture (Continued) OFFICE OF THE CHIEF FINANCIAL OFFICER... Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

ERIC Educational Resources Information Center

Ilvonen, Ilona

2013-01-01

Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

78 FR 73868 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-DHS...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-09

... transportation systems to ensure freedom of movement for people and commerce. To achieve this mission, TSA is... security screening and identity verification of individuals, including identification media and identifying... addresses, phone numbers); Social Security Number, Fingerprints or other biometric identifiers; Photographs...

29 CFR 98.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 29 Labor 1 2012-07-01 2012-07-01 false Adequate evidence. 98.900 Section 98.900 Labor Office of the Secretary of Labor GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT) Definitions § 98.900 Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

29 CFR 98.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 29 Labor 1 2011-07-01 2011-07-01 false Adequate evidence. 98.900 Section 98.900 Labor Office of the Secretary of Labor GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT) Definitions § 98.900 Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

29 CFR 98.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 29 Labor 1 2013-07-01 2013-07-01 false Adequate evidence. 98.900 Section 98.900 Labor Office of the Secretary of Labor GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT) Definitions § 98.900 Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

“Whatever My Mother Wants”: Barriers to Adequate Pain Management

PubMed Central

Yennurajalingam, Sriram; Bruera, Eduardo

2013-01-01

Abstract Opioids are the preferred medications to treat cancer pain; however, several barriers to cancer pain management exist, including those related to the patient, health care provider, and family caregiver. We describe one such situation in which a family member prevents the patient from receiving adequate pain management at the end of life despite interdepartmental and interdisciplinary efforts. This case highlights the importance of understanding and addressing fears regarding opioid use and implementing an integrated approach including oncologists and palliative care physicians, along with early referrals to palliative care. PMID:22946542

Security

ERIC Educational Resources Information Center

Technology & Learning, 2008

2008-01-01

Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

2 CFR 180.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 2 Grants and Agreements 1 2013-01-01 2013-01-01 false Adequate evidence. 180.900 Section 180.900 Grants and Agreements Office of Management and Budget Guidance for Grants and Agreements OFFICE OF... Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

2 CFR 180.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 2 Grants and Agreements 1 2012-01-01 2012-01-01 false Adequate evidence. 180.900 Section 180.900 Grants and Agreements Office of Management and Budget Guidance for Grants and Agreements OFFICE OF... Adequate evidence. Adequate evidence means information sufficient to support the reasonable belief that a...

Hybrid architecture for building secure sensor networks

NASA Astrophysics Data System (ADS)

Owens, Ken R., Jr.; Watkins, Steve E.

2012-04-01

Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

5 CFR 9701.408 - Developing performance and addressing poor performance.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Developing performance and addressing poor performance. (a) Subject to budgetary and other organizational... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Developing performance and addressing poor performance. 9701.408 Section 9701.408 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY...

24 CFR 880.608 - Security deposits.

Code of Federal Regulations, 2011 CFR

2011-04-01

... security deposits. (c) In order to be considered for the return of the security deposit, a family which vacates its unit will provide the owner with its forwarding address or arrange to pick up the refund. (d...

24 CFR 880.608 - Security deposits.

Code of Federal Regulations, 2010 CFR

2010-04-01

... security deposits. (c) In order to be considered for the return of the security deposit, a family which vacates its unit will provide the owner with its forwarding address or arrange to pick up the refund. (d...

Analytical Characterization of Internet Security Attacks

ERIC Educational Resources Information Center

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

School Security: For Whom and with What Results?

ERIC Educational Resources Information Center

Servoss, Timothy J.; Finn, Jeremy D.

2014-01-01

This study utilized school-level data from several combined national databases to address two questions regarding school security policy: (1) What are the school characteristics related to levels of security? (2) How does security relate to school suspension, dropout, and college attendance rates? Among the predictors of school security, having a…

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

Developing an adequate "pneumatraumatology": understanding the spiritual impacts of traumatic injury.

PubMed

Bidwell, Duane R

2002-01-01

Psychosocial interventions and systematic theology are primary resources for chaplains and congregational pastors who care for victims of physical trauma. Yet these resources may not be adequate to address the spiritual impacts of trauma. This article proposes a preliminary "pneumatraumatology," drawing on early Christian asceticism and Buddhist mysticism to describe one way of understanding the spiritual impacts of traumatic injury. It also suggests possible responses to these impacts informed by narrative/constructionist perspectives and Breggemann's understanding of the dimensions of spiritual transformation in the Hebrew Bible.

Protecting and securing networked medical devices.

PubMed

Riha, Chris

2004-01-01

Designing, building, and maintaining a secure environment for medical devices is a critical component in health care technology management. This article will address several avenues to harden a health care information network to provide a secure enclave for medical devices.

Food production & availability--essential prerequisites for sustainable food security.

PubMed

Swaminathan, M S; Bhavani, R V

2013-09-01

Food and nutrition security are intimately interconnected, since only a food based approach can help in overcoming malnutrition in an economically and socially sustainable manner. Food production provides the base for food security as it is a key determinant of food availability. This paper deals with different aspects of ensuring high productivity and production without associated ecological harm for ensuring adequate food availability. By mainstreaming ecological considerations in technology development and dissemination, we can enter an era of evergreen revolution and sustainable food and nutrition security. Public policy support is crucial for enabling this.

SPAN security policies and guidelines

NASA Technical Reports Server (NTRS)

Sisson, Patricia L.; Green, James L.

1989-01-01

A guide is provided to system security with emphasis on requirements and guidelines that are necessary to maintain an acceptable level of security on the network. To have security for the network, each node on the network must be secure. Therefore, each system manager, must strictly adhere to the requirements and must consider implementing the guidelines discussed. There are areas of vulnerability within the operating system that may not be addressed. However, when a requirement or guideline is discussed, implementation techniques are included. Information related to computer and data security is discussed to provide information on implementation options. The information is presented as it relates to a VAX computer environment.

NINJA: a noninvasive framework for internal computer security hardening

NASA Astrophysics Data System (ADS)

Allen, Thomas G.; Thomson, Steve

2004-07-01

Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

The Challenges of Seeking Security While Respecting Privacy

NASA Astrophysics Data System (ADS)

Kantor, Paul B.; Lesk, Michael E.

Security is a concern for persons, organizations, and nations. For the individual members of organizations and nations, personal privacy is also a concern. The technologies for monitoring electronic communication are at the same time tools to protect security and threats to personal privacy. Participants in this workshop address the interrelation of personal privacy and national or societal security, from social, technical and legal perspectives. The participants represented industry, the academy and the United States Government. The issues addressed have become, if anything, even more pressing today than they were when the conference was held.

75 FR 73947 - Securities of Nonmember Insured Banks

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-30

..., DC, and should be addressed as follows: Accounting and Securities Disclosure Section, Division of..., Accounting and Securities Disclosure Section, Division of Supervision and Consumer Protection, 550 17th... comment. SUMMARY: The FDIC is revising its securities disclosure regulations applicable to state nonmember...

76 FR 70830 - Proposed Information Collection (Procedures, and Security for Government Financing) Activity...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-15

... (Procedures, and Security for Government Financing) Activity; Comment Request AGENCY: Office of Management... contract payments and to determine if the contractor has adequate security to warrant payment in advance... correspondence. During the comment period, comments may be viewed online through FDMS. FOR FURTHER INFORMATION...

Security engineering: systems engineering of security through the adaptation and application of risk management

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Green Secure Processors: Towards Power-Efficient Secure Processor Design

NASA Astrophysics Data System (ADS)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

IT security evaluation - “hybrid” approach and risk of its implementation

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is relevant to evolve processes of evaluation of the IT security nowadays. Creating and application of the common evaluation approaches for an IT component, which are processed by the governmental and civil organizations, are still not solving problem. It is suggested to create a more precise and complex assessment tool for an IT security – the “hybrid” method of the IT security evaluation for a particular object, which is based on a range of adequate assessment tools.

Computer Network Security: Best Practices for Alberta School Jurisdictions.

ERIC Educational Resources Information Center

Alberta Dept. of Education, Edmonton.

This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

Subscribe to the Transportation Secure Data Center Newsletter |

Science.gov Websites

Newsletter Subscribe to the Transportation Secure Data Center Newsletter Subscribe to receive via email the Transportation Secure Data Center (TSDC) newsletter. Email Address Subscribe Newsletter

Introducing the CERT (Trademark) Resiliency Engineering Framework: Improving the Security and Sustainability Processes

DTIC Science & Technology

2007-05-01

business processes and services. 4. Security operations management addresses the day-to-day activities that the organization performs to protect the...Management TM – Technology Management Security Operations Management SOM – Security Operations Management 5.7.2 Important Operations Competency...deals with the provision of access rights to informa- tion and technical assets SOM – Security Operations Management , which addresses the fundamental

42 CFR 3.106 - Security requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

...) Security management. A PSO must address: (i) Maintenance and effective implementation of written policies... 42 Public Health 1 2010-10-01 2010-10-01 false Security requirements. 3.106 Section 3.106 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH AND HUMAN SERVICES GENERAL PROVISIONS PATIENT SAFETY...

42 CFR 3.106 - Security requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

...) Security management. A PSO must address: (i) Maintenance and effective implementation of written policies... 42 Public Health 1 2011-10-01 2011-10-01 false Security requirements. 3.106 Section 3.106 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH AND HUMAN SERVICES GENERAL PROVISIONS PATIENT SAFETY...

Managing information technology security risk

NASA Technical Reports Server (NTRS)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

17 CFR 270.45a-1 - Confidential treatment of names and addresses of dealers of registered investment company...

Code of Federal Regulations, 2010 CFR

2010-04-01

..., INVESTMENT COMPANY ACT OF 1940 § 270.45a-1 Confidential treatment of names and addresses of dealers of registered investment company securities. (a) Exhibits calling for the names and addresses of dealers to or... names and addresses of dealers of registered investment company securities. 270.45a-1 Section 270.45a-1...

Quality and security - They work together

NASA Technical Reports Server (NTRS)

Carr, Richard; Tynan, Marie; Davis, Russell

1991-01-01

This paper describes the importance of considering computer security as part of software quality assurance practice. The intended audience is primarily those professionals involved in the design, development, and quality assurance of software. Many issues are raised which point to the need ultimately for integration of quality assurance and computer security disciplines. To address some of the issues raised, the NASA Automated Information Security program is presented as a model which may be used for improving interactions between the quality assurance and computer security community of professionals.

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

12 CFR 208.34 - Recordkeeping and confirmation of certain securities transactions effected by State member banks.

Code of Federal Regulations, 2010 CFR

2010-01-01

... reflect appropriate information and provide an adequate basis for an audit of the information. (b... when the bank transfers the security into the account of the customer; and (ii) For sale transactions, the time when the bank transfers the security out of the account of the customer or, if the security...

Food production & availability - Essential prerequisites for sustainable food security

PubMed Central

Swaminathan, M.S.; Bhavani, R.V.

2013-01-01

Food and nutrition security are intimately interconnected, since only a food based approach can help in overcoming malnutrition in an economically and socially sustainable manner. Food production provides the base for food security as it is a key determinant of food availability. This paper deals with different aspects of ensuring high productivity and production without associated ecological harm for ensuring adequate food availability. By mainstreaming ecological considerations in technology development and dissemination, we can enter an era of evergreen revolution and sustainable food and nutrition security. Public policy support is crucial for enabling this. PMID:24135188

Discrepancies in households and other stakeholders viewpoints on the food security experience: a gap to address.

PubMed

Hamelin, Anne-Marie; Mercier, Céline; Bédard, Annie

2010-06-01

This paper reports results from a case study on household food insecurity needs and the interventions that address them. It aimed at comparing households' perceptions on food insecurity experience and vulnerability to those of other stakeholders: community workers, programme managers and representatives from donor agencies. Semi-structured interviews with 55 households and 59 other stakeholders were conducted. Content analysis was performed, using a framework encompassing food sufficiency, characterization of household food insecurity and vulnerability of households to food insecurity. Overall, the results draw attention to a gap between households and the other stakeholders, where the later do not seem always able to assess the realities of food-insecure households. Other areas of divergences include: characteristics of food insecurity, relative importance of various risk factors related to food insecurity and the effectiveness of the community assistance to enhance the households' ability to face food insecurity. These divergent perceptions may jeopardize the implementation of sustainable solutions to food insecurity. Training of stakeholders for a better assessment of households' experience and needs, and systematic evaluation of interventions, appear urgent and highly relevant for an adequate response to households' needs. Collaboration between all stakeholders should lead to knowledge sharing and advocacy for policies dedicated to poverty reduction.

5 CFR 919.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Adequate evidence. 919.900 Section 919.900 Administrative Personnel OFFICE OF PERSONNEL MANAGEMENT (CONTINUED) CIVIL SERVICE REGULATIONS.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

5 CFR 919.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 2 2011-01-01 2011-01-01 false Adequate evidence. 919.900 Section 919.900 Administrative Personnel OFFICE OF PERSONNEL MANAGEMENT (CONTINUED) CIVIL SERVICE REGULATIONS.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

5 CFR 919.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 5 Administrative Personnel 2 2014-01-01 2014-01-01 false Adequate evidence. 919.900 Section 919.900 Administrative Personnel OFFICE OF PERSONNEL MANAGEMENT (CONTINUED) CIVIL SERVICE REGULATIONS.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

5 CFR 919.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 2 2013-01-01 2013-01-01 false Adequate evidence. 919.900 Section 919.900 Administrative Personnel OFFICE OF PERSONNEL MANAGEMENT (CONTINUED) CIVIL SERVICE REGULATIONS.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

5 CFR 919.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 5 Administrative Personnel 2 2012-01-01 2012-01-01 false Adequate evidence. 919.900 Section 919.900 Administrative Personnel OFFICE OF PERSONNEL MANAGEMENT (CONTINUED) CIVIL SERVICE REGULATIONS.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

How Much and What Kind? Identifying an Adequate Technology Infrastructure for Early Childhood Education. Policy Brief

ERIC Educational Resources Information Center

Daugherty, Lindsay; Dossani, Rafiq; Johnson, Erin-Elizabeth; Wright, Cameron

2014-01-01

To realize the potential benefits of technology use in early childhood education (ECE), and to ensure that technology can help to address the digital divide, providers, families of young children, and young children themselves must have access to an adequate technology infrastructure. The goals for technology use in ECE that a technology…

Telemedicine security: a systematic review.

PubMed

Garg, Vaibhav; Brewer, Jeffrey

2011-05-01

Telemedicine is a technology-based alternative to traditional health care delivery. However, poor security measures in telemedicine services can have an adverse impact on the quality of care provided, regardless of the chronic condition being studied. We undertook a systematic review of 58 journal articles pertaining to telemedicine security. These articles were selected based on a keyword search on 14 relevant journals. The articles were coded to evaluate the methodology and to identify the key areas of research in security that are being reviewed. Seventy-six percent of the articles defined the security problem they were addressing, and only 47% formulated a research question pertaining to security. Sixty-one percent proposed a solution, and 20% of these tested the security solutions that they proposed. Prior research indicates inadequate reporting of methodology in telemedicine research. We found that to be true for security research as well. We also identified other issues such as using outdated security standards. © 2011 Diabetes Technology Society.

Telemedicine Security: A Systematic Review

PubMed Central

Garg, Vaibhav; Brewer, Jeffrey

2011-01-01

Telemedicine is a technology-based alternative to traditional health care delivery. However, poor security measures in telemedicine services can have an adverse impact on the quality of care provided, regardless of the chronic condition being studied. We undertook a systematic review of 58 journal articles pertaining to telemedicine security. These articles were selected based on a keyword search on 14 relevant journals. The articles were coded to evaluate the methodology and to identify the key areas of research in security that are being reviewed. Seventy-six percent of the articles defined the security problem they were addressing, and only 47% formulated a research question pertaining to security. Sixty-one percent proposed a solution, and 20% of these tested the security solutions that they proposed. Prior research indicates inadequate reporting of methodology in telemedicine research. We found that to be true for security research as well. We also identified other issues such as using outdated security standards. PMID:21722592

78 FR 22361 - Social Security Ruling, SSR 13-1p; Titles II and XVI: Agency Processes for Addressing Allegations...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-15

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0071] Social Security Ruling, SSR 13-1p..., Misconduct, or Discrimination by Administrative Law Judges (ALJs); Correction AGENCY: Social Security Administration. ACTION: Notice of Social Security Ruling; Correction. SUMMARY: The Social Security Administration...

78 FR 8217 - Social Security Ruling, SSR 13-1p; Titles II and XVI: Agency Processes for Addressing Allegations...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-05

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0071] Social Security Ruling, SSR 13-1p..., Misconduct, or Discrimination by Administrative Law Judges (ALJs); Correction AGENCY: Social Security Administration. ACTION: Notice of Social Security Ruling; Correction. SUMMARY: The Social Security Administration...

TCIA Secure Cyber Critical Infrastructure Modernization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Keliiaa, Curtis M.

The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

77 FR 49439 - National Security Education Board Members Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-16

.... ADDRESSES: Defense Language and National Security Education Office, 1101 Wilson Boulevard, Suite 1210... National Security Education Office (DLNSEO), 1101 Wilson Boulevard, Suite 1210, Rosslyn, Virginia 22209...

49 CFR 393.136 - What are the rules for securing large boulders?

Code of Federal Regulations, 2011 CFR

2011-10-01

... adequately secured. (3) Rock which has been formed or cut to a shape and which provides a stable base for... blocking used to support the boulder. (e) Securement of a non-cubic shaped boulder—with a stable base. In... piece of natural, irregularly shaped rock weighing in excess of 5,000 kg (11,000 lb.) or with a volume...

Security: The Fourth Pillar of the Caribbean Community. Does the Region Need a Security Organ

DTIC Science & Technology

2016-06-10

activities disrupt stability, undermine democratic institutions and hinder the economic activity so vital to the region. Geostrategic Significance...of the Caribbean region and CARICOM, as well as an overview of its organization and role as a major regional institution . The chapter also...various national security institutions mandated to address the needs of the specific countries. Among their national security architecture, CARICOM

Defense Technology Security Administration Strategic Plan 2009-2010

DTIC Science & Technology

2008-12-22

NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Defense Technology Security Administration ( DTSA ),Washington,DC 8. PERFORMING ORGANIZATION...Security Administration This document is unclassifi ed in its entirety. Photography courtesy of Defense Link and DTSA . Document printed 2009. DTSA ...STRATEGIC PLAN 2009-2010 C O N T E N T S Message from the Director 2 Envisioning 2010 3 Our Way Ahead 5 We Are DTSA 18 Metrics Matrix 24 DTSA

2 CFR 180.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 2 Grants and Agreements 1 2014-01-01 2014-01-01 false Adequate evidence. 180.900 Section 180.900 Grants and Agreements Office of Management and Budget Guidance for Grants and Agreements OFFICE OF.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

2 CFR 180.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 2 Grants and Agreements 1 2011-01-01 2011-01-01 false Adequate evidence. 180.900 Section 180.900 Grants and Agreements Office of Management and Budget Guidance for Grants and Agreements OFFICE OF.... Adequate evidence means information sufficient to support the reasonable belief that a particular act or...

Secure and Efficient Network Fault Localization

DTIC Science & Technology

2012-02-27

ORGANIZATION NAME(S) AND ADDRESS (ES) Carnegie Mellon University,School of Computer Science,Computer Science Department,Pittsburgh,PA,15213 8. PERFORMING...ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS (ES) 10. SPONSOR/MONITOR’S ACRONYM(S) 11. SPONSOR/MONITOR’S REPORT...efficiency than previously known protocols for fault localization. Our proposed fault localization protocols also address the security threats that

Military Cooperation Frameworks: Effective Models to Address Transnational Security Challenges of the Asia-Pacific Region

DTIC Science & Technology

2011-05-04

evolving security challenges. Issues such as terrorism, proliferation of weapons of mass destruction, impacts of climate change , and the ever...impacts of climate change , and the ever-growing competition for valuable natural resources are a few of the these challenges. As an integral part...destruction, impacts of climate change , and the ever-growing competition for valuable natural resources have resulted in a new set of security

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

Aviation security : additional controls needed to address weaknesses in carriage of weapons regulations

DOT National Transportation Integrated Search

2000-09-01

Federal aviation security regulations prohibit passengers from carrying firearms and other dangerous items, such as explosives and flammable liquids, on board commercial aircraft. The prohibition against these items is intended to protect the traveli...

Optimization of pharmacotherapy in chronic heart failure: is heart rate adequately addressed?

PubMed

Franke, Jennifer; Wolter, Jan Sebastian; Meme, Lillian; Keppler, Jeannette; Tschierschke, Ramon; Katus, Hugo A; Zugck, Christian

2013-01-01

�bpm (p <0.01). Likewise, comparing the groups ≥75 and <75 bpm, the primary endpoint was significantly increased in the group of patients with heart rates ≥75 bpm 27 vs. 12.2 %; p < 0.01). 5-year event-free survival was significantly lower among patients with heart rates ≥70 bpm as compared to those with <70 bpm (log-rank test p < 0.05) and among patients in the ≥75 bpm group versus <75 bpm group (log-rank test p < 0.01). In conclusion, in clinical practice, 53 % of CHF patients have inadequate heart rate control (heart rates ≥75 bpm) despite concomitant beta-blocker therapy. In this non-randomized cohort, adequate heart rate control under individually optimized beta-blocker therapy was associated with improved mid- and long-term clinical outcome up to 5 years. As further up titration of beta-blockers is not achievable in many patients, the administration of a selective heart rate lowering agent, such as ivabradine adjuvant to beta-blockers may pose an opportunity to further modulate outcome.

Novel Duplicate Address Detection with Hash Function

PubMed Central

Song, GuangJia; Ji, ZhenZhou

2016-01-01

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution. PMID:26991901

Successful practices in the use of secure e-mail.

PubMed

Johnson, Laura W; Garrido, Terhilda; Christensen, Kate; Handley, Matt

2014-01-01

Physician use of secure e-mail with patients is anticipated to increase under Stage 2 Meaningful Use requirements, but little is known about how physicians can successfully incorporate it into daily work. We interviewed 27 "super user" physicians at Kaiser Permanente and Group Health who were identified by leaders as being technologically, operationally, and clinically adept and as having high levels of secure e-mail use with patients. They highly valued the use of secure e-mail with patients, despite concerns about a lack of adequate time to respond, and provided tips for using it successfully. They identified benefits that included better care and improved relationships with their patients.

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

48 CFR 832.202-4 - Security for Government financing.

Code of Federal Regulations, 2010 CFR

2010-10-01

... accepted accounting principles and must be audited and certified by an independent public accountant or an... for Government financing. An offeror's financial condition may be considered adequate security to... offeror's financial condition, the contracting officer may obtain, to the extent required, the following...

Position of the academy of nutrition and dietetics: nutrition security in developing nations: sustainable food, water, and health.

PubMed

Nordin, Stacia M; Boyle, Marie; Kemmer, Teresa M

2013-04-01

It is the position of the Academy of Nutrition and Dietetics that all people should have consistent access to an appropriately nutritious diet of food and water, coupled with a sanitary environment, adequate health services, and care that ensure a healthy and active life for all household members. The Academy supports policies, systems, programs, and practices that work with developing nations to achieve nutrition security and self-sufficiency while being environmentally and economically sustainable. For nations to achieve nutrition security, all people must have access to a variety of nutritious foods and potable drinking water; knowledge, resources, and skills for healthy living; prevention, treatment, and care for diseases affecting nutrition status; and safety-net systems during crisis situations, such as natural disasters or deleterious social and political systems. More than 2 billion people are micronutrient deficient; 1.5 billion people are overweight or obese; 870 million people have inadequate food energy intake; and 783 million people lack potable drinking water. Adequate nutrient intake is a concern, independent of weight status. Although this article focuses on nutritional deficiencies in developing nations, global solutions for excesses and deficiencies need to be addressed. In an effort to achieve nutrition security, lifestyles, policies, and systems (eg, food, water, health, energy, education/knowledge, and economic) contributing to sustainable resource use, environmental management, health promotion, economic stability, and positive social environments are required. Food and nutrition practitioners can get involved in promoting and implementing effective and sustainable policies, systems, programs, and practices that support individual, community, and national efforts. Copyright © 2013 Academy of Nutrition and Dietetics. Published by Elsevier Inc. All rights reserved.

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

PubMed

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

PubMed Central

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) Identify and describe how security measures selected by the facility will address the applicable risk-based... explosive devices, water-borne explosive devices, ground assault, or other modes or potential modes identified by the Department; (3) Identify and describe how security measures selected and utilized by the...

Security Services Discovery by ATM Endsystems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sholander, Peter; Tarman, Thomas

This contribution proposes strawman techniques for Security Service Discovery by ATM endsystems in ATM networks. Candidate techniques include ILMI extensions, ANS extensions and new ATM anycast addresses. Another option is a new protocol based on an IETF service discovery protocol, such as Service Location Protocol (SLP). Finally, this contribution provides strawman requirements for Security-Based Routing in ATM networks.

Patching the Wetware: Addressing the Human Factor in Information Security

DTIC Science & Technology

2011-06-01

using deceptive psychological methods to influence the human user. In addressing this need, this research effort analyzes the psychological ...link between those psychological foundations and a body of research on persuasion. Once this connection is established, several psychological ...21 2.8 Psychological Foundations ...................................................................................22

Wireless physical layer security

NASA Astrophysics Data System (ADS)

Poor, H. Vincent; Schaefer, Rafael F.

2017-01-01

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

Wireless physical layer security.

PubMed

Poor, H Vincent; Schaefer, Rafael F

2017-01-03

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

Wireless physical layer security

PubMed Central

Schaefer, Rafael F.

2017-01-01

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments. PMID:28028211

Space Security Law

NASA Astrophysics Data System (ADS)

Blount, P. J.

2017-06-01

Since the very beginning of the space age, security has been the critical, overriding concern at the heart of both international and domestic space law regimes. While these regimes certainly encompass broader interests, such as commercial uses of outer space, they are built on a legal foundation that is largely intended to regularize interactions among space actors to ensure security, safety, and sustainability in the space environment. Space security law, as a result, has central goals of both maintaining peace and providing security as a public good for the benefit of humankind. The idea of security is a technical and political construct. The law is a tool that is used to articulate that construct as concept and operationalize it as a value. As such, space security law is a network of law and regulation that governs a wide variety of space activities. There are four broad categories that typify the various manifestations of space security law: international peace and security; national security; human security; and space safety and sustainability. International peace and security, the first category, is directly concerned with the international law and norms that have been adopted to decrease the risk of conflict between states. National security, category two, consists of domestic law that implements, at the national level, the obligations found in the first category as well as law that promotes other national security goals. Human security, the third category, is the loose set of law and policy directed at the use of space for the protection of human populations, such as disaster response and planetary protection. Finally, the fourth category, space safety and security, represents the emerging body of law and policy that seeks to protect the space environment through measures that address space debris and harmful contamination. Obviously, these categories overlap and laws can serve duplicative purposes, but this compartmentalization reveals much about the legal

48 CFR 432.202-4 - Security for Government financing.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Security for Government financing. 432.202-4 Section 432.202-4 Federal Acquisition Regulations System DEPARTMENT OF AGRICULTURE... for Government financing. Prior to determining that an offeror's financial condition is adequate...

A Lightweight Protocol for Secure Video Streaming.

PubMed

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

A Lightweight Protocol for Secure Video Streaming

PubMed Central

Morkevicius, Nerijus; Bagdonas, Kazimieras

2018-01-01

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

46 CFR 107.317 - Addresses for submittal of plans, specifications, and calculations.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Addresses for submittal of plans, specifications, and calculations. 107.317 Section 107.317 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.317 Addresses for...

46 CFR 107.317 - Addresses for submittal of plans, specifications, and calculations.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Addresses for submittal of plans, specifications, and calculations. 107.317 Section 107.317 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.317 Addresses for...

46 CFR 107.317 - Addresses for submittal of plans, specifications, and calculations.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Addresses for submittal of plans, specifications, and calculations. 107.317 Section 107.317 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.317 Addresses for...

46 CFR 107.317 - Addresses for submittal of plans, specifications, and calculations.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Addresses for submittal of plans, specifications, and calculations. 107.317 Section 107.317 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.317 Addresses for...

46 CFR 107.317 - Addresses for submittal of plans, specifications, and calculations.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Addresses for submittal of plans, specifications, and calculations. 107.317 Section 107.317 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.317 Addresses for...

When nightclub security agents assault clients.

PubMed

Romain-Glassey, Nathalie; Gut, Melody; Feiner, Adam-Scott; Cathieni, Federico; Hofner, Marie-Claude; Mangin, Patrice

2012-08-01

In 2006, a medico-legal consultation service devoted to adult victims of interpersonal violence was set up at the Lausanne University Hospital Centre, Switzerland: the Violence Medical Unit. Most patients are referred to the consultation by the Emergency Department. They are received by forensic nurses for support, forensic examination (in order to establish medical report) and community orientation. Between 2007 and 2009, among community violence, aggressions by security agents of nightclubs on clients have increased from 6% to 10%. Most of the victims are young men who had drunk alcohol before the assault. 25.7% presented one or several fractures, all of them in the head area. These findings raise questions about the ability of security agents of nightclubs to deal adequately with obviously risky situations and ensure client security. Copyright © 2012 Elsevier Ltd and Faculty of Forensic and Legal Medicine. All rights reserved.

SEED: A Suite of Instructional Laboratories for Computer Security Education

ERIC Educational Resources Information Center

Du, Wenliang; Wang, Ronghua

2008-01-01

The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

Security model for picture archiving and communication systems.

PubMed

Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

2000-05-01

The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model.

A novel income security intervention to address poverty in a primary care setting: a retrospective chart review.

PubMed

Jones, Marcella K; Bloch, Gary; Pinto, Andrew D

2017-08-17

To examine the development and implementation of a novel income security intervention in primary care. A retrospective, descriptive chart review of all patients referred to the Income Security Heath Promotion service during the first year of the service (December 2013-December 2014). A multisite interdisciplinary primary care organisation in inner city Toronto, Canada, serving over 40 000 patients. The study population included 181 patients (53% female, mean age 48 years) who were referred to the Income Security Health Promotion service and engaged in care. The Income Security Health Promotion service consists of a trained health promoter who provides a mixture of expert advice and case management to patients to improve income security. An advisory group, made up of physicians, social workers, a community engagement specialist and a clinical manager, supports the service. Sociodemographic information, health status, referral information and encounter details were collected from patient charts. Encounters focused on helping patients with increasing their income (77.4%), reducing their expenses (58.6%) and improving their financial literacy (26.5%). The health promoter provided an array of services to patients, including assistance with taxes, connecting to community services, budgeting and accessing free services. The service could be improved with more specific goal setting, better links to other members of the healthcare team and implementing routine follow-up with each patient after discharge. Income Security Health Promotion is a novel service within primary care to assist vulnerable patients with a key social determinant of health. This study is a preliminary look at understanding the functioning of the service. Future research will examine the impact of the Income Security Health Promotion service on income security, financial literacy, engagement with health services and health outcomes. © Article author(s) (or their employer(s) unless otherwise stated in

Using software security analysis to verify the secure socket layer (SSL) protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2004-01-01

nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

IPv6 Security

NASA Astrophysics Data System (ADS)

Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

2017-10-01

IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

Successful Practices in the Use of Secure E-mail

PubMed Central

Johnson, Laura W; Garrido, Terhilda; Christensen, Kate; Handley, Matt

2014-01-01

Physician use of secure e-mail with patients is anticipated to increase under Stage 2 Meaningful Use requirements, but little is known about how physicians can successfully incorporate it into daily work. We interviewed 27 “super user” physicians at Kaiser Permanente and Group Health who were identified by leaders as being technologically, operationally, and clinically adept and as having high levels of secure e-mail use with patients. They highly valued the use of secure e-mail with patients, despite concerns about a lack of adequate time to respond, and provided tips for using it successfully. They identified benefits that included better care and improved relationships with their patients. PMID:24937149

Using RFID to Enhance Security in Off-Site Data Storage

PubMed Central

Lopez-Carmona, Miguel A.; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R.

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system’s benefits in terms of efficiency and failure prevention. PMID:22163638

Using RFID to enhance security in off-site data storage.

PubMed

Lopez-Carmona, Miguel A; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system's benefits in terms of efficiency and failure prevention.

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

Reframing "The Italian": Questions of Audience Address in Early Cinema.

ERIC Educational Resources Information Center

Keil, Charlie

1990-01-01

Analyzes "The Italian" (1915), an early "immigrant" film, examining its problematic relation to questions of working-class and middle-class audience composition. Shows how this film reveals that the creation of narratives suitable for diverse audiences requires continuous readjustment of an adequate mode of address. (MM)

Systematic reviews do not adequately report or address missing outcome data in their analyses: a methodological survey.

PubMed

Kahale, Lara A; Diab, Batoul; Brignardello-Petersen, Romina; Agarwal, Arnav; Mustafa, Reem A; Kwong, Joey; Neumann, Ignacio; Li, Ling; Lopes, Luciane Cruz; Briel, Matthias; Busse, Jason W; Iorio, Alfonso; Vandvik, Per Olav; Alexander, Paul Elias; Guyatt, Gordon; Akl, Elie A

2018-07-01

To describe how systematic review authors report and address categories of participants with potential missing outcome data of trial participants. Methodological survey of systematic reviews reporting a group-level meta-analysis. We included a random sample of 50 Cochrane and 50 non-Cochrane systematic reviews. Of these, 25 reported in their methods section a plan to consider at least one of the 10 categories of missing outcome data; 42 reported in their results, data for at least one category of missing data. The most reported category in the methods and results sections was "unexplained loss to follow-up" (n = 34 in methods section and n = 6 in the results section). Only 19 reported a method to handle missing data in their primary analyses, which was most often complete case analysis. Few reviews (n = 9) reported in the methods section conducting sensitivity analysis to judge risk of bias associated with missing outcome data at the level of the meta-analysis; and only five of them presented the results of these analyses in the results section. Most systematic reviews do not explicitly report sufficient information on categories of trial participants with potential missing outcome data or address missing data in their primary analyses. Copyright © 2018 Elsevier Inc. All rights reserved.

Secure public cloud platform for medical images sharing.

PubMed

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

Realization of the right to adequate food and the nutritional status of land evictees: a case for mothers/caregivers and their children in rural Central Uganda.

PubMed

Nahalomo, Aziiza; Iversen, Per Ole; Rukundo, Peter Milton; Kaaya, Archileo; Kikafunda, Joyce; Eide, Wenche Barth; Marais, Maritha; Wamala, Edward; Kabahenda, Margaret

2018-05-24

In developing countries like Uganda, the human right to adequate food (RtAF) is inextricably linked to access to land for households to feed themselves directly through production or means for its procurement. Whether RtAF is enjoyed among Ugandan land evictees, is unknown. We therefore explored this among land evictees (rights-holders) in Wakiso and Mpigi districts in rural Central Uganda. We assessed food accessibility and related coping strategies, diet quality and nutritional status of children 6-59 months old, and their caregivers. Effectiveness of the complaint and redress mechanisms in addressing RtAF violations was also explored. In this cross-sectional study, quantitative data was collected using a structured questionnaire, with food security and nutritional assessment methods from a total of 215 land evictees including 187 children aged 6-59 months. Qualitative data was collected by reviewing selected national and international documents on the RtAF and key informant interviews with 15 purposively sampled duty-bearers. These included individuals or representatives of the Uganda Human Rights Commission, Resident District Commissioner, Sub-county Chiefs, and local Council leaders. We found that 78% of land evictees had insufficient access to food while 69.4% had consumed a less diversified diet. A majority of evictees (85.2%) relied on borrowing food or help from others to cope with food shortages. Of the 187 children assessed, 9.6% were wasted, 18.2% were underweight and 34.2% were stunted. Small, but significant associations, were found between food accessibility, diet quality, food insecurity coping strategies; and the nutritional status of evictees. We observed that administrative, quasi-judicial and judicial mechanisms to provide adequate legal remedies regarding violations of the RtAF among evictees in Uganda are in place, but not effective in doing so. Land eviction without adequate legal remedies is a contributor to food insecurity and

Security basics for long-term care facilities.

PubMed

Green, Martin

2015-01-01

The need for Long-Term Care (LTC) facilities is growing, the author reports, and along with it the need for programs to address the major security concerns of such facilities. In this article he explains how to apply the IAHSS Healthcare Security Industry Guidelines and the Design Guidelines to achieve a safer LTC facility.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Addressing the Need for Independence in the CSE Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Ferragut, Erik M; Sheldon, Frederick T

2011-01-01

Abstract Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. Risk assessment is the widely accepted process used to understand, quantify, and document the effects of undesirable events on organizational objectives so that risk management, continuity of operations planning, and contingency planning can be performed. One technique, the Cyberspace Security Econometrics System (CSES), is a methodology for estimating security costs to stakeholders as a function of possible risk postures. In earlier works, we presented a computationalmore » infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain, as a result of security breakdowns. Additional work has applied CSES to specific business cases. The current state-of-the-art of CSES addresses independent events. In typical usage, analysts create matrices that capture their expert opinion, and then use those matrices to quantify costs to stakeholders. This expansion generalizes CSES to the common real-world case where events may be dependent.« less

Cyber-Security Curricula for Basic Users

DTIC Science & Technology

2013-09-01

like cyberbullying , digital cheating, and safety and security concerns‖ [7]. The need to teach security principles to this age demographic is at an...addresses the following topics: Cyberbullying , Inappropriate content, 25 Predators, Revealing too much Information, Spyware, spam, and scams. Each...emerging technology, surfing the web, video gaming, the dark side – cyberbullying . Each topic is covered by providing facts for the teacher to present

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

DQC Comments on the Posted Recommendations Regarding Data Security and Privacy Protections

ERIC Educational Resources Information Center

Data Quality Campaign, 2010

2010-01-01

The U.S. Department of Education is conducting several activities to address privacy and security issues related to education data. Earlier this year a contractor for the Department convened a group of privacy and security experts and produced a report with recommendations to the Department on ways they can address emerging challenges in…

Climate change impact assessment on food security in Indonesia

NASA Astrophysics Data System (ADS)

Ettema, Janneke; Aldrian, Edvin; de Bie, Kees; Jetten, Victor; Mannaerts, Chris

2013-04-01

As Indonesia is the world's fourth most populous country, food security is a persistent challenge. The potential impact of future climate change on the agricultural sector needs to be addressed in order to allow early implementation of mitigation strategies. The complex island topography and local sea-land-air interactions cannot adequately be represented in large scale General Climate Models (GCMs) nor visualized by TRMM. Downscaling is needed. Using meteorological observations and a simple statistical downscaling tool, local future projections are derived from state-of-the-art, large-scale GCM scenarios, provided by the CMIP5 project. To support the agriculture sector, providing information on especially rainfall and temperature variability is essential. Agricultural production forecast is influenced by several rain and temperature factors, such as rainy and dry season onset, offset and length, but also by daily and monthly minimum and maximum temperatures and its rainfall amount. A simple and advanced crop model will be used to address the sensitivity of different crops to temperature and rainfall variability, present-day and future. As case study area, Java Island is chosen as it is fourth largest island in Indonesia but contains more than half of the nation's population and dominates it politically and economically. The objective is to identify regions at agricultural risk due to changing patterns in precipitation and temperature.

33 CFR 149.675 - What are the requirements for the public address system?

Code of Federal Regulations, 2011 CFR

2011-07-01

...? (a) For a manned deepwater port, each pumping platform complex must have a public address system... public address system? 149.675 Section 149.675 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: DESIGN, CONSTRUCTION, AND EQUIPMENT Design...

33 CFR 149.675 - What are the requirements for the public address system?

Code of Federal Regulations, 2010 CFR

2010-07-01

...? (a) For a manned deepwater port, each pumping platform complex must have a public address system... public address system? 149.675 Section 149.675 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: DESIGN, CONSTRUCTION, AND EQUIPMENT Design...

41 CFR 105-68.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false Adequate evidence. 105-68.900 Section 105-68.900 Public Contracts and Property Management Federal Property Management... evidence. Adequate evidence means information sufficient to support the reasonable belief that a particular...

41 CFR 105-68.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Adequate evidence. 105-68.900 Section 105-68.900 Public Contracts and Property Management Federal Property Management... evidence. Adequate evidence means information sufficient to support the reasonable belief that a particular...

41 CFR 105-68.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false Adequate evidence. 105-68.900 Section 105-68.900 Public Contracts and Property Management Federal Property Management... evidence. Adequate evidence means information sufficient to support the reasonable belief that a particular...

41 CFR 105-68.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false Adequate evidence. 105-68.900 Section 105-68.900 Public Contracts and Property Management Federal Property Management... evidence. Adequate evidence means information sufficient to support the reasonable belief that a particular...

41 CFR 105-68.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false Adequate evidence. 105-68.900 Section 105-68.900 Public Contracts and Property Management Federal Property Management... evidence. Adequate evidence means information sufficient to support the reasonable belief that a particular...

Earth Observations for Global Water Security

NASA Technical Reports Server (NTRS)

Lawford, Richard; Strauch, Adrian; Toll, David; Fekete, Balazs; Cripe, Douglas

2013-01-01

The combined effects of population growth, increasing demands for water to support agriculture, energy security, and industrial expansion, and the challenges of climate change give rise to an urgent need to carefully monitor and assess trends and variations in water resources. Doing so will ensure that sustainable access to adequate quantities of safe and useable water will serve as a foundation for water security. Both satellite and in situ observations combined with data assimilation and models are needed for effective, integrated monitoring of the water cycle's trends and variability in terms of both quantity and quality. On the basis of a review of existing observational systems, we argue that a new integrated monitoring capability for water security purposes is urgently needed. Furthermore, the components for this capability exist and could be integrated through the cooperation of national observational programmes. The Group on Earth Observations should play a central role in the design, implementation, management and analysis of this system and its products.

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

ERIC Educational Resources Information Center

Patten, Karen P.; Harris, Mark A.

2013-01-01

Mobile devices, including smartphones and tablets, enable users to access corporate data from anywhere. In 2013, people will purchase 1.2 billion mobile devices, surpassing personal computers as the most common method for accessing the Internet. However, security of these mobile devices is a major concern for organizations. The two leading…

Web Services Security - Implementation and Evaluation Issues

NASA Astrophysics Data System (ADS)

Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

A Unified Approach to Intra-Domain Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Shue, Craig A; Kalafut, Andrew J.; Gupta, Prof. Minaxi

2009-01-01

While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. We develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructuremore » which can later be leveraged to support inter-domain authentication.« less

33 CFR 67.35-15 - To whom addressed.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false To whom addressed. 67.35-15 Section 67.35-15 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION AIDS TO NAVIGATION ON ARTIFICIAL ISLANDS AND FIXED STRUCTURES Applications § 67.35-15 To whom...

33 CFR 67.35-15 - To whom addressed.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false To whom addressed. 67.35-15 Section 67.35-15 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION AIDS TO NAVIGATION ON ARTIFICIAL ISLANDS AND FIXED STRUCTURES Applications § 67.35-15 To whom...

Argonne Director Eric Isaacs addresses the National Press Club

ScienceCinema

Eric Isaccs

2017-12-09

Argonne Director Eric Isaacs addresses the National Press Club on 9/15/2009. To build a national economy based on sustainable energy, the nation must first "reignite its innovation ecology," he said. Issacs makes the case for investing in science to secure America's future.

Argonne Director Eric Isaacs addresses the National Press Club

DOE Office of Scientific and Technical Information (OSTI.GOV)

Eric Isaccs

2009-09-17

Argonne Director Eric Isaacs addresses the National Press Club on 9/15/2009. To build a national economy based on sustainable energy, the nation must first "reignite its innovation ecology," he said. Issacs makes the case for investing in science to secure America's future.

45 CFR 303.30 - Securing medical support information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 45 Public Welfare 2 2012-10-01 2012-10-01 false Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT... noncustodial parent; (4) Name and social security number of child(ren); (5) Home address of noncustodial parent...

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

How Attitude toward the Behavior, Subjective Norm, and Perceived Behavioral Control Affects Information Security Behavior Intention

ERIC Educational Resources Information Center

Johnson, David P.

2017-01-01

The education sector is at high risk for information security (InfoSec) breaches and in need of improved security practices. Achieving data protections cannot be through technical means alone. Addressing the human behavior factor is required. Security education, training, and awareness (SETA) programs are an effective method of addressing human…

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

PubMed

Stites, Mark; Pianykh, Oleg S

2016-04-01

Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

Security Techniques for Sensor Systems and the Internet of Things

ERIC Educational Resources Information Center

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

40 CFR 716.25 - Adequate file search.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 40 Protection of Environment 32 2013-07-01 2013-07-01 false Adequate file search. 716.25 Section 716.25 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT HEALTH AND SAFETY DATA REPORTING General Provisions § 716.25 Adequate file search. The scope of a...

40 CFR 716.25 - Adequate file search.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 40 Protection of Environment 30 2010-07-01 2010-07-01 false Adequate file search. 716.25 Section 716.25 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT HEALTH AND SAFETY DATA REPORTING General Provisions § 716.25 Adequate file search. The scope of a...

40 CFR 716.25 - Adequate file search.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 40 Protection of Environment 31 2014-07-01 2014-07-01 false Adequate file search. 716.25 Section 716.25 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT HEALTH AND SAFETY DATA REPORTING General Provisions § 716.25 Adequate file search. The scope of a...

40 CFR 716.25 - Adequate file search.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 40 Protection of Environment 32 2012-07-01 2012-07-01 false Adequate file search. 716.25 Section 716.25 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT HEALTH AND SAFETY DATA REPORTING General Provisions § 716.25 Adequate file search. The scope of a...

40 CFR 716.25 - Adequate file search.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 40 Protection of Environment 31 2011-07-01 2011-07-01 false Adequate file search. 716.25 Section 716.25 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT HEALTH AND SAFETY DATA REPORTING General Provisions § 716.25 Adequate file search. The scope of a...

Does Financial Literacy Contribute to Food Security?

PubMed

Carman, Katherine G; Zamarro, Gema

2016-01-01

Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members, is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity.

Does Financial Literacy Contribute to Food Security?

PubMed Central

Carman, Katherine G.; Zamarro, Gema

2016-01-01

Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members, is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity. PMID:26949563

Is Seeing Believing? Training Users on Information Security: Evidence from Java Applets

ERIC Educational Resources Information Center

Ayyagari, Ramakrishna; Figueroa, Norilyz

2017-01-01

Information Security issues are one of the top concerns of CEOs. Accordingly, information systems education and research have addressed security issues. One of the main areas of research is the behavioral issues in Information Security, primarily focusing on users' compliance to information security policies. We contribute to this literature by…

Household food security and adequacy of child diet in the food insecure region north in Ghana.

PubMed

Agbadi, Pascal; Urke, Helga Bjørnøy; Mittelmark, Maurice B

2017-01-01

Adequate diet is of crucial importance for healthy child development. In food insecure areas of the world, the provision of adequate child diet is threatened in the many households that sometimes experience having no food at all to eat (household food insecurity). In the context of food insecure northern Ghana, this study investigated the relationship between level of household food security and achievement of recommended child diet as measured by WHO Infant and Young Child Feeding Indicators. Using data from households and 6-23 month old children in the 2012 Feed the Future baseline survey (n = 871), descriptive analyses assessed the prevalence of minimum meal frequency; minimum dietary diversity, and minimum acceptable diet. Logistic regression analysis was used to examine the association of minimum acceptable diet with household food security, while accounting for the effects of child sex and age, maternal -age, -dietary diversity, -literacy and -education, household size, region, and urban-rural setting. Household food security was assessed with the Household Hunger Scale developed by USAID's Food and Nutrition Technical Assistance Project. Forty-nine percent of children received minimum recommended meal frequency, 31% received minimum dietary diversity, and 17% of the children received minimum acceptable diet. Sixty-four percent of the children lived in food secure households, and they were significantly more likely than children in food insecure households to receive recommended minimum acceptable diet [O.R = 0.53; 95% CI: 0.35, 0.82]. However, in 80% of food secure households, children did not receive a minimal acceptable diet by WHO standards. Children living in food secure households were more likely than others to receive a minimum acceptable diet. Yet living in a food secure household was no guarantee of child dietary adequacy, since eight of 10 children in food secure households received less than a minimum acceptable diet. The results call for research

Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template.

PubMed

He, Ying; Johnson, Chris

2015-11-01

The recurrence of past security breaches in healthcare showed that lessons had not been effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans' Affairs Administration to explore whether security lessons could be applied in a very different Chinese healthcare organisation. The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations. Copyright © 2015 Elsevier Ireland Ltd. All rights reserved.

Policy Framework for Addressing Personal Security Issues Concerning Women and Girls. National Strategy on Community Safety and Crime Prevention.

ERIC Educational Resources Information Center

National Crime Prevention Centre, Ottawa (Ontario).

This document presents a policy framework for improving the personal security of women and girls. The document includes: (1) "Introduction"; (2) "Policy Background" (the concept of personal security, the societal context of women's personal security, consequences of violence for women and girls, long-term policy concern, and…

Risks and responses to universal drinking water security.

PubMed

Hope, Robert; Rouse, Michael

2013-11-13

Risks to universal drinking water security are accelerating due to rapid demographic, climate and economic change. Policy responses are slow, uneven and largely inadequate to address the nature and scale of the global challenges. The challenges relate both to maintaining water security in increasingly fragile supply systems and to accelerating reliable access to the hundreds of millions who remain water-insecure. A conceptual framework illustrates the relationship between institutional, operational and financial risks and drinking water security outcomes. We apply the framework to nine case studies from rural and urban contexts in South Asia and sub-Saharan Africa. Case studies are purposively selected based on established and emerging examples of political, technological or institutional reforms that address water security risks. We find broad evidence that improved information flows reduce institutional costs and promote stronger and more transparent operational performance to increase financial sustainability. However, political barriers need to be overcome in all cases through internal or external interventions that require often decadal time frames and catalytic investments. No single model exists, though there is sufficient evidence to demonstrate that risks to drinking water security can be reduced even in the most difficult and challenging contexts.

Maritime Security: Malaysia’s Persistent Problem

DTIC Science & Technology

2012-01-01

navies, and air forces of the littoral states.”20 In his keynote address at the 2011 Shangri-La Dialogue, Prime Minister Dato’ Sri Najib Tun Razak ...Monitor, Vol. 4 No. 3, 2006. Razak , Dato’ Sri Najib Tun, Prime Minister Malaysia. Keynote Address. Shangri-La Dialogue. Singapore, June 3, 2011... Razak , Dato’ Sri Najib , Deputy Prime Minister Malaysia, Address. Shangri-La Dialogue. Enhancing Maritime Security Cooperation. Singapore, 2005

An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

PubMed Central

Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

2016-01-01

Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach. PMID:27077866

An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

PubMed

Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

2016-04-12

Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

Exploring barriers to and enablers of adequate healthcare for Indigenous Australian prisoners with cancer: a scoping review drawing on evidence from Australia, Canada and the United States.

PubMed

Olds, Jessica; Reilly, Rachel; Yerrell, Paul; Stajic, Janet; Micklem, Jasmine; Morey, Kim; Brown, Alex

International frameworks supported by national principles in Australia stipulate that prisoners should be provided with health services equivalent to those provided in the general community. However, a number of barriers unique to the prison system may hinder the provision of equitable healthcare for this population. In Australia, Indigenous people carry a greater burden of cancer mortality, which the Cancer Data and Aboriginal Disparities (CanDAD) project is seeking to address. During the course of recruiting participants to the CanDAD study, Indigenous Australian prisoners with cancer emerged as an important, under-researched but difficult to access sub-group. This scoping review sought to identify barriers and facilitators of access to adequate and equitable healthcare for Indigenous Australian prisoners with cancer in Australia. This review demonstrated a lack of research and, as such, the scoping review was extended to prisoners with cancer in Australia, New Zealand, the United States and Canada. This approach was taken in order to summarise the existing body of evidence regarding the barriers and facilitators of access to adequate and equitable healthcare for those who are incarcerated and suffering from cancer, and highlight areas that may require further investigation. Eight studies or commentaries were found to meet the inclusion criteria. This limited set of findings pointed to a range of possible barriers faced by prisoners with cancer, including a tension between the prisons' concern with security versus the need for timely access to medical care. Findings identified here offer potential starting points for research and policy development. Further research is needed to better elucidate how barriers to adequate cancer care for prisoners may be identified and overcome, in Australia and internationally. Furthermore, given Indigenous Australians' over-burden of cancer mortality and over-representation in the prison system, further research is needed to

Exploring Operational Safeguards, Safety, and Security by Design to Address Real Time Threats in Nuclear Facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schanfein, Mark J.; Mladineo, Stephen V.

2015-07-07

Over the last few years, significant attention has been paid to both encourage application and provide domestic and international guidance for designing in safeguards and security in new facilities.1,2,3 However, once a facility is operational, safeguards, security, and safety often operate as separate entities that support facility operations. This separation is potentially a serious weakness should insider or outsider threats become a reality.Situations may arise where safeguards detects a possible loss of material in a facility. Will they notify security so they can, for example, check perimeter doors for tampering? Not doing so might give the advantage to an insidermore » who has already, or is about to, move nuclear material outside the facility building. If outsiders break into a facility, the availability of any information to coordinate the facility’s response through segregated alarm stations or a failure to include all available radiation sensors, such as safety’s criticality monitors can give the advantage to the adversary who might know to disable camera systems, but would most likely be unaware of other highly relevant sensors in a nuclear facility.This paper will briefly explore operational safeguards, safety, and security by design (3S) at a high level for domestic and State facilities, identify possible weaknesses, and propose future administrative and technical methods, to strengthen the facility system’s response to threats.« less

Population aging and international development: addressing competing claims of distributive justice.

PubMed

Engelman, Michal; Johnson, Summer

2007-04-01

To date, bioethics and health policy scholarship has given little consideration to questions of aging and intergenerational justice in the developing world. Demographic changes are precipitating rapid population aging in developing nations, however, and ethical issues regarding older people's claim to scarce healthcare resources must be addressed. This paper posits that the traditional arguments about generational justice and age-based rationing of healthcare resources, which were developed primarily in more industrialized nations, fail to adequately address the unique challenges facing older persons in developing nations. Existing philosophical approaches to age-based resource allocation underemphasize the importance of older persons for developing countries and fail to adequately consider the rights and interests of older persons in these settings. Ultimately, the paper concludes that the most appropriate framework for thinking about generational justice in developing nations is a rights-based approach that allows for the interests of all age groups, including the oldest, to be considered in the determination of health resource allocation.

24 CFR 891.435 - Security deposits.

Code of Federal Regulations, 2011 CFR

2011-04-01

... payments on security deposits. (2) Household (or family, as applicable) notification requirement. In order... Owner (or Borrower, as applicable) with a forwarding address or arrange to pick up the refund. (3) Use...

24 CFR 891.435 - Security deposits.

Code of Federal Regulations, 2010 CFR

2010-04-01

... payments on security deposits. (2) Household (or family, as applicable) notification requirement. In order... Owner (or Borrower, as applicable) with a forwarding address or arrange to pick up the refund. (3) Use...

10 CFR 1304.114 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Responsibility for maintaining adequate safeguards. 1304.114 Section 1304.114 Energy NUCLEAR WASTE TECHNICAL REVIEW BOARD PRIVACY ACT OF 1974 § 1304.114 Responsibility for maintaining adequate safeguards. The Board has the responsibility for maintaining adequate...

10 CFR 1304.114 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 4 2014-01-01 2014-01-01 false Responsibility for maintaining adequate safeguards. 1304.114 Section 1304.114 Energy NUCLEAR WASTE TECHNICAL REVIEW BOARD PRIVACY ACT OF 1974 § 1304.114 Responsibility for maintaining adequate safeguards. The Board has the responsibility for maintaining adequate...

10 CFR 1304.114 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Responsibility for maintaining adequate safeguards. 1304.114 Section 1304.114 Energy NUCLEAR WASTE TECHNICAL REVIEW BOARD PRIVACY ACT OF 1974 § 1304.114 Responsibility for maintaining adequate safeguards. The Board has the responsibility for maintaining adequate...

10 CFR 1304.114 - Responsibility for maintaining adequate safeguards.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Responsibility for maintaining adequate safeguards. 1304.114 Section 1304.114 Energy NUCLEAR WASTE TECHNICAL REVIEW BOARD PRIVACY ACT OF 1974 § 1304.114 Responsibility for maintaining adequate safeguards. The Board has the responsibility for maintaining adequate...

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

A comprehensive Network Security Risk Model for process control networks.

PubMed

Henry, Matthew H; Haimes, Yacov Y

2009-02-01

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

Security risks associated with radio frequency identification in medical environments.

PubMed

Hawrylak, Peter J; Schimke, Nakeisha; Hale, John; Papa, Mauricio

2012-12-01

Radio frequency identification (RFID) is a form of wireless communication that is used to identify assets and people. RFID has significant benefits to the medical environment. However, serious security threats are present in RFID systems that must be addressed in a medical environment. Of particular interest are threats to patient privacy and safety based on interception of messages, interruption of communication, modification of data, and fabrication of messages and devices. This paper presents an overview of these security threats present in RFID systems in a medical environment and provides guidance on potential solutions to these threats. This paper provides a roadmap for researchers and implementers to address the security issues facing RFID in the medical space.

Mobile code security

NASA Astrophysics Data System (ADS)

Ramalingam, Srikumar

2001-11-01

A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

Determining the right level for your IT security investment.

PubMed

Claunch, Don; McMillan, Mac

2013-05-01

Investing sufficiently in IT security not only is essential for a healthcare organization's protection, but also is a responsibility to patients, and its success depends on its being addressed at all levels of management. Hospital data security breaches have the potential to cost as much as $7 million, including fines, litigation, and damaged reputation. Response and cleanup alone can cost hundreds of thousands of dollars. Developing and following an annual action plan for IT security can lower hospitals' IT security costs in the long run.

Security in perspective; luxury or must?

PubMed

Bakker, A

1998-03-01

In this paper, security in health information systems is put into perspective. The further penetration of information technology into health care is discussed and it is concluded that information systems have already become a vital component, not only for the logistics of the health care institution but also for the rendering of care and cure. Health care depends heavily on adequate data, so availability and integrity are equally important. In view of the sensitive nature of many patient data, the importance of confidentiality was recognised long before computers were invented. For widespread use of IT in health care it is of vital importance that computers can be trusted in respect of confidentiality. This paper emphasises the need to pay attention to security and suggests a responsible approach with implementation of both technical and organisational measures.

Integrating Infrastructure and Institutions for Water Security in Large Urban Areas

NASA Astrophysics Data System (ADS)

Padowski, J.; Jawitz, J. W.; Carrera, L.

2015-12-01

Urban growth has forced cities to procure more freshwater to meet demands; however the relationship between urban water security, water availability and water management is not well understood. This work quantifies the urban water security of 108 large cities in the United States (n=50) and Africa (n=58) based on their hydrologic, hydraulic and institutional settings. Using publicly available data, urban water availability was estimated as the volume of water available from local water resources and those captured via hydraulic infrastructure (e.g. reservoirs, wellfields, aqueducts) while urban water institutions were assessed according to their ability to deliver, supply and regulate water resources to cities. When assessing availability, cities relying on local water resources comprised a minority (37%) of those assessed. The majority of cities (55%) instead rely on captured water to meet urban demands, with African cities reaching farther and accessing a greater number and variety of sources for water supply than US cities. Cities using captured water generally had poorer access to local water resources and maintained significantly more complex strategies for water delivery, supply and regulatory management. Eight cities, all African, are identified in this work as having water insecurity issues. These cities lack sufficient infrastructure and institutional complexity to capture and deliver adequate amounts of water for urban use. Together, these findings highlight the important interconnection between infrastructure investments and management techniques for urban areas with a limited or dwindling natural abundance of water. Addressing water security challenges in the future will require that more attention be placed not only on increasing water availability, but on developing the institutional support to manage captured water supplies.

Library and Archival Security: Policies and Procedures To Protect Holdings from Theft and Damage.

ERIC Educational Resources Information Center

Trinkaus-Randall, Gregor

1998-01-01

Firm policies and procedures that address the environment, patron/staff behavior, general attitude, and care and handling of materials need to be at the core of the library/archival security program. Discussion includes evaluating a repository's security needs, collections security, security in non-public areas, security in the reading room,…

17 CFR 270.14a-1 - Use of notification pursuant to regulation E under the Securities Act of 1933.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Commission adequately insures (a) that after the effective date of such notification such company will not... Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) RULES AND REGULATIONS, INVESTMENT COMPANY... of 1933 by a small business investment company operating under the Small Business Investment Act of...

Ad-Hoc Networks and the Mobile Application Security System (MASS)

DTIC Science & Technology

2006-01-01

solution to this problem that addresses critical aspects of security in ad-hoc mobile application networks. This approach involves preventing unauthorized...modification of a mobile application , both by other applications and by hosts, and ensuring that mobile code is authentic and authorized. These...capabilities constitute the Mobile Application Security System (MASS). The MASS applies effective, robust security to mobile application -based systems

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

Overview of Accelerator Applications for Security and Defense

DOE PAGES

Antolak, Arlyn J.

2015-01-01

Particle accelerators play a key role in a broad set of defense and security applications including war-fighter and asset protection, cargo inspection, nonproliferation, materials characterization and stockpile stewardship. Accelerators can replace the high activity radioactive sources that pose a security threat for developing a radiological dispersal device and be used to produce isotopes for medical, industrial, and re-search purposes. Lastly, we present an overview of current and emerging accelerator technologies relevant to addressing the needs of defense and security.

Homeland security challenges in nursing practice.

PubMed

Boatright, Connie; McGlown, K Joanne

2005-09-01

Nurses need a comprehensive knowledge of doctrine, laws, regulations,programs, and processes that build the operational framework for health care preparedness. Key components of this knowledge base reside in the areas of: evolution of homeland security: laws and mandates affecting health care and compliance and regulatory issues for health care organizations. This article addresses primary components in both of these areas, after first assessing the status of nursing's involvement (in homeland security), as portrayed in the professional literature.

A threat intelligence framework for access control security in the oil industry

NASA Astrophysics Data System (ADS)

Alaskandrani, Faisal T.

The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

Routing architecture and security for airborne networks

NASA Astrophysics Data System (ADS)

Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

2009-05-01

Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

Here Today, Here Tomorrow: The Imperative of Collections Security.

ERIC Educational Resources Information Center

Billington, James H.

1996-01-01

The Librarian of Congress addresses the increasing security threats to the collection at the Library of Congress that caused him to close library stacks, increase police patrol, install surveillance cameras and alarm systems, create material inventories, and limit patron privileges. Many of the security functions are being assessed and monitored…

Security and SCADA protocols

DOE Office of Scientific and Technical Information (OSTI.GOV)

Igure, V. M.; Williams, R. D.

2006-07-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview ofmore » security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)« less

The Secure Medical Research Workspace: An IT Infrastructure to Enable Secure Research on Clinical Data

PubMed Central

Owen, Phillips; Mostafa, Javed; Lamm, Brent; Wang, Xiaoshu; Schmitt, Charles P.; Ahalt, Stanley C.

2013-01-01

Abstract Clinical data have tremendous value for translational research, but only if security and privacy concerns can be addressed satisfactorily. A collaboration of clinical and informatics teams, including RENCI, NC TraCS, UNC's School of Information and Library Science, Information Technology Service's Research Computing and other partners at the University of North Carolina at Chapel Hill have developed a system called the Secure Medical Research Workspace (SMRW) that enables researchers to use clinical data securely for research. SMRW significantly minimizes the risk presented when using identified clinical data, thereby protecting patients, researchers, and institutions associated with the data. The SMRW is built on a novel combination of virtualization and data leakage protection and can be combined with other protection methodologies and scaled to production levels. PMID:23751029

Security Frameworks for Machine-to-Machine Devices and Networks

NASA Astrophysics Data System (ADS)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

Secure and Resilient Cloud Computing for the Department of Defense

DTIC Science & Technology

2015-07-21

that addresses that threat model, and (3) integrate the technology into a usable, secure, resilient cloud test bed. Underpinning this work is the...risks for the DoD’s acquisition of secure, resilient cloud technology by providing proofs of concept, technology maturity, integration demonstrations...we need a strategy for integrating LLSRC technology with the cloud services and applications that need to be secured. The LLSRC integration

Food security in a changing climate

USGS Publications Warehouse

Pulwarty, Roger; Eilerts, Gary; Verdin, James

2012-01-01

By 2080 the effects of climate change—on heat waves, floods, sea level rise, and drought—could push an additional 600 million people into malnutrition and increase the number of people facing water scarcity by 1.8 billion. The precise impacts will, however, strongly depend on socioeconomic conditions such as local markets and food import dependence. In the near term, two factors are also changing the nature of food security: (1) rapid urbanization, with the proportion of the global population living in urban areas expanding from 13 percent in 1975 to greater than 50 percent at present, and (2) trade and domestic market liberalization since 1993, which has promoted removal of import controls, deregulation of prices, and the loss of preferential markets for many small economies. Over the last two years, the worst drought in decades has devastated eastern Africa. The resulting food-security crisis has affected roughly 13 million people and has reminded us that there is still a long way to go in addressing current climate-related risks. In the face of such profound changes and uncertainties, our approaches to food security must evolve. In this article, we describe four key elements that, in our view, will be essential to the success of efforts to address the linked challenges of food security and climate change.

Climate change and security.

PubMed

Rogers, Paul

2009-04-01

Climate change was originally expected to have its main impact on countries in temperate latitudes which, because of their relative wealth, would be best able to cope. It is now far more likely that much poorer states in the tropics and sub-tropics will experience severe impacts. This is compounded by the widening socioeconomic divide and the combination of these divisions, with environmental constraints, will have a profound impact on human security. The dangerous response to the prospects of mass migration and radical social movements is to attempt to maintain control without addressing underlying problems. Instead, there is an urgent need to embrace new concepts of sustainable security.

Household food security and adequacy of child diet in the food insecure region north in Ghana

PubMed Central

Agbadi, Pascal; Urke, Helga Bjørnøy; Mittelmark, Maurice B.

2017-01-01

Background and objectives Adequate diet is of crucial importance for healthy child development. In food insecure areas of the world, the provision of adequate child diet is threatened in the many households that sometimes experience having no food at all to eat (household food insecurity). In the context of food insecure northern Ghana, this study investigated the relationship between level of household food security and achievement of recommended child diet as measured by WHO Infant and Young Child Feeding Indicators. Methods Using data from households and 6–23 month old children in the 2012 Feed the Future baseline survey (n = 871), descriptive analyses assessed the prevalence of minimum meal frequency; minimum dietary diversity, and minimum acceptable diet. Logistic regression analysis was used to examine the association of minimum acceptable diet with household food security, while accounting for the effects of child sex and age, maternal -age, -dietary diversity, -literacy and -education, household size, region, and urban-rural setting. Household food security was assessed with the Household Hunger Scale developed by USAID’s Food and Nutrition Technical Assistance Project. Results Forty-nine percent of children received minimum recommended meal frequency, 31% received minimum dietary diversity, and 17% of the children received minimum acceptable diet. Sixty-four percent of the children lived in food secure households, and they were significantly more likely than children in food insecure households to receive recommended minimum acceptable diet [O.R = 0.53; 95% CI: 0.35, 0.82]. However, in 80% of food secure households, children did not receive a minimal acceptable diet by WHO standards. Conclusions Children living in food secure households were more likely than others to receive a minimum acceptable diet. Yet living in a food secure household was no guarantee of child dietary adequacy, since eight of 10 children in food secure households received less

A Department of Homeland Security Reserves (DHS-R): Simultaneously Protecting the Homeland While Alleviating the Increased DoD Role in Homeland Defense and Security

DTIC Science & Technology

2007-12-01

and Security 6. AUTHOR( S ) David V. Schulz 5. FUNDING NUMBERS 7. PERFORMING ORGANIZATION NAME( S ) AND ADDRESS(ES) Naval Postgraduate School...Monterey, CA 93943-5000 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING /MONITORING AGENCY NAME( S ) AND ADDRESS(ES) N/A 10. SPONSORING...responding agencies. In fact, the slow Katrina response was attributed to “coordination difficulties” between the military, law enforcement, and

Insider Threat and Information Security Management

NASA Astrophysics Data System (ADS)

Coles-Kemp, Lizzie; Theoharidou, Marianthi

The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

State Education Department: Security over Pupil Evaluation Program and Program Evaluation Test Materials Needs Improvement. Report 91-S-2.

ERIC Educational Resources Information Center

New York State Office of the Comptroller, Albany.

Findings of an audit of the New York State Education Department's procedures to maintain security over Pupil Evaluation Program (PEP) and Program Evaluation Test (PET) examination materials are presented in this report. The audit sought to determine whether the department's security procedures adequately prevented unauthorized access to exam…

Security and privacy issues in implantable medical devices: A comprehensive survey.

PubMed

Camara, Carmen; Peris-Lopez, Pedro; Tapiador, Juan E

2015-06-01

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015 Elsevier Inc. All rights reserved.

Toward Assessing Attachment on an Emotional Security Continuum: Comment on Fraley and Spieker (2003).

ERIC Educational Resources Information Center

Cummings, E. Mark

2003-01-01

Advocates renewed efforts toward assessing attachment on a single continuum of emotional security. Contends that theory is essential to guide attachment assessment and that the constructs of secure base and emotional security provide the needed conceptual foundation. Addresses challenges to the scoring of attachment on a security continuum.…

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2013 CFR

2013-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2014 CFR

2014-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

31 CFR 306.11 - Forms of registration for transferable securities.

Code of Federal Regulations, 2011 CFR

2011-07-01

...) (123-45-6789). (d) Life tenant under will. A security may be registered in the name of a life tenant followed by an adequate identifying reference to the will. Example: Anne B. Smith, life tenant under the will of Adam A. Smith, deceased (12-3456789). The life tenant will be considered a fiduciary. (e...

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

PubMed

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

78 FR 34264 - Technical Corrections to the HIPAA Privacy, Security, and Enforcement Rules

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-07

...-AA03 Technical Corrections to the HIPAA Privacy, Security, and Enforcement Rules AGENCY: Office for... corrections address certain inadvertent errors and omissions in the HIPAA Privacy, Security, and Enforcement... (HHS or ``the Department'') published a final rule to implement changes to the HIPAA Privacy, Security...

Beyond engagement in working with children in eight Nairobi slums to address safety, security, and housing: Digital tools for policy and community dialogue.

PubMed

Mitchell, Claudia; Chege, Fatuma; Maina, Lucy; Rothman, Margot

2016-01-01

This article studies the ways in which researchers working in the area of health and social research and using participatory visual methods might extend the reach of participant-generated creations such as photos and drawings to engage community leaders and policy-makers. Framed as going 'beyond engagement', the article explores the idea of the production of researcher-led digital dialogue tools, focusing on one example, based on a series of visual arts-based workshops with children from eight slums in Nairobi addressing issues of safety, security, and well-being in relation to housing. The authors conclude that there is a need for researchers to embark upon the use of visual tools to expand the life and use of visual productions, and in particular to ensure meaningful participation of communities in social change.

Optical security features for plastic card documents

NASA Astrophysics Data System (ADS)

Hossick Schott, Joachim

1998-04-01

Print-on-demand is currently a major trend in the production of paper based documents. This fully digital production philosophy will likely have ramifications also for the secure identification document market. Here, plastic cards increasingly replace traditionally paper based security sensitive documents such as drivers licenses and passports. The information content of plastic cards can be made highly secure by using chip cards. However, printed and other optical security features will continue to play an important role, both for machine readable and visual inspection. Therefore, on-demand high resolution print technologies, laser engraving, luminescent pigments and laminated features such as holograms, kinegrams or phase gratings will have to be considered for the production of secure identification documents. Very important are also basic optical, surface and material durability properties of the laminates as well as the strength and nature of the adhesion between the layers. This presentation will address some of the specific problems encountered when optical security features such as high resolution printing and laser engraving are to be integrated in the on-demand production of secure plastic card identification documents.

Analysis of Vehicle-Based Security Operations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M; Paul, Nate R

Vehicle-to-vehicle (V2V) communications promises to increase roadway safety by providing each vehicle with 360 degree situational awareness of other vehicles in proximity, and by complementing onboard sensors such as radar or camera in detecting imminent crash scenarios. In the United States, approximately three hundred million automobiles could participate in a fully deployed V2V system if Dedicated Short-Range Communication (DSRC) device use becomes mandatory. The system s reliance on continuous communication, however, provides a potential means for unscrupulous persons to transmit false data in an attempt to cause crashes, create traffic congestion, or simply render the system useless. V2V communications mustmore » be highly scalable while retaining robust security and privacy preserving features to meet the intra-vehicle and vehicle-to-infrastructure communication requirements for a growing vehicle population. Oakridge National Research Laboratory is investigating a Vehicle-Based Security System (VBSS) to provide security and privacy for a fully deployed V2V and V2I system. In the VBSS an On-board Unit (OBU) generates short-term certificates and signs Basic Safety Messages (BSM) to preserve privacy and enhance security. This work outlines a potential VBSS structure and its operational concepts; it examines how a vehicle-based system might feasibly provide security and privacy, highlights remaining challenges, and explores potential mitigations to address those challenges. Certificate management alternatives that attempt to meet V2V security and privacy requirements have been examined previously by the research community including privacy-preserving group certificates, shared certificates, and functional encryption. Due to real-world operational constraints, adopting one of these approaches for VBSS V2V communication is difficult. Timely misbehavior detection and revocation are still open problems for any V2V system. We explore the alternative approaches that

Security in the Cache and Forward Architecture for the Next Generation Internet

NASA Astrophysics Data System (ADS)

Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

40 CFR 51.354 - Adequate tools and resources.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 40 Protection of Environment 2 2014-07-01 2014-07-01 false Adequate tools and resources. 51.354... Requirements § 51.354 Adequate tools and resources. (a) Administrative resources. The program shall maintain... assurance, data analysis and reporting, and the holding of hearings and adjudication of cases. A portion of...

40 CFR 51.354 - Adequate tools and resources.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 40 Protection of Environment 2 2011-07-01 2011-07-01 false Adequate tools and resources. 51.354... Requirements § 51.354 Adequate tools and resources. (a) Administrative resources. The program shall maintain... assurance, data analysis and reporting, and the holding of hearings and adjudication of cases. A portion of...

40 CFR 51.354 - Adequate tools and resources.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 40 Protection of Environment 2 2012-07-01 2012-07-01 false Adequate tools and resources. 51.354... Requirements § 51.354 Adequate tools and resources. (a) Administrative resources. The program shall maintain... assurance, data analysis and reporting, and the holding of hearings and adjudication of cases. A portion of...

40 CFR 51.354 - Adequate tools and resources.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 40 Protection of Environment 2 2013-07-01 2013-07-01 false Adequate tools and resources. 51.354... Requirements § 51.354 Adequate tools and resources. (a) Administrative resources. The program shall maintain... assurance, data analysis and reporting, and the holding of hearings and adjudication of cases. A portion of...

Food security -- an insurance approach.

PubMed

1979-01-01

An adequate standard of nutrition at national and individual level is a basic -- and not wholly altruistic -- objective for mankind. Its ingredients are food production and distribution. Of these the latter is currently considered the more limiting, but fluctuations in the former -- over various geographical and time scales -- can be the overriding factor when national supplies are critical. Under these conditions the automatic operations of a legal mandatory food support system -- free from political strings or connotations of welfare -- would be advantageous. A system for providing a measure of food security, using insurance principles and based on a compromise between international stockpiling and direct financial subventions, is outlined in a recent publication of the International Food Policy Research Institute. Essentially it is a means by which the international community could contribute to the food security of food deficit, developing countries without having to create large buffer stocks and stabilize world grain prices. Extracts from this publication are given below.

Urbanization, Extreme Climate Hazards and Food, Energy Water Security

NASA Astrophysics Data System (ADS)

Romero-Lankao, P.; Davidson, D.; McPhearson, T.

2016-12-01

Research is urgently needed that incorporates the interconnected nature of three critical resources supporting our cities: food, energy and water. Cities are increasing demands for food, water and energy resources that in turn stress resource supplies, creating risks of negative impacts to human and ecological wellbeing. Simultaneously, shifts in climatic conditions, including extremes such as floods, heat, and droughts, threaten the sustainable availability of adequate quantities and qualities of food, energy and water (FEW) resources needed for resilient cities and ecosystems. These resource flows cannot be treated in isolation simply because they are interconnected: shifts in food, energy or water dynamics in turn affect the others, affecting the security of the whole - i.e., FEW nexus security. We present a framework to examine the dynamic interactions of urbanization, FEW nexus security and extreme hazard risks, with two overarching research questions: Do existing and emerging actions intended to enhance a population's food, water and energy security have the capacity to ensure FEW nexus security in the face of changing climate and urban development conditions? Can we identify a common set of social, ecological and technological conditions across a diversity of urban-regions that support the emergence of innovations that can lead to structural transformations for FEW nexus security?

Secure Computer System: Unified Exposition and Multics Interpretation

DTIC Science & Technology

1976-03-01

prearranged code to semaphore critical information to an undercleared subject/process. Neither of these topics is directly addressed by the mathematical...FURTHER CONSIDERATIONS. RULES OF OPERATION FOR A SECURE MULTICS Kernel primitives for a secure Multics will be derived from a higher level user...the Multics architecture as little as possible; this will account to a large extent for radical differences in form between actual kernel primitives

The US Army and Future Security Force Assistance Operations

DTIC Science & Technology

2013-04-01

havens. It addresses the recent evolution of SFA doctrine, guidance and authorities, and the role of interagency cooperation related to the future...safe havens. It addresses the recent evolution of SFA doctrine, guidance and authorities, and the role of interagency cooperation related to the...organizations at all levels. 5 SFA extends well beyond military-to-military training and conceptually addresses security as a system of

NORAD: A Model to Address Gaps in US-Mexico Security Coordination

DTIC Science & Technology

2016-05-26

37 slow economic recovery throughout the 1930s by creating a national investment bank , accelerating land reforms, and nationalizing the...population formed in northern Mexico, with unemployment rates rising as high as fifty percent in border cities such as Ciudad Juárez, Tijuana, and...Mexicali.178 To address unemployment in the historically volatile border region, the Mexican government instituted a series of economic development

Security Risks: Management and Mitigation in the Software Life Cycle

NASA Technical Reports Server (NTRS)

Gilliam, David P.

2004-01-01

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Information Data Security Specialists' and Business Leaders' Experiences Regarding Communication Challenges

ERIC Educational Resources Information Center

Lopez, Robert H.

2012-01-01

The problem addressed was the need to maintain data security in the field of information technology. Specifically, the breakdown of communication between business leaders and data security specialists create risks to data security. The purpose of this qualitative phenomenological study was to determine which factors would improve communication…

Neuroscience, ethics, and national security: the state of the art.

PubMed

Tennison, Michael N; Moreno, Jonathan D

2012-01-01

National security organizations in the United States, including the armed services and the intelligence community, have developed a close relationship with the scientific establishment. The latest technology often fuels warfighting and counter-intelligence capacities, providing the tactical advantages thought necessary to maintain geopolitical dominance and national security. Neuroscience has emerged as a prominent focus within this milieu, annually receiving hundreds of millions of Department of Defense dollars. Its role in national security operations raises ethical issues that need to be addressed to ensure the pragmatic synthesis of ethical accountability and national security.

Neuroscience, Ethics, and National Security: The State of the Art

PubMed Central

Tennison, Michael N.; Moreno, Jonathan D.

2012-01-01

National security organizations in the United States, including the armed services and the intelligence community, have developed a close relationship with the scientific establishment. The latest technology often fuels warfighting and counter-intelligence capacities, providing the tactical advantages thought necessary to maintain geopolitical dominance and national security. Neuroscience has emerged as a prominent focus within this milieu, annually receiving hundreds of millions of Department of Defense dollars. Its role in national security operations raises ethical issues that need to be addressed to ensure the pragmatic synthesis of ethical accountability and national security. PMID:22448146

A security mediator for health care information.

PubMed Central

Wiederhold, G.; Bilello, M.; Sarathy, V.; Qian, X.

1996-01-01

The TIHI (Trusted Interoperation of Healthcare Information) project addresses a security issue that arises when some information is being shared among collaborating enterprises, although not all enterprise information is sharable. It assumes that protection exists to prevent intrusion by adversaries through secure transmission and firewalls. The TIHI system design provides a gateway, owned by the enterprise security officer, to mediate queries and responses. The latter are typically transmitted via the Internet. The enterprise policy is determined by rules provided to the mediator. We show examples of typical rules. The problem and our solution, although developed in a healthcare context, is equally valid among collaborating enterprises. PMID:8947640

School Security: Planning and Costs.

ERIC Educational Resources Information Center

Hunter, Richard C.; Mazingo, Terri H.

2003-01-01

Describes efforts by two school districts to address the potential threats of shootings and other school disruptions: Baltimore City Public Schools in Maryland and Charlotte-Mecklenburg Public Schools in North Carolina. Also describes the growing costs of providing safety and security in elementary and secondary schools. (Contains 13 references.)…

Computer Security Products Technology Overview

DTIC Science & Technology

1988-10-01

13 3. DATABASE MANAGEMENT SYSTEMS ................................... 15 Definition...this paper addresses fall into the areas of multi-user hosts, database management systems (DBMS), workstations, networks, guards and gateways, and...provide a portion of that protection, for example, a password scheme, a file protection mechanism, a secure database management system, or even a

Executive Guide: Information Security Management. Learning From Leading Organizations

DTIC Science & Technology

1998-05-01

data. In September 1996, we reported that audit reports and agency self - assessments issued during the previous 2 years showed that weak information...company has developed an efficient and disciplined process for ensuring that information security-related risks to business operations are considered and...protection group at the utility was required to approve all new applications to indicate that risks had been adequately considered. Providing self

Information security of Smart Factories

NASA Astrophysics Data System (ADS)

Iureva, R. A.; Andreev, Y. S.; Iuvshin, A. M.; Timko, A. S.

2018-05-01

In several years, technologies and systems based on the Internet of things (IoT) will be widely used in all smart factories. When processing a huge array of unstructured data, their filtration and adequate interpretation are a priority for enterprises. In this context, the correct representation of information in a user-friendly form acquires special importance, for which the market today presents advanced analytical platforms designed to collect, store and analyze data on technological processes and events in real time. The main idea of the paper is the statement of the information security problem in IoT and integrity of processed information.

Security in the management of information systems.

PubMed

Huston, T L; Huston, J L

1998-06-01

Although security technology exists in abundance in health information management systems, the implementation of that technology is often lacking. This lack of implementation can be heavily affected by the attitudes and perceptions of users and management, the "people part" of systems. Particular operational, organizational, and economic factors must be addressed along with employment of security objectives and accountability. Unique threats, as well as controls, pervade the use of microcomputer-based systems as these systems permeate health care information management.

Security Assistance: DOD’s Ongoing Reforms Address Some Challenges, but Additional Information Is Needed to Further Enhance Program Management

DTIC Science & Technology

2012-11-01

Abbreviations BPC building partner capacity DOD Department of Defense DSCA Defense Security Cooperation Agency EFTS Enhanced Freight Tracking System...SCOs are ready to receive a planned delivery. For both FMS and pseudo-FMS processes, DOD uses the Enhanced Freight Tracking System ( EFTS ), a secure...providing data for this system. The Security Assistance Management Manual recommends that SCOs use the EFTS to maintain awareness of incoming shipments

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

PubMed Central

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

17 CFR 3.30 - Current address for purpose of delivery of communications from the Commission or the National...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Current address for purpose of... Current address for purpose of delivery of communications from the Commission or the National Futures Association. (a) The address of each registrant, applicant for registration and principal, as submitted on the...

Predictors of adequate depression treatment among Medicaid-enrolled adults.

PubMed

Teh, Carrie Farmer; Sorbero, Mark J; Mihalyo, Mark J; Kogan, Jane N; Schuster, James; Reynolds, Charles F; Stein, Bradley D

2010-02-01

To determine whether Medicaid-enrolled depressed adults receive adequate treatment for depression and to identify the characteristics of those receiving inadequate treatment. Claims data from a Medicaid-enrolled population in a large mid-Atlantic state between July 2006 and January 2008. We examined rates and predictors of minimally adequate psychotherapy and pharmacotherapy among adults with a new depression treatment episode during the study period (N=1,098). Many depressed adults received either minimally adequate psychotherapy or pharmacotherapy. Black individuals and individuals who began their depression treatment episode with an inpatient psychiatric stay for depression were markedly less likely to receive minimally adequate psychotherapy and more likely to receive inadequate treatment. Racial minorities and individuals discharged from inpatient treatment for depression are at risk for receiving inadequate depression treatment.

The future of infrastructure security :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Garcia, Pablo; Turnley, Jessica Glicken; Parrott, Lori K.

2013-05-01

Sandia National Laboratories hosted a workshop on the future of infrastructure security on February 27-28, 2013, in Albuquerque, NM. The 17 participants came from backgrounds as diverse as federal policy, the insurance industry, infrastructure management, and technology development. The purpose of the workshop was to surface key issues, identify directions forward, and lay groundwork for cross-sectoral and cross-disciplinary collaborations. The workshop addressed issues such as the problem space (what is included in infrastructure problems?), the general types of threats to infrastructure (such as acute or chronic, system-inherent or exogenously imposed) and definitions of secure and resilient infrastructures. The workshop concludedmore » with a consideration of stakeholders and players in the infrastructure world, and identification of specific activities that could be undertaken by the Department of Homeland Security (DHS) and other players.« less

76 FR 34650 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-14

... The agenda is expected to include the following items: --Cloud Security and Privacy Panel discussion on addressing security and privacy for different types of cloud computing, --Presentation from...

Homeland Security Planning for Urban Area Schools

DTIC Science & Technology

2008-03-01

about the safety and well-being of their families while they are at the scene and this may affect their job performance . Butler , et al recommend...TITLE AND SUBTITLE Homeland Security Planning for Urban Area Schools 6. AUTHOR(S) Craig Gjelsten 5. FUNDING NUMBERS 7. PERFORMING ORGANIZATION NAME...S) AND ADDRESS(ES) Naval Postgraduate School Monterey, CA 93943-5000 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING /MONITORING AGENCY

Can Earth Materials BE Adequately Covered in a - or Two-Semester Course?

NASA Astrophysics Data System (ADS)

Hefferan, K. P.; O'Brien, J.

2007-12-01

Traditional geology programs offer courses in mineralogy, optical mineralogy, igneous petrology, metamorphic petrology, sedimentology and economic geology. At many universities this suite of mineralogy/petrology courses has been supplanted by a one-semester or two-semester Earth Materials course. This interactive poster poses five questions to faculty and students related to the means by which Earth Materials can be delivered: 1) Available online syllabi demonstrate a wide variation in the topics addressed in Earth Materials courses; is there a standard core of key topics that must be covered and in what level of detail? 2) Can a one-semester or two- semester Earth Materials course adequately cover these topics? 3) Excellent textbooks exist in both mineralogy and in petrology; what textbooks, if any, adequately encompass Earth Materials? 4) How has the online environment changed the way in which we use textbooks in the classroom? 5) Given the evolution of geology programs, higher education and the global economy in the past twenty years, what additional changes can be anticipated with respect to delivery and demand of Earth Materials topics? Answers-- or at least related discussions-- to these questions are encouraged via verbal dialogue among participants and/or by comments written on the poster. Our goal is to solicit faculty, student and industry feedback to create a textbook, curricula and online materials that support an Earth Materials course.

Implementation of Strategies to Leverage Public and Private Resources for National Security Workforce Development

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2009-04-01

This report documents implementation strategies to leverage public and private resources for the development of an adequate national security workforce as part of the National Security Preparedness Project (NSPP), being performed under a U.S. Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. There are numerous efforts across the United States to develop a properly skilled and trained national security workforce. Some of these efforts are the result of the leveraging of public and private dollars. As budget dollars decrease and the demand for a properly skilled and trained national security workforce increases, it will become even more important tomore » leverage every education and training dollar. This report details some of the efforts that have been implemented to leverage public and private resources, as well as implementation strategies to further leverage public and private resources.« less

Draft secure medical database standard.

PubMed

Pangalos, George

2002-01-01

Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

Educating Special Forces Junior Leaders for a Complex Security Environment

DTIC Science & Technology

2009-07-01

Security Environment 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR( S ) 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK...UNIT NUMBER 7. PERFORMING ORGANIZATION NAME( S ) AND ADDRESS(ES) Joint Special Operations University,357 Tully Street Alison Building,Hurlburt Field,FL...32544 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME( S ) AND ADDRESS(ES) 10. SPONSOR/MONITOR’S ACRONYM( S ) 11. SPONSOR

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

DTIC Science & Technology

2010-07-01

Cloud computing , an emerging form of computing in which users have access to scalable, on-demand capabilities that are provided through Internet... cloud computing , (2) the information security implications of using cloud computing services in the Federal Government, and (3) federal guidance and...efforts to address information security when using cloud computing . The complete report is titled Information Security: Federal Guidance Needed to

[The concept and measurement of food security].

PubMed

Kim, Kirang; Kim, Mi Kyung; Shin, Young Jeon

2008-11-01

During the past two decades, food deprivation and hunger have been recognized to be not just the concerns of only underdeveloped or developing countries, but as problems for many affluent Western nations as well. Many countries have made numerous efforts to define and measure the extent of these problems. Based on these efforts, the theory and practice of food security studies has significantly evolved during the last decades. Thus, this study aims to provide a comprehensive review of the concept and measurement of food security. In this review, we introduce the definition and background of food security, we describe the impact of food insecurity on nutrition and health, we provide its measurements and operational instruments and we discuss its applications and implications. Some practical information for the use of the food security index in South Korea is also presented. Food security is an essential element in achieving a good nutritional and health status and it has an influence to reduce poverty. The information about the current understanding of food security can help scientists, policy makers and program practitioners conduct research and maintain outreach programs that address the issues of poverty and the promotion of food security.

Implementing healthcare information security: standards can help.

PubMed

Orel, Andrej; Bernik, Igor

2013-01-01

Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

Semiannual Report to Congress on the Effectiveness of the Civil Aviation Security Program.

DTIC Science & Technology

1984-04-13

AD-fl143 023 SEMIANNUAL REPORT TO CONGRESS ON THEUEFFECTIVENESS OF i/i THE CIVIL AVIATION SECURITY PROGRAM(U) FEDERAL AVIATION ADMINISTRATION...Semiannual Report to O Congress on the US Deportmnent of TrasEffectiveness ofi of TransportationFedewl Avkffim Avao The Civil Aviation - Security Program... Aviation Security Program 8. Performing OrgniaetioNi RePwt Us. Aviation Security Division 9. Performing Organistion Name and Address 10. Work Unit No

A Layered Decision Model for Cost-Effective System Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wei, Huaqiang; Alves-Foss, James; Soule, Terry

System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use inmore » deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.« less

National Special Security Events

DTIC Science & Technology

2009-03-24

issue Congress may wish to address. In FY2008, Congress appropriated $1 million for NSSE costs within the Secret Service.18 Some might argue that the...as the recent presidential inauguration. The amount appropriated could be additionally problematic considering that the Secret Service is not...authorized to reimburse state and local law enforcement entities’ overtime costs associated with NSSEs. Any security costs incurred by the Secret Service

A survey of pandemic influenza preparedness and response capabilities in Chicago area hospital security departments.

PubMed

Kimmerly, David P

2009-01-01

This article is a summary based on a December 2007 paper prepared by the author in partial fulfillment of the requirements for a master's degree in business and organizational security management at Webster University. The project described was intended to assess Chicago-area healthcare organization security departments' preparedness and response capabilities for a potential influenza pandemic. While the author says healthcare organizations are learning from the pandemics of the past, little research has been conducted on the requirements necessary within hospital security departments. The article explores staffing, planning, preparation and response capabilities within a healthcare security context to determine existing resources available to the healthcare security community. Eleven completed surveys were received from hospital security managers throughout the geographical Chicago area. They reveal that hospital security managers are conscious of the risks of a pandemic influenza outbreak. Yet, it was found that several gaps existed within hospital security department staffing and response capabilities, as hospital security departments may not have the available resources necessary to adequately maintain their operations during a pandemic incident.

Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization.

PubMed

He, Ying; Johnson, Chris

2017-12-01

Security incidents can have negative impacts on healthcare organizations, and the security of medical records has become a primary concern of the public. However, previous studies showed that organizations had not effectively learned lessons from security incidents. Incident learning as an essential activity in the "follow-up" phase of security incident response lifecycle has long been addressed but not given enough attention. This paper conducted a case study in a healthcare organization in China to explore their current obstacles in the practice of incident learning. We interviewed both IT professionals and healthcare professionals. The results showed that the organization did not have a structured way to gather and redistribute incident knowledge. Incident response was ineffective in cycling incident knowledge back to inform security management. Incident reporting to multiple stakeholders faced a great challenge. In response to this case study, we suggest the security assurance modeling framework to address those obstacles.

Auditing Albaha University Network Security using in-house Developed Penetration Tool

NASA Astrophysics Data System (ADS)

Alzahrani, M. E.

2018-03-01

Network security becomes very important aspect in any enterprise/organization computer network. If important information of the organization can be accessed by anyone it may be used against the organization for further own interest. Thus, network security comes into it roles. One of important aspect of security management is security audit. Security performance of Albaha university network is relatively low (in term of the total controls outlined in the ISO 27002 security control framework). This paper proposes network security audit tool to address issues in Albaha University network. The proposed penetration tool uses Nessus and Metasploit tool to find out the vulnerability of a site. A regular self-audit using inhouse developed tool will increase the overall security and performance of Albaha university network. Important results of the penetration test are discussed.

Development of a telediagnosis endoscopy system over secure internet.

PubMed

Ohashi, K; Sakamoto, N; Watanabe, M; Mizushima, H; Tanaka, H

2008-01-01

We developed a new telediagnosis system to securely transmit high-quality endoscopic moving images over the Internet in real time. This system would enable collaboration between physicians seeking advice from endoscopists separated by long distances, to facilitate diagnosis. We adapted a new type of digital video streaming system (DVTS) to our teleendoscopic diagnosis system. To investigate its feasibility, we conducted a two-step experiment. A basic experiment was first conducted to transmit endoscopic video images between hospitals using a plain DVTS. After investigating the practical usability, we incorporated a secure and reliable communication function into the system, by equipping DVTS with "TCP2", a new security technology that establishes secure communication in the transport layer. The second experiment involved international transmission of teleendoscopic image between Hawaii and Japan using the improved system. In both the experiments, no serious transmission delay was observed to disturb physicians' communications and, after subjective evaluation by endoscopists, the diagnostic qualities of the images were found to be adequate. Moreover, the second experiment showed that "TCP2-equipped DVTS" successfully executed high-quality secure image transmission over a long distance network. We conclude that DVTS technology would be promising for teleendoscopic diagnosis. It was also shown that a high quality, secure teleendoscopic diagnosis system can be developed by equipping DVTS with TCP2.

The Social Security Program and the Private Sector Alternative: Lessons from History.

ERIC Educational Resources Information Center

Quadagno, Jill

1987-01-01

Used historical evidence to analyze how private sector benefits worked in the past in light of the debate surrounding the Social Security benefits and the federal deficit. Among conclusions reached are that the private sector failed to provide adequate protection for older citizens, and that benefits were inequitably distributed on basis of gender…

Maude: A Wide Spectrum Language for Secure Active Networks

DTIC Science & Technology

2002-08-01

AFRL-IF-RS-TR-2002-197 Final Technical Report August 2002 MAUDE: A WIDE SPECTRUM LANGUAGE FOR SECURE ACTIVE NETWORKS SRI...MAUDE: A WIDE SPECTRUM FORMAL LANGUAGE FOR SECURE ACTIVE NETWORKS 6. AUTHOR(S) Jose Meseguer and Carolyn Talcott 5. FUNDING NUMBERS C...specifications to address this challenge. We also show how, using the Maude rewriting logic language and tools, active network systems, languages , and

How to Perform a Security Audit: Is Your School's or District's Network Vulnerable?

ERIC Educational Resources Information Center

Dark, Melissa; Poftak, Amy

2004-01-01

In this article, the authors address the importance of taking a proactive approach to securing a school's network. To do this, it is first required to know the system's specific vulnerabilities and what steps to take to reduce them. The formal process for doing this is known as an information security risk assessment, or a security audit. What…

Maritime Defense and Security Research Program: Final Report, 2004-2011

DTIC Science & Technology

2011-11-01

NAME(S) AND ADDRESS(ES) Assistant Secretary of Defense for Homeland Defense and America‘s Security Affairs Washington D.C. 10 . SPONSOR/MONITOR’S...34 10 . Assessment of Maritime Domain Protection Capabilities Maritime Intercept Analysis...69 10 . MISRAD Leadership Summit, February 2005 ...............................70 11. MDA Executive Interagency Workshop, October

Realizing Scientific Methods for Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.

There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber securitymore » science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.« less

Global food security under climate change

PubMed Central

Schmidhuber, Josef; Tubiello, Francesco N.

2007-01-01

This article reviews the potential impacts of climate change on food security. It is found that of the four main elements of food security, i.e., availability, stability, utilization, and access, only the first is routinely addressed in simulation studies. To this end, published results indicate that the impacts of climate change are significant, however, with a wide projected range (between 5 million and 170 million additional people at risk of hunger by 2080) strongly depending on assumed socio-economic development. The likely impacts of climate change on the other important dimensions of food security are discussed qualitatively, indicating the potential for further negative impacts beyond those currently assessed with models. Finally, strengths and weaknesses of current assessment studies are discussed, suggesting improvements and proposing avenues for new analyses. PMID:18077404

Controller–Pilot Data Link Communication Security

PubMed Central

Polishchuk, Tatiana; Wernberg, Max

2018-01-01

The increased utilization of the new types of cockpit communications, including controller–pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system. PMID:29783791

Controller⁻Pilot Data Link Communication Security.

PubMed

Gurtov, Andrei; Polishchuk, Tatiana; Wernberg, Max

2018-05-20

The increased utilization of the new types of cockpit communications, including controller⁻pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system.

Economic abuse and intra-household inequities in food security.

PubMed

Power, Elaine M

2006-01-01

Food insecurity affected over 2.3 million Canadians in 2004. To date, the food security literature has not considered the potential impact of economic abuse on food security, but there are three ways in which these two important public health issues may be related: 1) victims of economic abuse are at risk of food insecurity when they are denied access to adequate financial resources; 2) the conditions that give rise to food insecurity may also precipitate intimate partner violence in all its forms; 3) women who leave economically abusive intimate heterosexual relationships are more likely to live in poverty and thus are at risk of food insecurity. This paper presents a case of one woman who, during a qualitative research interview, spontaneously reported economic abuse and heterosexual interpersonal violence. The economic abuse suffered by this participant appears to have affected her food security and that of her children, while her husband's was apparently unaffected. There is an urgent need to better understand the nature of intra-household food distribution in food-insecure households and the impact of economic abuse on its victims' food security. Such an understanding may lead to improved food security measurement tools and social policies to reduce food insecurity.

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

PubMed Central

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

PubMed

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

Mechanisms of Power within a Community-Based Food Security Planning Process

ERIC Educational Resources Information Center

McCullum, Christine; Pelletier, David; Barr, Donald; Wilkins, Jennifer; Habicht, Jean-Pierre

2004-01-01

A community food security movement has begun to address problems of hunger and food insecurity by utilizing a community-based approach. Although various models have been implemented, little empirical research has assessed how power operates within community-based food security initiatives. The purpose of this research was to determine how power…

Clinicians, security and information technology support services in practice settings--a pilot study.

PubMed

Fernando, Juanita

2010-01-01

This case study of 9 information technology (IT) support staff in 3 Australian (Victoria) public hospitals juxtaposes their experiences at the user-level of eHealth security in the Natural Hospital Environment with that previously reported by 26 medical, nursing and allied healthcare clinicians. IT support responsibilities comprised the entire hospital, of which clinician eHealth security needs were only part. IT staff believed their support tasks were often fragmented while work responsibilities were hampered by resources shortages. They perceived clinicians as an ongoing security risk to private health information. By comparison clinicians believed IT staff would not adequately support the private and secure application of eHealth for patient care. Preliminary data analysis suggests the tension between these cohorts manifests as an eHealth environment where silos of clinical work are disconnected from silos of IT support work. The discipline-based silos hamper health privacy outcomes. Privacy and security policies, especially those influencing the audit process, will benefit by further research of this phenomenon.

A secure and robust information hiding technique for covert communication

NASA Astrophysics Data System (ADS)

Parah, S. A.; Sheikh, J. A.; Hafiz, A. M.; Bhat, G. M.

2015-08-01

The unprecedented advancement of multimedia and growth of the internet has made it possible to reproduce and distribute digital media easier and faster. This has given birth to information security issues, especially when the information pertains to national security, e-banking transactions, etc. The disguised form of encrypted data makes an adversary suspicious and increases the chance of attack. Information hiding overcomes this inherent problem of cryptographic systems and is emerging as an effective means of securing sensitive data being transmitted over insecure channels. In this paper, a secure and robust information hiding technique referred to as Intermediate Significant Bit Plane Embedding (ISBPE) is presented. The data to be embedded is scrambled and embedding is carried out using the concept of Pseudorandom Address Vector (PAV) and Complementary Address Vector (CAV) to enhance the security of the embedded data. The proposed ISBPE technique is fully immune to Least Significant Bit (LSB) removal/replacement attack. Experimental investigations reveal that the proposed technique is more robust to various image processing attacks like JPEG compression, Additive White Gaussian Noise (AWGN), low pass filtering, etc. compared to conventional LSB techniques. The various advantages offered by ISBPE technique make it a good candidate for covert communication.

22 CFR 1006.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 22 Foreign Relations 2 2014-04-01 2014-04-01 false Adequate evidence. 1006.900 Section 1006.900 Foreign Relations INTER-AMERICAN FOUNDATION GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT... reasonable belief that a particular act or omission has occurred. ...

22 CFR 1508.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 22 Foreign Relations 2 2014-04-01 2014-04-01 false Adequate evidence. 1508.900 Section 1508.900 Foreign Relations AFRICAN DEVELOPMENT FOUNDATION GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT... reasonable belief that a particular act or omission has occurred. ...

Security breaches: tips for assessing and limiting your risks.

PubMed

Coons, Leeanne R

2011-01-01

As part of their compliance planning, medical practices should undergo a risk assessment to determine any vulnerability within the practice relative to security breaches. Practices should also implement safeguards to limit their risks. Such safeguards include facility access controls, information and electronic media management, use of business associate agreements, and education and enforcement. Implementation of specific policies and procedures to address security incidents is another critical step that medical practices should take as part of their security incident prevention plan. Medical practices should not only develop policies and procedures to prevent, detect, contain, and correct security violations, but should make sure that such policies and procedures are actually implemented in their everyday operations.

Use of a "secure room" and a security guard in the management of the violent, aggressive or suicidal patient in a rural hospital: a 3-year audit.

PubMed

Brock, Gordon; Gurekas, Vydas; Gelinas, Anne-Fredrique; Rollin, Karina

2009-01-01

Little has been published on the management of psychiatric crises in rural areas, and little is known of the security needs or use of "secure rooms" in rural hospitals. We conducted a 3-year retrospective chart audit on the use of our secure room/security guard system at a rural hospital in a town of 3500, located 220 km from our psychiatric referral centre. Use of our secure room/security guard system occurred at the rate of 1.1 uses/1000 emergency department visits, with the most common indication being physician perception of risk of patient suicide or self-harm. Concern for staff safety was a factor in 10% of uses. Eighty percent of patients were treated locally, with most being released from the secure room after 2 days or less. Fourteen percent of patients required ultimate transfer to our psychiatric referral centre and 6% to a detoxification centre. The average annual cost of security was $16 259.61. A secure room can provide the opportunity for close observation of a potentially self-harming patient, additional security for staff and early warning if a patient flees the hospital. Most admissions were handled locally, obviating the need for transfer to distant psychiatric referral centres. Most patients who were admitted were already known as having a psychiatric illness and 80% of the patients required the use of the secure room/security guard system for less than a 2-night stay, suggesting that most rural mental health crises pass quickly. Most patients admitted to a rural hospital with a mental health crisis can be managed locally if an adequate secure room/security guard system is available.

Filling gaps in a large reserve network to address freshwater conservation needs.

PubMed

Hermoso, Virgilio; Filipe, Ana Filipa; Segurado, Pedro; Beja, Pedro

2015-09-15

Freshwater ecosystems and biodiversity are among the most threatened at global scale, but efforts for their conservation have been mostly peripheral to terrestrial conservation. For example, Natura 2000, the world's largest network of protected areas, fails to cover adequately the distribution of rare and endangered aquatic species, and lacks of appropriate spatial design to make conservation for freshwater biodiversity effective. Here, we develop a framework to identify a complementary set of priority areas and enhance the conservation opportunities of Natura 2000 for freshwater biodiversity, using the Iberian Peninsula as a case study. We use a systematic planning approach to identify a minimum set of additional areas that would help i) adequately represent all freshwater fish, amphibians and aquatic reptiles at three different target levels, ii) account for key ecological processes derived from riverscape connectivity, and iii) minimize the impact of threats, both within protected areas and propagated from upstream unprotected areas. Addressing all these goals would need an increase in area between 7 and 46%, depending on the conservation target used and strength of connectivity required. These new priority areas correspond to subcatchments inhabited by endangered and range restricted species, as well as additional subcatchments required to improve connectivity among existing protected areas and to increase protection against upstream threats. Our study should help guide future revisions of the design of Natura 2000, while providing a framework to address deficiencies in reserve networks for adequately protecting freshwater biodiversity elsewhere. Copyright © 2015 Elsevier Ltd. All rights reserved.

76 FR 7817 - Announcing Draft Federal Information Processing Standard 180-4, Secure Hash Standard, and Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-11

... before May 12, 2011. ADDRESSES: Written comments may be sent to: Chief, Computer Security Division... FURTHER INFORMATION CONTACT: Elaine Barker, Computer Security Division, National Institute of Standards... Quynh Dang, Computer Security Division, National Institute of Standards and Technology, Gaithersburg, MD...

A scoping review of traditional food security in Alaska.

PubMed

Walch, Amanda; Bersamin, Andrea; Loring, Philip; Johnson, Rhonda; Tholl, Melissa

2018-12-01

Food insecurity is a public health concern. Food security includes the pillars of food access, availability and utilisation. For some indigenous peoples, this may also include traditional foods. To conduct a scoping review on traditional foods and food security in Alaska. Google Scholar and the High North Research Documents were used to search for relevant primary research using the following terms: "traditional foods", "food security", "access", "availability", "utilisation", "Alaska", "Alaska Native" and "indigenous". Twenty four articles from Google Scholar and four articles from the High North Research Documents were selected. The articles revealed three types of research approaches, those that quantified traditional food intake (n=18), those that quantified food security (n=2), and qualitative articles that addressed at least one pillar of food security (n=8). Limited primary research is available on food security in Alaskan. Few studies directly measure food security while most provide a review of food security factors. Research investigating dietary intake of traditional foods is more prevalent, though many differences exist among participant age groups and geographical areas. Future research should include direct measurements of traditional food intake and food security to provide a more complete picture of traditional food security in Alaska.

Position of the American Dietetic Association: Addressing world hunger, malnutrition, and food insecurity.

PubMed

Struble, Marie Boyle; Aomari, Laurie Lindsay

2003-08-01

It is the position of the American Dietetic Association (ADA) that access to adequate amounts of safe, nutritious, and culturally appropriate food at all times is a fundamental human right. Hunger continues to be a worldwide problem of staggering proportions. The Association supports programs and encourages practices that combat hunger and malnutrition, produce food security, promote self-sufficiency, and are environmentally and economically sustainable. The Association is aware that hunger exists in a world of plenty and that poverty, gender inequity, ethnocentrism, racism, and the lack of political will are key constraints to solving the problems of global hunger and malnutrition. Recognizing that simplistic approaches are inadequate, the ADA identifies sustainable development as the long-term strategy to ending world hunger and achieving food security. Sustainable development requires political, economic, and social changes that include empowering the disenfranchised, widening access to assets and other resources, narrowing the gap between rich and poor, and adjusting consumption patterns so as to foster good stewardship of nature. Additionally, because the health status of future generations is related to the well-being of their mothers, achieving food security will also require increased access for women to education, adequate health care and sanitation, and economic opportunities. This position paper reviews the complex issues of global food insecurity and discusses long-term solutions for achieving world food security. Achieving the end of world hunger has been and is now within our grasp. There is sufficient food to feed everyone, and solutions can be realized now that will benefit all of humanity. As noted in the paper, most people who examine the costs of ending versus not ending world hunger are bewildered by the question of why humanity did not solve the problem a long time ago. The Association supports programs and encourages practices that combat

22 CFR 208.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 22 Foreign Relations 1 2011-04-01 2011-04-01 false Adequate evidence. 208.900 Section 208.900 Foreign Relations AGENCY FOR INTERNATIONAL DEVELOPMENT GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

22 CFR 208.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Adequate evidence. 208.900 Section 208.900 Foreign Relations AGENCY FOR INTERNATIONAL DEVELOPMENT GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

Information Analysis Methodology for Border Security Deployment Prioritization and Post Deployment Evaluation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Booker, Paul M.; Maple, Scott A.

2010-06-08

Due to international commerce, cross-border conflicts, and corruption, a holistic, information driven, approach to border security is required to best understand how resources should be applied to affect sustainable improvements in border security. The ability to transport goods and people by land, sea, and air across international borders with relative ease for legitimate commercial purposes creates a challenging environment to detect illicit smuggling activities that destabilize national level border security. Smuggling activities operated for profit or smuggling operations driven by cross border conflicts where militant or terrorist organizations facilitate the transport of materials and or extremists to advance a causemore » add complexity to smuggling interdiction efforts. Border security efforts are further hampered when corruption thwarts interdiction efforts or reduces the effectiveness of technology deployed to enhance border security. These issues necessitate the implementation of a holistic approach to border security that leverages all available data. Large amounts of information found in hundreds of thousands of documents can be compiled to assess national or regional borders to identify variables that influence border security. Location data associated with border topics of interest may be extracted and plotted to better characterize the current border security environment for a given country or region. This baseline assessment enables further analysis, but also documents the initial state of border security that can be used to evaluate progress after border security improvements are made. Then, border security threats are prioritized via a systems analysis approach. Mitigation factors to address risks can be developed and evaluated against inhibiting factor such as corruption. This holistic approach to border security helps address the dynamic smuggling interdiction environment where illicit activities divert to a new location that provides less

32 CFR Appendix A to Part 50 - Life Insurance Products and Securities

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 1 2011-07-01 2011-07-01 false Life Insurance Products and Securities A... Part 50—Life Insurance Products and Securities A. Life Insurance Product Content Prerequisites... and cost of government subsidized Servicemen's Group Life Insurance. 2. The address and phone number...

32 CFR Appendix A to Part 50 - Life Insurance Products and Securities

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 1 2010-07-01 2010-07-01 false Life Insurance Products and Securities A... Part 50—Life Insurance Products and Securities A. Life Insurance Product Content Prerequisites... and cost of government subsidized Servicemen's Group Life Insurance. 2. The address and phone number...

Detection of total hip arthroplasties at airport security checkpoints - how do updated security measures affect patients?

PubMed

Issa, Kimona; Pierce, Todd P; Gwam, Chukwuweieke; Festa, Anthony; Scillia, Anthony J; Mont, Michael A

2018-03-01

There have been historical reports on the experiences of patients with total hip arthroplasty (THA) passing through standard metal detectors at airports. The purpose of this study was to analyse those who had recently passed through airport security and the incidence of: (i) triggering of the alarm; (ii) extra security searches; and (iii) perceived inconvenience. A questionnaire was given to 125 patients with a THA during a follow-up appointment. Those who had passed through airport security after January 2014 met inclusion criteria. A survey was administered that addressed the number of encounters with airport security, frequency of metal detector activation, additional screening procedures utilised, whether security officials required prosthesis documentation, and perceived inconvenience. 51 patients met inclusion criteria. 10 patients (20%) reported triggered security scanners. 4 of the 10 patients stated they had surgical hardware elsewhere in the body. 13 of the 51 patients (25%) believed that having their THA increased the inconvenience of traveling. This is different from the historical cohort with standard metal detectors which patients reported a greater incidence of alarm triggering (n = 120 of 143; p = 0.0001) and perceived inconvenience (n = 99 of 143; p = 0.0001). The percentage of patients who have THA triggering security alarms has decreased. Furthermore, the number of patients who feel that their prosthesis caused traveling inconvenience has decreased. We feel that this decrease in alarms triggered and improved perceptions about inconvenience are related to the increased usage of new technology.

10 CFR 503.35 - Inability to obtain adequate capital.

Code of Federal Regulations, 2010 CFR

2010-01-01

... capital investment, through tariffs, without unreasonably adverse economic effect on its service area... 10 Energy 4 2010-01-01 2010-01-01 false Inability to obtain adequate capital. 503.35 Section 503... New Facilities § 503.35 Inability to obtain adequate capital. (a) Eligibility. Section 212(a)(1)(D) of...

"Something Adequate"? In Memoriam Seamus Heaney, Sister Quinlan, Nirbhaya

ERIC Educational Resources Information Center

Parker, Jan

2014-01-01

Seamus Heaney talked of poetry's responsibility to represent the "bloody miracle", the "terrible beauty" of atrocity; to create "something adequate". This article asks, what is adequate to the burning and eating of a nun and the murderous gang rape and evisceration of a medical student? It considers Njabulo Ndebele's…

Ideas towards sustainable water security

NASA Astrophysics Data System (ADS)

Dalin, Carole

2016-04-01

With growing global demands and a changing climate, ensuring water security - the access to sufficient, quality water resources for health and livelihoods and an acceptable level of water related risk - is increasingly challenging. While a billion people still lack access to water, over-exploitation of this resource increases in many developed and developing parts of the world. While some solutions to water stress have been known for a long time, financial, cultural and political barriers often prevent their implementations. This talk will highlight three crucial areas that need to be addressed to progress towards sustainable water security. The first point is on scale, the second on the agricultural sector and irrigation, and the third on food trade and policy.

2 CFR 180.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 2 Grants and Agreements 1 2010-01-01 2010-01-01 false Adequate evidence. 180.900 Section 180.900 Grants and Agreements OFFICE OF MANAGEMENT AND BUDGET GOVERNMENTWIDE GUIDANCE FOR GRANTS AND AGREEMENTS... belief that a particular act or omission has occurred. ...

Alternative Futures: United States Air Force Security Police in the Twenty-First Century

DTIC Science & Technology

1988-04-01

34What policies should today’s Air Force leadership be pursuing to prepare for tomorrow’s combat support and security police roles?’ The monograph...Further, it addresses the capability of the Air Force to respond to its future combat support and security police missions and their integration into the...security police organizations. His most recent assignments were as the deputy commander of a combat support group and the commander of a security police

The Challenges of Balancing Safety and Security in Implantable Medical Devices.

PubMed

Katzis, Konstantinos; Jones, Richard W; Despotou, George

2016-01-01

Modern Implantable Medical Devices (IMDs), implement capabilities that have contributed significantly to patient outcomes, as well as quality of life. The ever increasing connectivity of IMD's does raise security concerns though there are instances where implemented security measures might impact on patient safety. The paper discusses challenges of addressing both of these attributes in parallel.

Secure ICCP Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rice, Mark J.; Bonebrake, Christopher A.; Dayley, Greg K.

Inter-Control Center Communications Protocol (ICCP), defined by the IEC 60870-6 TASE.2 standard, was developed to enable data exchange over wide area networks between electric system entities, including utility control centers, Independent System Operators (ISOs), Regional Transmission Operators (RTOs) and Independent Power Producers (IPP) also known as Non-Utility Generators (NUG). ICCP is an unprotected protocol, and as a result is vulnerable to such actions as integrity violation, interception or alteration, spoofing, and eavesdropping. Because of these vulnerabilities with unprotected ICCP communication, security enhancements, referred to as Secure ICCP, have been added and are included in the ICCP products that utilities havemore » received since 2003 when the standard was defined. This has resulted in an ICCP product whose communication can be encrypted and authenticated to address these vulnerabilities.« less

Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

NASA Technical Reports Server (NTRS)

Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

2017-01-01

principle. Specifically, for all three datasets, from 86 to 88 the security related issues were located in two to four subsystems.- The severity levels of most security issues were moderate, in all three datasets.- Out of 21 primary security classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, these classes contributed from around 80 to 90 of all security issues in each dataset. This again proves the Pareto principle of uneven distribution of security issues, in this case across CWE classes, and supports the fact that addressing these dominant security classes provides the most cost efficient way to improve missions' security. The findings presented in this report uncovered the security vulnerability profiles and identified the common trends and dominant classes of security issues, which in turn can be used to select the most efficient secure design and coding best practices compiled by the part of the SARP project team associated with the NASA's Johnson Space Center. In addition, these findings provide valuable input to the NASA IVV initiative aimed at identification of the two 25 CWEs of ground and flight missions.

SAVAH: Source Address Validation with Host Identity Protocol

NASA Astrophysics Data System (ADS)

Kuptsov, Dmitriy; Gurtov, Andrei

Explosive growth of the Internet and lack of mechanisms that validate the authenticity of a packet source produced serious security and accounting issues. In this paper, we propose validating source addresses in LAN using Host Identity Protocol (HIP) deployed in a first-hop router. Compared to alternative solutions such as CGA, our approach is suitable both for IPv4 and IPv6. We have implemented SAVAH in Wi-Fi access points and evaluated its overhead for clients and the first-hop router.

Securing Location Services Infrastructures: Practical Criteria for Application Developers and Solutions Architects

ERIC Educational Resources Information Center

Karamanian, Andre

2013-01-01

This qualitative, exploratory, normative study examined the security and privacy of location based services in mobile applications. This study explored risk, and controls to implement privacy and security. This study was addressed using components of the FIPS Risk Management Framework. This study found that risk to location information was…

Secure password-based authenticated key exchange for web services

DOE Office of Scientific and Technical Information (OSTI.GOV)

Liang, Fang; Meder, Samuel; Chevassut, Olivier

This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options inmore » the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.« less

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor

Predicting automated guideway transit system station security requirements

DOT National Transportation Integrated Search

1980-03-01

This study addresses the issues of personal security on Automated Guideway Transit (AGT) Systems, as they might be deployed in typical urban residential and non-residential settings. Based upon a literature review, it outlines basic characteristics o...

21 CFR 1404.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Adequate evidence. 1404.900 Section 1404.900 Food and Drugs OFFICE OF NATIONAL DRUG CONTROL POLICY GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

29 CFR 1471.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 29 Labor 4 2011-07-01 2011-07-01 false Adequate evidence. 1471.900 Section 1471.900 Labor Regulations Relating to Labor (Continued) FEDERAL MEDIATION AND CONCILIATION SERVICE GOVERNMENTWIDE DEBARMENT... information sufficient to support the reasonable belief that a particular act or omission has occurred. ...

21 CFR 1404.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Adequate evidence. 1404.900 Section 1404.900 Food and Drugs OFFICE OF NATIONAL DRUG CONTROL POLICY GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

29 CFR 1471.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 29 Labor 4 2014-07-01 2014-07-01 false Adequate evidence. 1471.900 Section 1471.900 Labor Regulations Relating to Labor (Continued) FEDERAL MEDIATION AND CONCILIATION SERVICE GOVERNMENTWIDE DEBARMENT... information sufficient to support the reasonable belief that a particular act or omission has occurred. ...

29 CFR 1471.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 29 Labor 4 2012-07-01 2012-07-01 false Adequate evidence. 1471.900 Section 1471.900 Labor Regulations Relating to Labor (Continued) FEDERAL MEDIATION AND CONCILIATION SERVICE GOVERNMENTWIDE DEBARMENT... information sufficient to support the reasonable belief that a particular act or omission has occurred. ...

21 CFR 1404.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Adequate evidence. 1404.900 Section 1404.900 Food and Drugs OFFICE OF NATIONAL DRUG CONTROL POLICY GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

21 CFR 1404.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Adequate evidence. 1404.900 Section 1404.900 Food and Drugs OFFICE OF NATIONAL DRUG CONTROL POLICY GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

29 CFR 1471.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 29 Labor 4 2010-07-01 2010-07-01 false Adequate evidence. 1471.900 Section 1471.900 Labor Regulations Relating to Labor (Continued) FEDERAL MEDIATION AND CONCILIATION SERVICE GOVERNMENTWIDE DEBARMENT... information sufficient to support the reasonable belief that a particular act or omission has occurred. ...

21 CFR 1404.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Adequate evidence. 1404.900 Section 1404.900 Food and Drugs OFFICE OF NATIONAL DRUG CONTROL POLICY GOVERNMENTWIDE DEBARMENT AND SUSPENSION... support the reasonable belief that a particular act or omission has occurred. ...

29 CFR 1471.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 29 Labor 4 2013-07-01 2013-07-01 false Adequate evidence. 1471.900 Section 1471.900 Labor Regulations Relating to Labor (Continued) FEDERAL MEDIATION AND CONCILIATION SERVICE GOVERNMENTWIDE DEBARMENT... information sufficient to support the reasonable belief that a particular act or omission has occurred. ...

SPCC- Software Elements for Security Partition Communication Controller

NASA Astrophysics Data System (ADS)

Herpel, H. J.; Willig, G.; Montano, G.; Tverdyshev, S.; Eckstein, K.; Schoen, M.

2016-08-01

Future satellite missions like Earth Observation, Telecommunication or any other kind are likely to be exposed to various threats aiming at exploiting vulnerabilities of the involved systems and communications. Moreover, the growing complexity of systems coupled with more ambitious types of operational scenarios imply increased security vulnerabilities in the future. In the paper we will describe an architecture and software elements to ensure high level of security on-board a spacecraft. First the threats to the Security Partition Communication Controller (SPCC) will be addressed including the identification of specific vulnerabilities to the SPCC. Furthermore, appropriate security objectives and security requirements are identified to be counter the identified threats. The security evaluation of the SPCC will be done in accordance to the Common Criteria (CC). The Software Elements for SPCC has been implemented on flight representative hardware which consists of two major elements: the I/O board and the SPCC board. The SPCC board provides the interfaces with ground while the I/O board interfaces with typical spacecraft equipment busses. Both boards are physically interconnected by a high speed spacewire (SpW) link.

Security Cooperation: Comparison of Proposed Provisions for the FY2017 National Defense Authorization Act (NDAA)

DTIC Science & Technology

2016-11-01

in the FY2017 NDAA Congressional Research Service Summary During the lame duck session, the 114th Congress is expected to consider various...the lame duck session beginning in November is expected to address the NDAA conference report. Security cooperation provisions in the conference report...U.S. security assistance authorities, see Defense Security Cooperation Agency (DSCA), Defense Institute of Security Cooperation Studies , “Chapter 2

Economic performance of water storage capacity expansion for food security

NASA Astrophysics Data System (ADS)

Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

2013-03-01

SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

Very low food security in the USA is linked with exposure to violence.

PubMed

Chilton, Mariana M; Rabinowich, Jenny R; Woolf, Nicholas H

2014-01-01

To investigate characteristics of exposure to violence in relation to food security status among female-headed households. Ongoing mixed-method participatory action study. Questions addressed food insecurity, public assistance, and maternal and child health. Grounded theory analysis of qualitative themes related to violence was performed. These themes were then categorized by food security status. Homes of low-income families in Philadelphia, PA, USA. Forty-four mothers of children under 3 years of age participating in public assistance programmes. Forty women described exposure to violence ranging from fear of violence to personal experiences with rape. Exposure to violence affected mental health, ability to continue school and obtain work with living wages, and subsequently the ability to afford food. Exposure to violence during childhood and being a perpetrator of violence were both linked to very low food security status and depressive symptoms. Ten of seventeen (59%) participants reporting very low food security described life-changing violence, compared with three of fifteen (20%) participants reporting low food security and four of twelve (33%) reporting food security. Examples of violent experiences among the very low food secure group included exposure to child abuse, neglect and rape that suggest exposure to violence is an important factor in the experience of very low food security. Descriptions of childhood trauma and life-changing violence are linked with severe food security. Policy makers and clinicians should incorporate violence prevention efforts when addressing hunger.

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

Formal assessment instrument for ensuring the security of NASA's networks, systems and software

NASA Technical Reports Server (NTRS)

Gilliam, D. P.; Powell, J. D.; Sherif, J.

2002-01-01

To address the problem of security for NASA's networks, systems and software, NASA has funded the Jet Propulsion Lab in conjunction with UC Davis to begin work on developing a software security assessment instrument for use in the software development and maintenance life cycle.

A model-driven approach to information security compliance

NASA Astrophysics Data System (ADS)

Correia, Anacleto; Gonçalves, António; Teodoro, M. Filomena

2017-06-01

The availability, integrity and confidentiality of information are fundamental to the long-term survival of any organization. Information security is a complex issue that must be holistically approached, combining assets that support corporate systems, in an extended network of business partners, vendors, customers and other stakeholders. This paper addresses the conception and implementation of information security systems, conform the ISO/IEC 27000 set of standards, using the model-driven approach. The process begins with the conception of a domain level model (computation independent model) based on information security vocabulary present in the ISO/IEC 27001 standard. Based on this model, after embedding in the model mandatory rules for attaining ISO/IEC 27001 conformance, a platform independent model is derived. Finally, a platform specific model serves the base for testing the compliance of information security systems with the ISO/IEC 27000 set of standards.

Facilitating Secure Sharing of Personal Health Data in the Cloud

PubMed Central

Nepal, Surya; Glozier, Nick

2016-01-01

Background Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. Objective This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. Methods We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). Results We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. Conclusions We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors. PMID:27234691

Facilitating Secure Sharing of Personal Health Data in the Cloud.

PubMed

Thilakanathan, Danan; Calvo, Rafael A; Chen, Shiping; Nepal, Surya; Glozier, Nick

2016-05-27

Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors.

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

Collaborating toward improving food security in Nunavut.

PubMed

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut.

Defining the Role of the Professional Security Consultant.

ERIC Educational Resources Information Center

Webster, Jim

2002-01-01

Discusses the skill set that should be available in security consultants to higher education, including the ability to work with mechanical, architectural, electrical, landscaping, and telecommunications systems. Addresses the need to bring consultants into the building design phase. (EV)

Homeland Security Strategic Research Action Plan 2012 - 2016

EPA Pesticide Factsheets

EPA’s Homeland Security research plan outline and how it will address science and technological gaps and improve the Agency’s ability to carry out its responsibilities associated with preparing for and responding to, terrorist attacks, and other disasters.

Private Security Contractors: The Other Force

DTIC Science & Technology

2011-03-22

improving PSC oversight. This paper will not address private contractors conducting Police force training , governmental use of PSCs outside of Iraq...theater entry requirements, conduct mandatory training , conduct weapons training and qualification and conduct security verification and criminal...an effective oversight program including contractor deployment tracking, limited contract oversight personnel, and untrained Contract Officer

The Hidden Cost of School Security

ERIC Educational Resources Information Center

DeAngelis, Karen J.; Brent, Brian O.; Ianni, Danielle

2011-01-01

A spate of school shootings in the U.S. has prompted policymakers to address the public's growing perception that our schools are unsafe. As education policymakers continue to press for additional security initiatives, it is important to understand the costs borne by school systems for these programs. Thus far, the scholarly literature is silent…

Detection of Total Knee Arthroplasties at Airport Security Checkpoints: How Do Updated Security Measures Affect Patients?

PubMed

Issa, Kimona; Pierce, Todd P; Gwam, Chukwuweieke; Goljan, Peter; Festa, Anthony; Scillia, Anthony J; Mont, Michael A

2017-07-01

Airport security measures continue to be updated with the incorporation of the new body scanners and automatic target recognition software. The purpose of this study was analyze the incidence of: (1) triggering the security alarm; (2) extra security searches; (3) perceived inconvenience; and (4) presence of other surgical hardware in those who underwent total knee arthroplasty (TKA) and passed through airport security. A questionnaire was given to 125 consecutive patients with a TKA. Those who passed through airport security after January 2014 were considered for inclusion. A questionnaire was administered that addressed the number of encounters with airport security, metal detector activation, additional screening procedures, and perceived inconvenience. Out of the 125 patients, 53 met inclusion criteria. Out of the 53 patients, 20 (38%) reported that their prosthesis triggered a metal detector. Out of the 20 patients, 8 (40%) who reported triggering of metal detectors also reported the presence of surgical hardware elsewhere in the body. Eighteen of the 53 patients (34%) believed having a TKA was inconvenient for airplane travel. Compared with the historical cohort, alarms were triggered in 70 of 97 patients ( p  = 0.0001) and 50 of 97 reported inconvenience when traveling ( n  = 50 of 97 patients; p  = 0.04). The incidences of those who underwent TKA triggering alarms and perceiving inconvenience when passing through airport security have decreased from previously published studies. This is most likely due to the recent updates and modifications to screening. As these security measures are modified and implant designs continue to evolve, this is an area of investigation that should continue. Thieme Medical Publishers 333 Seventh Avenue, New York, NY 10001, USA.

31 CFR 19.900 - Adequate evidence.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 31 Money and Finance: Treasury 1 2012-07-01 2012-07-01 false Adequate evidence. 19.900 Section 19.900 Money and Finance: Treasury Office of the Secretary of the Treasury GOVERNMENTWIDE DEBARMENT AND... sufficient to support the reasonable belief that a particular act or omission has occurred. ...

31 CFR 19.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 31 Money and Finance: Treasury 1 2011-07-01 2011-07-01 false Adequate evidence. 19.900 Section 19.900 Money and Finance: Treasury Office of the Secretary of the Treasury GOVERNMENTWIDE DEBARMENT AND... sufficient to support the reasonable belief that a particular act or omission has occurred. ...

34 CFR 85.900 - Adequate evidence.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 34 Education 1 2011-07-01 2011-07-01 false Adequate evidence. 85.900 Section 85.900 Education Office of the Secretary, Department of Education GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT... reasonable belief that a particular act or omission has occurred. (Authority: E.O. 12549 (3 CFR, 1986 Comp...

31 CFR 19.900 - Adequate evidence.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 31 Money and Finance: Treasury 1 2014-07-01 2014-07-01 false Adequate evidence. 19.900 Section 19.900 Money and Finance: Treasury Office of the Secretary of the Treasury GOVERNMENTWIDE DEBARMENT AND... sufficient to support the reasonable belief that a particular act or omission has occurred. ...

31 CFR 19.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 31 Money and Finance: Treasury 1 2010-07-01 2010-07-01 false Adequate evidence. 19.900 Section 19.900 Money and Finance: Treasury Office of the Secretary of the Treasury GOVERNMENTWIDE DEBARMENT AND... sufficient to support the reasonable belief that a particular act or omission has occurred. ...

34 CFR 85.900 - Adequate evidence.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 34 Education 1 2010-07-01 2010-07-01 false Adequate evidence. 85.900 Section 85.900 Education Office of the Secretary, Department of Education GOVERNMENTWIDE DEBARMENT AND SUSPENSION (NONPROCUREMENT... reasonable belief that a particular act or omission has occurred. Authority: E.O. 12549 (3 CFR, 1986 Comp., p...

31 CFR 19.900 - Adequate evidence.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 31 Money and Finance: Treasury 1 2013-07-01 2013-07-01 false Adequate evidence. 19.900 Section 19.900 Money and Finance: Treasury Office of the Secretary of the Treasury GOVERNMENTWIDE DEBARMENT AND... sufficient to support the reasonable belief that a particular act or omission has occurred. ...

Globalized Security Reshaping America’s Defense Trade Policy

DTIC Science & Technology

2001-04-01

AU/SCHOOL/NNN/2001-04 THE ATLANTIC COUNCIL OF THE UNITED STATES AIR UNIVERSITY NATIONAL DEFENSE FELLOWSHIP PROGRAM GLOBALIZED SECURITY RESHAPING...Author(s) Sullivan, Shannon M. Project Number Task Number Work Unit Number Performing Organization Name(s) and Address(es) Air University Maxwell...Makins, President of the Atlantic Council of the United States, did appreciate these factors , and he steered me into what became a fascinating

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Network Security via Biometric Recognition of Patterns of Gene Expression

NASA Technical Reports Server (NTRS)

Shaw, Harry C.

2016-01-01

Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

Network Security via Biometric Recognition of Patterns of Gene Expression

NASA Technical Reports Server (NTRS)

Shaw, Harry C.

2016-01-01

Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

Use of Security Officers on Inpatient Psychiatry Units.

PubMed

Lawrence, Ryan E; Perez-Coste, Maria M; Arkow, Stan D; Appelbaum, Paul S; Dixon, Lisa B

2018-04-02

Violent and aggressive behaviors are common among psychiatric inpatients. Hospital security officers are sometimes used to address such behaviors. Research on the role of security in inpatient units is scant. This study examined when security is utilized and what happens when officers arrive. The authors reviewed the security logbook and the medical records for all patients discharged from an inpatient psychiatry unit over a six-month period. Authors recorded when security calls happened, what behaviors triggered security calls, what outcomes occurred, and whether any patient characteristics were associated with security calls. A total of 272 unique patients were included. A total of 49 patients (18%) generated security calls (N=157 calls). Security calls were most common in the first week of hospitalization (N=45 calls), and roughly half of the patients (N=25 patients) had only one call. The most common inciting behavior was "threats to persons" (N=34 calls), and the most common intervention was intramuscular antipsychotic injection (N=49 calls). The patient variables associated with security calls were having more than one prior hospitalization (odds ratio [OR]=4.56, p=.001, 95% confidence interval [CI]=1.80-11.57), involuntary hospitalization (OR=5.09, p<.001, CI=2.28-11.33), and going to court for any reason (OR=5.80, p=.004, CI=1.75-19.15). Security officers were often called for threats of violence and occasionally called for actual violence. Patient variables associated with security calls are common among inpatients, and thus clinicians should stay attuned to patients' moment-to-moment care needs.

CORBASec Used to Secure Distributed Aerospace Propulsion Simulations