Science.gov

Sample records for complete security framework

  1. DIRAC distributed secure framework

    NASA Astrophysics Data System (ADS)

    Casajus, A.; Graciani, R.; LHCb DIRAC Team

    2010-04-01

    DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to a MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.

  2. A Security Framework for Online Distance Learning and Training.

    ERIC Educational Resources Information Center

    Furnell, S. M.; Onions, P. D.; Bleimann, U.; Gojny, U.; Knahl, M.; Roder, H. F.; Sanders, P. W.

    1998-01-01

    Presents a generic reference model for online distance learning and discusses security issues for each stage (enrollment, study, completion, termination, suspension). Discusses a security framework (authentication and accountability, access control, intrusion detection, network communications, nonrepudiation, learning resources provider…

  3. Framework for Flexible Security in Group Communications

    NASA Technical Reports Server (NTRS)

    McDaniel, Patrick; Prakash, Atul

    2006-01-01

    The Antigone software system defines a framework for the flexible definition and implementation of security policies in group communication systems. Antigone does not dictate the available security policies, but provides high-level mechanisms for implementing them. A central element of the Antigone architecture is a suite of such mechanisms comprising micro-protocols that provide the basic services needed by secure groups.

  4. A general framework for complete positivity

    NASA Astrophysics Data System (ADS)

    Dominy, Jason M.; Shabani, Alireza; Lidar, Daniel A.

    2016-01-01

    Complete positivity of quantum dynamics is often viewed as a litmus test for physicality; yet, it is well known that correlated initial states need not give rise to completely positive evolutions. This observation spurred numerous investigations over the past two decades attempting to identify necessary and sufficient conditions for complete positivity. Here, we describe a complete and consistent mathematical framework for the discussion and analysis of complete positivity for correlated initial states of open quantum systems. This formalism is built upon a few simple axioms and is sufficiently general to contain all prior methodologies going back to Pechakas (Phys Rev Lett 73:1060-1062, 1994). The key observation is that initial system-bath states with the same reduced state on the system must evolve under all admissible unitary operators to system-bath states with the same reduced state on the system, in order to ensure that the induced dynamical maps on the system are well defined. Once this consistency condition is imposed, related concepts such as the assignment map and the dynamical maps are uniquely defined. In general, the dynamical maps may not be applied to arbitrary system states, but only to those in an appropriately defined physical domain. We show that the constrained nature of the problem gives rise to not one but three inequivalent types of complete positivity. Using this framework, we elucidate the limitations of recent attempts to provide conditions for complete positivity using quantum discord and the quantum data processing inequality. In particular, we correct the claim made by two of us (Shabani and Lidar in Phys Rev Lett 102:100402-100404, 2009) that vanishing discord is necessary for complete positivity, and explain that it is valid only for a particular class of initial states. The problem remains open, and may require fresh perspectives and new mathematical tools. The formalism presented herein may be one step in that direction.

  5. A Security Audit Framework to Manage Information System Security

    NASA Astrophysics Data System (ADS)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  6. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  7. The Regulatory Framework for Privacy and Security

    NASA Astrophysics Data System (ADS)

    Hiller, Janine S.

    The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

  8. A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

    NASA Astrophysics Data System (ADS)

    Hassan, Ahmed A.; Bahgat, Waleed M.

    2010-01-01

    Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

  9. 31 CFR 535.532 - Completion of certain securities transactions.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... (Continued) OFFICE OF FOREIGN ASSETS CONTROL, DEPARTMENT OF THE TREASURY IRANIAN ASSETS CONTROL REGULATIONS Licenses, Authorizations and Statements of Licensing Policy § 535.532 Completion of certain securities... the account of Iran or an Iranian entity provided the following terms and conditions are complied...

  10. 31 CFR 535.532 - Completion of certain securities transactions.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... (Continued) OFFICE OF FOREIGN ASSETS CONTROL, DEPARTMENT OF THE TREASURY IRANIAN ASSETS CONTROL REGULATIONS Licenses, Authorizations and Statements of Licensing Policy § 535.532 Completion of certain securities... the account of Iran or an Iranian entity provided the following terms and conditions are complied...

  11. Sensor based framework for secure multimedia communication in VANET.

    PubMed

    Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T; Sher, Muhammad; Kim, Tai-Hoon

    2010-01-01

    Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

  12. Sensor Based Framework for Secure Multimedia Communication in VANET

    PubMed Central

    Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T.; Sher, Muhammad; Kim, Tai-Hoon

    2010-01-01

    Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

  13. Security Frameworks for Machine-to-Machine Devices and Networks

    NASA Astrophysics Data System (ADS)

    Demblewski, Michael

    Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

  14. Photon Temporal Modes: A Complete Framework for Quantum Information Science

    NASA Astrophysics Data System (ADS)

    Brecht, B.; Reddy, Dileep V.; Silberhorn, C.; Raymer, M. G.

    2015-10-01

    Field-orthogonal temporal modes of photonic quantum states provide a new framework for quantum information science (QIS). They intrinsically span a high-dimensional Hilbert space and lend themselves to integration into existing single-mode fiber communication networks. We show that the three main requirements to construct a valid framework for QIS—the controlled generation of resource states, the targeted and highly efficient manipulation of temporal modes, and their efficient detection—can be fulfilled with current technology. We suggest implementations of diverse QIS applications based on this complete set of building blocks.

  15. a Unified Blending Framework for Panorama Completion via Graph Cuts

    NASA Astrophysics Data System (ADS)

    Chen, Kai; Yao, Jian; Xia, Menghan; Gui, Xinyuan; Lu, Xiaohu; Li, Li

    2016-06-01

    In this paper, we propose a unified framework for efficiently completing streetview and indoor 360° panoramas due to the lack of bottom areas caused by the occlusion of the acquisition platform. To greatly reduce the severe distortion at the bottom of the panorama, we first reproject it onto the ground perspective plane containing the whole occluded region to be completed. Then, we formulate the image completion problem in an improved graph cuts optimization framework based on the statistics of similar patches by strengthening the boundary constraints. To further eliminate image luminance differences and color deviations and conceal geometrical parallax among the optimally selected patches for completion, we creatively apply a multi-bland image blending algorithm for perfect image mosaicking from the completed patches and the originally reprojected image. Finally, we back-project the completed and blended ground perspective image into the cylindrical-projection panorama followed by a simple feathering to further reduce artifacts in the panorama. Experimental results on some representative non-panoramic images and streetview and indoor panoramas demonstrate the efficiency and robustness of the proposed method even in some challenging cases.

  16. Incorporating Risk and Indicators into a Water Security Framework

    NASA Astrophysics Data System (ADS)

    Allen, D. M.; Bakker, K.; Simpson, M. W.; Norman, E.; Dunn, G.

    2010-12-01

    The concept of water security has received growing attention over the past five years in academic debates and policy circles, particularly with respect to cumulative impacts assessment and watershed management. We propose an integrative definition for water security; one that considers both stressors and impacts (or effects) on hydrological systems. We present a water security assessment framework that considers status and risk indicators for both water quality and quantity as measures of impacts. This assessment framework also integrates the social sciences with natural science, engineering, and public health, providing opportunities to address environmental challenges, including the relationship between water and land use dynamics, the integration of aquatic ecosystem and human health concerns, and the alignment of governance with water management imperatives. We argue that this framework has the potential to advance water science, the contributing disciplines, and water policy and management.

  17. Cyber Security Research Frameworks For Coevolutionary Network Defense

    SciTech Connect

    Rush, George D.; Tauritz, Daniel Remy

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  18. A flexible framework for secure and efficient program obfuscation.

    SciTech Connect

    Solis, John Hector

    2013-03-01

    In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a secure program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.

  19. NINJA: a noninvasive framework for internal computer security hardening

    NASA Astrophysics Data System (ADS)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  20. A Framework for Game-Based Security Proofs

    NASA Astrophysics Data System (ADS)

    Nowak, David

    To be accepted, a cryptographic scheme must come with a proof that it satisfies some standard security properties. However, because cryptographic schemes are based on non-trivial mathematics, proofs are error-prone and difficult to check. The main contributions of this paper are a refinement of the game-based approach to security proofs, and its implementation on top of the proof assistant Coq. The proof assistant checks that the proof is correct and deals with the mundane part of the proof. An interesting feature of our framework is that our proofs are formal enough to be mechanically checked, but still readable enough to be humanly checked. We illustrate the use of our framework by proving in a systematic way the so-called semantic security of the encryption scheme Elgamal and its hashed version.

  1. 17 CFR 300.307 - Completion with cash or securities of customer.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... securities of customer. 300.307 Section 300.307 Commodity and Securities Exchanges SECURITIES AND EXCHANGE... customer. The trustee may, if authorized by the court, complete an open contractual commitment of the... completed with customer name securities of the customer of the debtor for whose account the commitment...

  2. Security architecture of the M&M mobile agent framework

    NASA Astrophysics Data System (ADS)

    Marques, Paulo J.; Santos, Nuno F.; Silva, Luis; Silva, Joao G.

    2001-07-01

    In the Mobile Agent programming model, small threads of execution migrate from machine to machine, performing their operations locally. For being able to deploy such a model into real world applications, security is a vital concern. In the M&M project we have developed a system that departures from the traditional platform-based execution model for mobile agents. In M&M there are no agent platforms. Instead there is a component framework that allows the applications to become able of sending and receiving agents by themselves in a straightforward manner. In this paper we examine the security mechanisms available in M&M, and how integration with existing applications is done. One difficult aspect of this work is that all the features must work with the security mechanisms that already exist on the applications. This is so because the components are integrated from within into the applications, which already have security mechanisms in place. Currently, M&M provides features like fine-grain security permissions, encryption of agents and data, certificate distribution using LDAP and cryptographic primitives for agents. For validating the approach and solutions found, we have integrated the framework into several off-the-shelf web servers, having the security mechanisms running, with no problems.

  3. A conceptual security framework for personal health records (PHRs).

    PubMed

    Poulymenopoulou, Mikaela; Papakonstantinou, Despina; Malamateniou, Flora; Prentza, Andriana; Vassilacopoulos, George

    2013-01-01

    Electronic personal health record (PHR) is a citizen-centric information tool that allows citizens to control their personal information. However, an ideal PHR should also allow citizens to connect with their formal and informal caregivers (e.g. a family member, a caregiver) and together manage citizen health and social information. This introduces specific challenges in terms of security since multiple parties make entries and require access to PHR data. Since citizens are typically non-security and non-domain experts is considered impossible to control all this information. To this end, this paper presents a conceptual security framework for the employment of an attribute-based PHR access control policy that is continually updated according to providers' local security policies and individual professionals and citizen sharing preferences. PMID:23823399

  4. Installing hydrolytic activity into a completely de novo protein framework.

    PubMed

    Burton, Antony J; Thomson, Andrew R; Dawson, William M; Brady, R Leo; Woolfson, Derek N

    2016-09-01

    The design of enzyme-like catalysts tests our understanding of sequence-to-structure/function relationships in proteins. Here we install hydrolytic activity predictably into a completely de novo and thermostable α-helical barrel, which comprises seven helices arranged around an accessible channel. We show that the lumen of the barrel accepts 21 mutations to functional polar residues. The resulting variant, which has cysteine-histidine-glutamic acid triads on each helix, hydrolyses p-nitrophenyl acetate with catalytic efficiencies that match the most-efficient redesigned hydrolases based on natural protein scaffolds. This is the first report of a functional catalytic triad engineered into a de novo protein framework. The flexibility of our system also allows the facile incorporation of unnatural side chains to improve activity and probe the catalytic mechanism. Such a predictable and robust construction of truly de novo biocatalysts holds promise for applications in chemical and biochemical synthesis. PMID:27554410

  5. A security framework for nationwide health information exchange based on telehealth strategy.

    PubMed

    Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

    2015-05-01

    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal. PMID:25732083

  6. An integrated security framework for GOSS power grid analytics platform

    SciTech Connect

    Gibson, Tara D.; Ciraci, Selim; Sharma, Poorva; Allwardt, Craig H.; Rice, Mark J.; Akyol, Bora A.

    2014-06-23

    In power grid operations, security is an essential component for any middleware platform. Security protects data against unwanted access as well as cyber attacks. GridOpticsTM Software System (GOSS) is an open source power grid analytics platform that facilitates ease of access between applications and data sources and promotes development of advanced analytical applications. GOSS contains an API that abstracts many of the difficulties in connecting to various heterogeneous data sources. A number of applications and data sources have already been implemented to demonstrate functionality and ease of use. A security framework has been implemented which leverages widely accepted, robust JavaTM security tools in a way such that they can be interchanged as needed. This framework supports the complex fine-grained, access control rules identified for the diverse data sources already in GOSS. Performance and reliability are also important considerations in any power grid architecture. An evaluation is done to determine the overhead cost caused by security within GOSS and ensure minimal impact to performance.

  7. Income distribution patterns from a complete social security database

    NASA Astrophysics Data System (ADS)

    Derzsy, N.; Néda, Z.; Santos, M. A.

    2012-11-01

    We analyze the income distribution of employees for 9 consecutive years (2001-2009) using a complete social security database for an economically important district of Romania. The database contains detailed information on more than half million taxpayers, including their monthly salaries from all employers where they worked. Besides studying the characteristic distribution functions in the high and low/medium income limits, the database allows us a detailed dynamical study by following the time-evolution of the taxpayers income. To our knowledge, this is the first extensive study of this kind (a previous Japanese taxpayers survey was limited to two years). In the high income limit we prove once again the validity of Pareto’s law, obtaining a perfect scaling on four orders of magnitude in the rank for all the studied years. The obtained Pareto exponents are quite stable with values around α≈2.5, in spite of the fact that during this period the economy developed rapidly and also a financial-economic crisis hit Romania in 2007-2008. For the low and medium income category we confirmed the exponential-type income distribution. Following the income of employees in time, we have found that the top limit of the income distribution is a highly dynamical region with strong fluctuations in the rank. In this region, the observed dynamics is consistent with a multiplicative random growth hypothesis. Contrarily with previous results obtained for the Japanese employees, we find that the logarithmic growth-rate is not independent of the income.

  8. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect

    Robert P. Evans

    2005-09-01

    in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry

  9. Towards secure virtual directories : a risk analysis framework.

    SciTech Connect

    Claycomb, William R.

    2010-07-01

    Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to virtual directory services, including steps for detection and prevention. We also describe various categories of attack risks, and discuss what is necessary to launch an attack on virtual directories. Finally, we present a framework to use in analyzing risks to individual enterprise computing virtual directory instances. We show how to apply this framework to an example implementation, and discuss the benefits of doing so.

  10. A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications

    NASA Astrophysics Data System (ADS)

    Badan, Stephen; Probst, Julien; Jaton, Markus; Vionnet, Damien; Wagen, Jean-Frédéric; Litzistorf, Gérald

    Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.

  11. Education and Human Survival: The Relevance of the Global Security Framework to International Education.

    ERIC Educational Resources Information Center

    Williams, Christopher

    2000-01-01

    Provides an assessment of international education as a discipline, and outlines the global security framework. Examines how this framework is reflected in the forms of analysis used by international educationists. Suggests how the central purpose of global security, namely ensuring human survival, could be adopted within international education to…

  12. A threat intelligence framework for access control security in the oil industry

    NASA Astrophysics Data System (ADS)

    Alaskandrani, Faisal T.

    The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

  13. Security framework for networked storage system based on artificial immune system

    NASA Astrophysics Data System (ADS)

    Huang, Jianzhong; Xie, Changsheng; Zhang, Chengfeng; Zhan, Ling

    2007-11-01

    This paper proposed a theoretical framework for the networked storage system addressing the storage security. The immune system is an adaptive learning system, which can recognize, classify and eliminate 'non-self' such as foreign pathogens. Thus, we introduced the artificial immune technique to the storage security research, and proposed a full theoretical framework for storage security system. Under this framework, it is possible to carry out the quantitative evaluation for the storage security system using modeling language of artificial immune system (AIS), and the evaluation can offer security consideration for the deployment of networked storage system. Meanwhile, it is potential to obtain the active defense technique suitable for networked storage system via exploring the principle of AIS and achieve a highly secure storage system with immune characteristic.

  14. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    PubMed

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time. PMID:25199651

  15. A Framework for the Governance of Information Security

    ERIC Educational Resources Information Center

    Edwards, Charles K.

    2013-01-01

    Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

  16. Towards a Relation Extraction Framework for Cyber-Security Concepts

    SciTech Connect

    Jones, Corinne L; Bridges, Robert A; Huffer, Kelly M; Goodall, John R

    2015-01-01

    In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised NLP and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.

  17. Framework for securing personal health data in clinical decision support systems.

    PubMed

    Sandell, Protik

    2007-01-01

    If appropriate security mechanisms aren't in place, individuals and groups can get unauthorized access to personal health data residing in clinical decision support systems (CDSS). These concerns are well founded; there has been a dramatic increase in reports of security incidents. The paper provides a framework for securing personal health data in CDSS. The framework breaks down CDSS into data gathering, data management and data delivery functions. It then provides the vulnerabilities that can occur in clinical decision support activities and the measures that need to be taken to protect the data. The framework is applied to protect the confidentiality, integrity and availability of personal health data in a decision support system. Using the framework, project managers and architects can assess the potential risk of unauthorized data access in their decision support system. Moreover they can design systems and procedures to effectively secure personal health data. PMID:17583166

  18. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

    PubMed Central

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

    2015-01-01

    Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

  19. A Cluster-Based Framework for the Security of Medical Sensor Environments

    NASA Astrophysics Data System (ADS)

    Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

    The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

  20. Towards A Network-of-Networks Framework for Cyber Security

    SciTech Connect

    Halappanavar, Mahantesh; Choudhury, Sutanay; Hogan, Emilie A.; Hui, Peter SY; Johnson, John R.; Ray, Indrajit; Holder, Lawrence B.

    2013-06-07

    Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this paper we build towards a three-layer NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We then discuss the potential benefits of graph-theoretic analysis enabled from such a model. Our goal is to provide a novel and powerful tool for modeling and analyzing problems in cyber security.

  1. A Framework for Understanding and Applying Ethical Principles in Network and Security Research

    NASA Astrophysics Data System (ADS)

    Kenneally, Erin; Bailey, Michael; Maughan, Douglas

    Current information and communications technology poses a variety of ethical challenges for researchers. In this paper, we present an intellectual framework for understanding and applying ethical principles in networking and security research rooted in the guidance suggested by an ongoing Department of Homeland Security working group on ethics. By providing this prototype ethical impact assessment, we seek to encourage community feedback on the working group's nascent efforts and spur researchers to concretely evaluate the ethical impact of their work.

  2. K-12 access to internet: Securing the legal framework

    NASA Astrophysics Data System (ADS)

    Blauassociate, Andrew

    1993-09-01

    While many people in government, education, and industry have lauded the potential educational value of Internet access for students in grades K-12, there is as yet no legal or regulatory framework within which this new medium is being offered to students. The Communications Policy Forum, a nonpartisan project of the Electronic Frontier Foundation, recently convened a roundtable to discuss some of the legal issues that arise when K-12 schools provide Internet access to their students. Approximately 15 people, representing carriers who provide connections to the Internet, schools or school systems who are connected to the Internet, and legal experts with expertise in this and related areas, met to discuss questions of legal liability as this new medium enters an educational setting for minors. The following attempts to capture the major issues, suggestions, and directions for further collaborative efforts raised during the course of that discussion. In brief, the group identified statutory language aimed at other types of electronic communication that may offer some guidance; was briefed on a host of state laws that could be used to prosecute providers of certain materials found on the Internet; and concluded that there is no case law that clearly applies to this setting. The discussion revealed an interest in anticipating issues and developing responses before problems arose, and the need for shared approaches to allow carriers to move forward in serving and expanding this field. Members of the group offered to pursue these issues jointly and agreed upon a handful of concrete steps for further exploration and discussion.

  3. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    PubMed Central

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  4. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

    PubMed

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  5. Policy Framework for Addressing Personal Security Issues Concerning Women and Girls. National Strategy on Community Safety and Crime Prevention.

    ERIC Educational Resources Information Center

    National Crime Prevention Centre, Ottawa (Ontario).

    This document presents a policy framework for improving the personal security of women and girls. The document includes: (1) "Introduction"; (2) "Policy Background" (the concept of personal security, the societal context of women's personal security, consequences of violence for women and girls, long-term policy concern, and building an integrated…

  6. Food security in a perfect storm: using the ecosystem services framework to increase understanding

    PubMed Central

    Poppy, G. M.; Chiotha, S.; Eigenbrod, F.; Harvey, C. A.; Honzák, M.; Hudson, M. D.; Jarvis, A.; Madise, N. J.; Schreckenberg, K.; Shackleton, C. M.; Villa, F.; Dawson, T. P.

    2014-01-01

    Achieving food security in a ‘perfect storm’ scenario is a grand challenge for society. Climate change and an expanding global population act in concert to make global food security even more complex and demanding. As achieving food security and the millennium development goal (MDG) to eradicate hunger influences the attainment of other MDGs, it is imperative that we offer solutions which are complementary and do not oppose one another. Sustainable intensification of agriculture has been proposed as a way to address hunger while also minimizing further environmental impact. However, the desire to raise productivity and yields has historically led to a degraded environment, reduced biodiversity and a reduction in ecosystem services (ES), with the greatest impacts affecting the poor. This paper proposes that the ES framework coupled with a policy response framework, for example Driver-Pressure-State-Impact-Response (DPSIR), can allow food security to be delivered alongside healthy ecosystems, which provide many other valuable services to humankind. Too often, agro-ecosystems have been considered as separate from other natural ecosystems and insufficient attention has been paid to the way in which services can flow to and from the agro-ecosystem to surrounding ecosystems. Highlighting recent research in a large multi-disciplinary project (ASSETS), we illustrate the ES approach to food security using a case study from the Zomba district of Malawi. PMID:24535394

  7. Integrated Framework for Information Security in Mobile Banking Service Based on Smart Phone

    NASA Astrophysics Data System (ADS)

    Shin, Yong-Nyuo; Chun, Myung Geun

    Since Apple launched the iPhone service in November 2009 in Korea, smartphone banking users are increasing dramatically, forcing lenders to develop new products to deal with such demand. The bank of korea took the lead in jointing together to create a mobile banking application that each bank can adapt for its own use. In providing smartphone services, it is of critical importance to take the proper security measures, because these services, while offering excellent mobility and convenience, can be easily exposed to various infringement threats. This paper proposes a security framework that should be taken into account by the joint smartphone-based mobile banking development project. The purpose of this paper lies in recognizing the value of smartphones as well as the security threats that are exposed when smartphones are introduced, and provides countermeasures against those threats, so that an integrated information security framework for reliable smartphone-based mobile financial services can be prepared, by explicitly presenting the difference between personal computers and smartphones from the perspective of security.

  8. Attachment Based Treatments for Adolescents: The Secure Cycle as a Framework for Assessment, Treatment and Evaluation

    PubMed Central

    Kobak, Roger; Zajac, Kristyn; Herres, Joanna; KrauthamerEwing, E. Stephanie

    2016-01-01

    The emergence of ABTs for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: 1) the child or adult’s IWM of the caregiver; 2) emotionally attuned communication; and 3) the caregiver’s IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main’s contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components. PMID:25744572

  9. Attachment based treatments for adolescents: the secure cycle as a framework for assessment, treatment and evaluation.

    PubMed

    Kobak, Roger; Zajac, Kristyn; Herres, Joanna; Krauthamer Ewing, E Stephanie

    2015-01-01

    The emergence of attachment-based treatments (ABTs) for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: (1) the child or adult's IWM of the caregiver; (2) emotionally attuned communication; and (3) the caregiver's IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main's contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components. PMID:25744572

  10. A study of IEEE 802.15.4 security framework for wireless body area networks.

    PubMed

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

  11. A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

    PubMed Central

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

  12. A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

    PubMed

    Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

    2014-08-01

    This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers. PMID:24708041

  13. One Health in food safety and security education: A curricular framework.

    PubMed

    Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

    2016-02-01

    The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts. PMID:26851591

  14. No stable dissipative phantom scenario in the framework of a complete cosmological dynamics

    NASA Astrophysics Data System (ADS)

    Cruz, Norman; Lepe, Samuel; Leyva, Yoelsy; Peña, Francisco; Saavedra, Joel

    2014-10-01

    We investigate the phase space dynamics of a bulk viscosity model in the Eckart approach for a spatially flat Friedmann-Robertson-Walker universe. We have included two barotropic fluids and a dark energy component. One of the barotropic fluids is treated as an imperfect fluid having bulk viscosity, whereas the other components are assumed to behave as perfect fluids. Both barotropic fluids are identified as either radiation or dark matter. Considering that the bulk viscosity acts on either radiation or dark matter, we find that viscous phantom solutions with stable behavior are not allowed in the framework of complete cosmological dynamics. Only an almost zero value of the bulk viscosity allows a transition from a radiation-dominated to a matter-dominated epoch, which then evolves to an accelerated late time expansion, dominated by dark energy.

  15. A motion detection-based framework for improving image quality of CCTV security systems.

    PubMed

    Chiu, Shih-Hsuan; Lu, Chuan-Pin; Wen, Che-Yen

    2006-09-01

    Closed-circuit television (CCTV) security systems have been widely used in banks, convenience stores, and other facilities. They are useful to deter crime and depict criminal activity. However, CCTV cameras that provide an overview of a monitored region can be useful for criminal investigation but sometimes can also be used for object identification (e.g., vehicle numbers, persons, etc.). In this paper, we propose a framework for improving the image quality of CCTV security systems. This framework is based upon motion detection technology. There are two cameras in the framework: one camera (camera A) is fixed focus with a zoom lens for moving-object detection, and the other one (camera B) is variable focus with an auto-zoom lens to capture higher resolution images of the objects of interest. When camera A detects a moving object in the monitored area, camera B, driven by an auto-zoom focus control algorithm, will take a higher resolution image of the object of interest. Experimental results show that the proposed framework can improve the likelihood that images obtained from stationary unattended CCTV cameras are sufficient to enable law enforcement officials to identify suspects and other objects of interest. PMID:17018091

  16. Generic framework for the secure Yuen 2000 quantum-encryption protocol employing the wire-tap channel approach

    SciTech Connect

    Mihaljevic, Miodrag J.

    2007-05-15

    It is shown that the security, against known-plaintext attacks, of the Yuen 2000 (Y00) quantum-encryption protocol can be considered via the wire-tap channel model assuming that the heterodyne measurement yields the sample for security evaluation. Employing the results reported on the wire-tap channel, a generic framework is proposed for developing secure Y00 instantiations. The proposed framework employs a dedicated encoding which together with inherent quantum noise at the attacker's side provides Y00 security.

  17. Synchromodal optical in vivo imaging employing microlens array optics: a complete framework

    NASA Astrophysics Data System (ADS)

    Peter, Joerg

    2013-03-01

    A complete mathematical framework for preclinical optical imaging (OI) support comprising bioluminescence imaging (BLI), fluorescence surface imaging (FSI) and fluorescence optical tomography (FOT) is presented in which optical data is acquired by means of a microlens array (MLA) based light detector (MLA-D). The MLA-D has been developed to enable unique OI, especially in synchromodal operation with secondary imaging modalities (SIM) such as positron emission tomography (PET) or magnetic resonance imaging (MRI). An MLA-D consists of a (large-area) photon sensor array, a matched MLA for field-of-view definition, and a septum mask of specific geometry made of anodized aluminum that is positioned between the sensor and the MLA to suppresses light cross-talk and to shield the sensor's radiofrequency interference signal (essential when used inside an MRI system). The software framework, while freely parameterizable for any MLA-D, is tailored towards an OI prototype system for preclinical SIM application comprising a multitude of cylindrically assembled, gantry-mounted, simultaneously operating MLA-D's. Besides the MLA-D specificity, the framework incorporates excitation and illumination light-source declarations of large-field and point geometry to facilitate multispectral FSI and FOT as well as three-dimensional object recognition. When used in synchromodal operation, reconstructed tomographic SIM volume data can be used for co-modal image fusion and also as a prior for estimating the imaged object's 3D surface by means of gradient vector flow. Superimposed planar (without object prior) or surface-aligned inverse mapping can be performed to estimate and to fuse the emission light map with the boundary of the imaged object. Triangulation and subsequent optical reconstruction (FOT) or constrained flow estimation (BLI), both including the possibility of SIM priors, can be performed to estimate the internal three-dimensional emission light distribution. The framework is

  18. Development of a privacy and security policy framework for a multistate comparative effectiveness research network.

    PubMed

    Kim, Katherine K; McGraw, Deven; Mamo, Laura; Ohno-Machado, Lucila

    2013-08-01

    Comparative effectiveness research (CER) conducted in distributed research networks (DRNs) is subject to different state laws and regulations as well as institution-specific policies intended to protect privacy and security of health information. The goal of the Scalable National Network for Effectiveness Research (SCANNER) project is to develop and demonstrate a scalable, flexible technical infrastructure for DRNs that enables near real-time CER consistent with privacy and security laws and best practices. This investigation began with an analysis of privacy and security laws and state health information exchange (HIE) guidelines applicable to SCANNER participants from California, Illinois, Massachusetts, and the Federal Veteran's Administration. A 7-member expert panel of policy and technical experts reviewed the analysis and gave input into the framework during 5 meetings held in 2011-2012. The state/federal guidelines were applied to 3 CER use cases: safety of new oral hematologic medications; medication therapy management for patients with diabetes and hypertension; and informational interventions for providers in the treatment of acute respiratory infections. The policy framework provides flexibility, beginning with a use-case approach rather than a one-size-fits-all approach. The policies may vary depending on the type of patient data shared (aggregate counts, deidentified, limited, and fully identified datasets) and the flow of data. The types of agreements necessary for a DRN may include a network-level and data use agreements. The need for flexibility in the development and implementation of policies must be balanced with responsibilities of data stewardship. PMID:23774516

  19. A secure and easy-to-implement web-based communication framework for caregiving robot teams

    NASA Astrophysics Data System (ADS)

    Tuna, G.; Daş, R.; Tuna, A.; Örenbaş, H.; Baykara, M.; Gülez, K.

    2016-03-01

    In recent years, robots have started to become more commonplace in our lives, from factory floors to museums, festivals and shows. They have started to change how we work and play. With an increase in the population of the elderly, they have also been started to be used for caregiving services, and hence many countries have been investing in the robot development. The advancements in robotics and wireless communications has led to the emergence of autonomous caregiving robot teams which cooperate to accomplish a set of tasks assigned by human operators. Although wireless communications and devices are flexible and convenient, they are vulnerable to many risks compared to traditional wired networks. Since robots with wireless communication capability transmit all data types, including sensory, coordination, and control, through radio frequencies, they are open to intruders and attackers unless protected and their openness may lead to many security issues such as data theft, passive listening, and service interruption. In this paper, a secure web-based communication framework is proposed to address potential security threats due to wireless communication in robot-robot and human-robot interaction. The proposed framework is simple and practical, and can be used by caregiving robot teams in the exchange of sensory data as well as coordination and control data.

  20. Comprehensive security framework for the communication and storage of medical images

    NASA Astrophysics Data System (ADS)

    Slik, David; Montour, Mike; Altman, Tym

    2003-05-01

    Confidentiality, integrity verification and access control of medical imagery and associated metadata is critical for the successful deployment of integrated healthcare networks that extend beyond the department level. As medical imagery continues to become widely accessed across multiple administrative domains and geographically distributed locations, image data should be able to travel and be stored on untrusted infrastructure, including public networks and server equipment operated by external entities. Given these challenges associated with protecting large-scale distributed networks, measures must be taken to protect patient identifiable information while guarding against tampering, denial of service attacks, and providing robust audit mechanisms. The proposed framework outlines a series of security practices for the protection of medical images, incorporating Transport Layer Security (TLS), public and secret key cryptography, certificate management and a token based trusted computing base. It outlines measures that can be utilized to protect information stored within databases, online and nearline storage, and during transport over trusted and untrusted networks. In addition, it provides a framework for ensuring end-to-end integrity of image data from acquisition to viewing, and presents a potential solution to the challenges associated with access control across multiple administrative domains and institution user bases.

  1. Agile enterprise development framework utilizing services principles for building pervasive security

    NASA Astrophysics Data System (ADS)

    Farroha, Deborah; Farroha, Bassam

    2011-06-01

    We are in an environment of continuously changing mission requirements and therefore our Information Systems must adapt to accomplish new tasks, quicker, in a more proficient manner. Agility is the only way we will be able to keep up with this change. But there are subtleties that must be considered as we adopt various agile methods: secure, protect, control and authenticate are all elements needed to posture our Information Technology systems to counteract the real and perceived threats in today's environment. Many systems have been tasked to ingest process and analyze different data sets than they were originally designed for and they have to interact with multiple new systems that were unaccounted for at design time. Leveraging the tenets of security, we have devised a new framework that takes agility into a new realm where the product will built to work in a service-based environment but is developed using agile processes. Even though these two criteria promise to hone the development effort, they actually contradict each other in philosophy where Services require stable interfaces, while Agile focuses on being flexible and tolerate changes up to much later stages of development. This framework is focused on enabling a successful product development that capitalizes on both philosophies.

  2. A Secure Multicast Framework in Large and High-Mobility Network Groups

    NASA Astrophysics Data System (ADS)

    Lee, Jung-San; Chang, Chin-Chen

    With the widespread use of Internet applications such as Teleconference, Pay-TV, Collaborate tasks, and Message services, how to construct and distribute the group session key to all group members securely is becoming and more important. Instead of adopting the point-to-point packet delivery, these emerging applications are based upon the mechanism of multicast communication, which allows the group member to communicate with multi-party efficiently. There are two main issues in the mechanism of multicast communication: Key Distribution and Scalability. The first issue is how to distribute the group session key to all group members securely. The second one is how to maintain the high performance in large network groups. Group members in conventional multicast systems have to keep numerous secret keys in databases, which makes it very inconvenient for them. Furthermore, in case that a member joins or leaves the communication group, many involved participants have to change their own secret keys to preserve the forward secrecy and the backward secrecy. We consequently propose a novel version for providing secure multicast communication in large network groups. Our proposed framework not only preserves the forward secrecy and the backward secrecy but also possesses better performance than existing alternatives. Specifically, simulation results demonstrate that our scheme is suitable for high-mobility environments.

  3. Towards global phosphorus security: a systems framework for phosphorus recovery and reuse options.

    PubMed

    Cordell, D; Rosemarin, A; Schröder, J J; Smit, A L

    2011-08-01

    Human intervention in the global phosphorus cycle has mobilised nearly half a billion tonnes of the element from phosphate rock into the hydrosphere over the past half century. The resultant water pollution concerns have been the main driver for sustainable phosphorus use (including phosphorus recovery). However the emerging global challenge of phosphorus scarcity with serious implications for future food security, means phosphorus will also need to be recovered for productive reuse as a fertilizer in food production to replace increasingly scarce and more expensive phosphate rock. Through an integrated and systems framework, this paper examines the full spectrum of sustainable phosphorus recovery and reuse options (from small-scale low-cost to large-scale high-tech), facilitates integrated decision-making and identifies future opportunities and challenges for achieving global phosphorus security. Case studies are provided rather than focusing on a specific technology or process. There is no single solution to achieving a phosphorus-secure future: in addition to increasing phosphorus use efficiency, phosphorus will need to be recovered and reused from all current waste streams throughout the food production and consumption system (from human and animal excreta to food and crop wastes). There is a need for new sustainable policies, partnerships and strategic frameworks to develop renewable phosphorus fertilizer systems for farmers. Further research is also required to determine the most sustainable means in a given context for recovering phosphorus from waste streams and converting the final products into effective fertilizers, accounting for life cycle costs, resource and energy consumption, availability, farmer accessibility and pollution. PMID:21414650

  4. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    NASA Technical Reports Server (NTRS)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  5. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    NASA Astrophysics Data System (ADS)

    Mohammadi, Hadi

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to create and design a Security and Critical Patch Management Process (SCPMP) framework based on Systems Engineering (SE) principles. This framework will assist Information Technology Department Staff (ITDS) to reduce IT operating time and costs and mitigate the risk of security and vulnerability attacks. Further, this study evaluates implementation of the SCPMP in the networked computing systems of an academic environment in order to: 1. Meet patch management requirements by applying SE principles. 2. Reduce the cost of IT operations and PVM cycles. 3. Improve the current PVM methodologies to prevent networked computing systems from becoming the targets of security vulnerability attacks. 4. Embed a Maintenance Optimization Tool (MOT) in the proposed framework. The MOT allows IT managers to make the most practicable choice of methods for deploying and installing released patches and vulnerability remediation. In recent years, there has been a variety of frameworks for security practices in every networked computing system to protect computer workstations from becoming compromised or vulnerable to security attacks, which can expose important information and critical data. I have developed a new mechanism for implementing PVM for maximizing security-vulnerability maintenance, protecting OS and software packages, and minimizing SCPMP cost. To increase computing system security in any diverse environment, particularly in academia, one must apply SCPMP. I propose an optimal maintenance policy that will allow ITDS to measure and estimate the variation of PVM cycles based on their department's requirements. My results demonstrate that

  6. Agreed Framework and KEDO: The role of the United States in Korean security

    SciTech Connect

    Gamble, A.J.

    1999-06-01

    The US is moving from a leading security guarantor of the ROK to a mediator of the Korean dispute. The US should understand this fundamental change and adjust its relationship with the ROK and the DPRK to maintain the possibility of Korean reunification. The Agreed Framework is a deal between the US and the DPRK to stop the DPRK`s nuclear program in exchange for energy resources. The Agreed Framework forces the US to go beyond its traditional ROK supportive policy to deal with the DPRK`s nuclear ambition. The US should assess the goals of the PRC, ROK, DPRK, and Japan on the Korean peninsula to determine if a change in policy will enhance the probability of a soft landing by the DPRK. To conduct this assessment, the goals of all nations and the DPRK`s nuclear ambition have been developed. A graphical summary of the subjective analysis was used to pick the US policy option that shows the best credible and clear logic, and mitigates most effectively any international criticism that may dilute the sound reasoning of future policy. The US should change its current policy to mediate the Korean dispute and increase the probability that all concerned actors meet their goals on the Korean peninsula.

  7. Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS).

    SciTech Connect

    Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

    2008-08-01

    The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework.

  8. A blue/green water-based accounting framework for assessment of water security

    NASA Astrophysics Data System (ADS)

    Rodrigues, Dulce B. B.; Gupta, Hoshin V.; Mendiondo, Eduardo M.

    2014-09-01

    A comprehensive assessment of water security can incorporate several water-related concepts, while accounting for Blue and Green Water (BW and GW) types defined in accordance with the hydrological processes involved. Here we demonstrate how a quantitative analysis of provision probability and use of BW and GW can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 km2) within the Cantareira Water Supply System in Brazil. To provide a more comprehensive basis for decision making, we analyze the BW and GW-Footprint components against probabilistic levels (50th and 30th percentile) of freshwater availability for human activities, during a 23 year period. Several contrasting situations of BW provision are distinguished, using different hydrological-based methodologies for specifying monthly Environmental Flow Requirements (EFRs), and the risk of natural EFR violation is evaluated by use of a freshwater provision index. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin. Taking into account conservation targets for the basin, it appears that the more restrictive EFR methods are more appropriate than the method currently employed at the study basin. The blue/green water-based accounting framework developed here provides a useful integration of hydrologic, ecosystem and human needs information on a monthly basis, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise.

  9. A Blue/Green Water-based Accounting Framework for Assessment of Water Security

    NASA Astrophysics Data System (ADS)

    Rodrigues, D. B.; Gupta, H. V.; Mendiondo, E. M.

    2013-12-01

    A comprehensive assessment of water security can incorporate several water-related concepts, including provisioning and support for freshwater ecosystem services, water footprint, water scarcity, and water vulnerability, while accounting for Blue and Green Water (BW and GW) flows defined in accordance with the hydrological processes involved. Here, we demonstrate how a quantitative analysis of provisioning and demand (in terms of water footprint) for BW and GW ecosystem services can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 sq.km) within the Cantareira water supply system in Brazil. To provide a more comprehensive basis for decision-making, we compute the BW provision using three different hydrological-based methods for specifying monthly Environmental Flow Requirements (EFRs) for 23 year-period. The current BW-Footprint was defined using surface water rights for reference year 2012. Then we analyzed the BW- and GW-Footprints against long-term series of monthly values of freshwater availability. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin, and help to distinguish between human and natural reasons (drought) for conditions of insecurity. The Blue/Green water-based accounting framework developed here can be benchmarked at a range of spatial scales, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise. Future investigation will be necessary to better understand the intra-annual variability of blue water demand and to evaluate the impacts of uncertainties associated with a) the water rights database, b) the effects of climate change projections on blue and green freshwater provision.

  10. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    SciTech Connect

    Ezell, Matthew A; Rogers, Gary L; Peterson, Gregory D.

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  11. Completing the Link between Exposure Science and Toxicology for Improved Environmental Health Decision Making: The Aggregate Exposure Pathway Framework.

    PubMed

    Teeguarden, Justin G; Tan, Yu-Mei; Edwards, Stephen W; Leonard, Jeremy A; Anderson, Kim A; Corley, Richard A; Kile, Molly L; Simonich, Staci M; Stone, David; Tanguay, Robert L; Waters, Katrina M; Harper, Stacey L; Williams, David E

    2016-05-01

    Driven by major scientific advances in analytical methods, biomonitoring, computation, and a newly articulated vision for a greater impact in public health, the field of exposure science is undergoing a rapid transition from a field of observation to a field of prediction. Deployment of an organizational and predictive framework for exposure science analogous to the "systems approaches" used in the biological sciences is a necessary step in this evolution. Here we propose the aggregate exposure pathway (AEP) concept as the natural and complementary companion in the exposure sciences to the adverse outcome pathway (AOP) concept in the toxicological sciences. Aggregate exposure pathways offer an intuitive framework to organize exposure data within individual units of prediction common to the field, setting the stage for exposure forecasting. Looking farther ahead, we envision direct linkages between aggregate exposure pathways and adverse outcome pathways, completing the source to outcome continuum for more meaningful integration of exposure assessment and hazard identification. Together, the two frameworks form and inform a decision-making framework with the flexibility for risk-based, hazard-based, or exposure-based decision making. PMID:26759916

  12. Completing the link between exposure science and toxicology for improved environmental health decision making: The aggregate exposure pathway framework

    DOE PAGESBeta

    Teeguarden, Justin G.; Tan, Yu -Mei; Edwards, Stephen W.; Leonard, Jeremy A.; Anderson, Kim A.; Corley, Richard A.; Kile, Molly L.; Simonich, Staci M.; Stone, David; Tanguay, Robert L.; et al

    2016-01-13

    Here, driven by major scientific advances in analytical methods, biomonitoring, computation, and a newly articulated vision for a greater impact in public health, the field of exposure science is undergoing a rapid transition from a field of observation to a field of prediction. Deployment of an organizational and predictive framework for exposure science analogous to the “systems approaches” used in the biological sciences is a necessary step in this evolution. Here we propose the aggregate exposure pathway (AEP) concept as the natural and complementary companion in the exposure sciences to the adverse outcome pathway (AOP) concept in the toxicological sciences.more » Aggregate exposure pathways offer an intuitive framework to organize exposure data within individual units of prediction common to the field, setting the stage for exposure forecasting. Looking farther ahead, we envision direct linkages between aggregate exposure pathways and adverse outcome pathways, completing the source to outcome continuum for more meaningful integration of exposure assessment and hazard identification. Together, the two frameworks form and inform a decision-making framework with the flexibility for risk-based, hazard-based, or exposure-based decision making.« less

  13. The Chain-Link Fence Model: A Framework for Creating Security Procedures

    ERIC Educational Resources Information Center

    Houghton, Robert F.

    2013-01-01

    A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

  14. Completing the Link between Exposure Science and Toxicology for Improved Environmental Health Decision Making: The Aggregate Exposure Pathway Framework

    PubMed Central

    Teeguarden, Justin. G.; Tan, Yu-Mei; Edwards, Stephen W.; Leonard, Jeremy A.; Anderson, Kim A.; Corley, Richard A.; Harding, Anna K; Kile, Molly L.; Simonich, Staci M; Stone, David; Tanguay, Robert L.; Waters, Katrina M.; Harper, Stacey L.; Williams, David E.

    2016-01-01

    Synopsis Driven by major scientific advances in analytical methods, biomonitoring, computational tools, and a newly articulated vision for a greater impact in public health, the field of exposure science is undergoing a rapid transition from a field of observation to a field of prediction. Deployment of an organizational and predictive framework for exposure science analogous to the “systems approaches” used in the biological sciences is a necessary step in this evolution. Here we propose the Aggregate Exposure Pathway (AEP) concept as the natural and complementary companion in the exposure sciences to the Adverse Outcome Pathway (AOP) concept in the toxicological sciences. Aggregate exposure pathways offer an intuitive framework to organize exposure data within individual units of prediction common to the field, setting the stage for exposure forecasting. Looking farther ahead, we envision direct linkages between aggregate exposure pathways and adverse outcome pathways, completing the source to outcome continuum for more efficient integration of exposure assessment and hazard identification. Together, the two pathways form and inform a decision-making framework with the flexibility for risk-based, hazard-based, or exposure-based decision making. PMID:26759916

  15. The Perceptions of U.S.-Based IT Security Professionals about the Effectiveness of IT Security Frameworks: A Quantitative Study

    ERIC Educational Resources Information Center

    Warfield, Douglas L.

    2011-01-01

    The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

  16. State Regulatory Authority (SRA) Coordination of Safety, Security, and Safeguards of Nuclear Facilities: A Framework for Analysis

    SciTech Connect

    Mladineo, Stephen V.; Frazar, Sarah L.; Kurzrok, Andrew J.; Martikka, Elina; Hack, Tapani; Wiander, Timo

    2013-05-30

    This paper will explore the development of a framework for conducting an assessment of safety-security-safeguards integration within a State. The goal is to examine State regulatory structures to identify conflicts and gaps that hinder management of the three disciplines at nuclear facilities. Such an analysis could be performed by a State Regulatory Authority (SRA) to provide a self-assessment or as part of technical cooperation with either a newcomer State, or to a State with a fully developed SRA.

  17. An Autonomic Framework for Integrating Security and Quality of Service Support in Databases

    ERIC Educational Resources Information Center

    Alomari, Firas

    2013-01-01

    The back-end databases of multi-tiered applications are a major data security concern for enterprises. The abundance of these systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Therefore, providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical…

  18. Complexity Studies and Security in the Complex World: An Epistemological Framework of Analysis

    NASA Astrophysics Data System (ADS)

    Mesjasz, Czeslaw

    The impact of systems thinking can be found in numerous security-oriented research, beginning from the early works on international system: Pitrim Sorokin, Quincy Wright, first models of military conflict and war: Frederick Lanchester, Lewis F. Richardson, national and military security (origins of RAND Corporation), through development of game theory-based conflict studies, International Relations, classical security studies of Morton A. Kaplan, Karl W. Deutsch [Mesjasz 1988], and ending with contemporary ideas of broadened concepts of security proposed by the Copenhagen School [Buzan et al 1998]. At present it may be even stated that the new military and non-military threats to contemporary complex society, such as low-intensity conflicts, regional conflicts, terrorism, environmental disturbances, etc. cannot be embraced without ideas taken from modern complex systems studies.

  19. A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

    PubMed

    Andrijcic, Eva; Horowitz, Barry

    2006-08-01

    The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented. PMID:16948685

  20. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  1. Security Framework for Pervasive Healthcare Architectures Utilizing MPEG-21 IPMP Components

    PubMed Central

    Fragopoulos, Anastasios; Gialelis, John; Serpanos, Dimitrios

    2009-01-01

    Nowadays in modern and ubiquitous computing environments, it is imperative more than ever the necessity for deployment of pervasive healthcare architectures into which the patient is the central point surrounded by different types of embedded and small computing devices, which measure sensitive physical indications, interacting with hospitals databases, allowing thus urgent medical response in occurrences of critical situations. Such environments must be developed satisfying the basic security requirements for real-time secure data communication, and protection of sensitive medical data and measurements, data integrity and confidentiality, and protection of the monitored patient's privacy. In this work, we argue that the MPEG-21 Intellectual Property Management and Protection (IPMP) components can be used in order to achieve protection of transmitted medical information and enhance patient's privacy, since there is selective and controlled access to medical data that sent toward the hospital's servers. PMID:19132095

  2. Securing the Place of Educating for Sustainable Development within Existing Curriculum Frameworks: A Reflective Analysis

    ERIC Educational Resources Information Center

    Metz, Don; McMillan, Barbara; Maxwell, Mona; Tetrault, Amanda

    2010-01-01

    Educating for sustainable development (ESD) is generally found within existing disciplinary frameworks. In this paper, our intent is to compare the views and practices of environmental educators who pursue ESD from a perspective different from what is occurring in our own constituency. We collected data on curriculum, teaching perspectives and…

  3. TRENCADIS - secure architecture to share and manage DICOM objects in a ontological framework based on OGSA.

    PubMed

    Blanquer, Ignacio; Hernandez, Vicente; Segrelles, Damià; Torres, Erik

    2007-01-01

    Today most European healthcare centers use the digital format for their databases of images. TRENCADIS is a software architecture comprising a set of services as a solution for interconnecting, managing and sharing selected parts of medical DICOM data for the development of training and decision support tools. The organization of the distributed information in virtual repositories is based on semantic criteria. Different groups of researchers could organize themselves to propose a Virtual Organization (VO). These VOs will be interested in specific target areas, and will share information concerning each area. Although the private part of the information to be shared will be removed, special considerations will be taken into account to avoid the access by non-authorized users. This paper describes the security model implemented as part of TRENCADIS. The paper is organized as follows. First introduces the problem and presents our motivations. Section 1 defines the objectives. Section 2 presents an overview of the existing proposals per objective. Section 3 outlines the overall architecture. Section 4 describes how TRENCADIS is architected to realize the security goals discussed in the previous sections. The different security services and components of the infrastructure are briefly explained, as well as the exposed interfaces. Finally, Section 5 concludes and gives some remarks on our future work. PMID:17476054

  4. Complete mouth reconstruction with implant-supported fixed partial dental prostheses fabricated with zirconia frameworks: a 4-year clinical follow-up.

    PubMed

    Puri, Shweta; Parciak, Ewa C; Kattadiyil, Mathew T

    2014-09-01

    Few scientific reports regarding the success of complete mouth partial fixed dental prostheses frameworks fabricated with zirconia are available, especially when dental implants serve as the abutments. A complete mouth reconstruction with zirconia frameworks veneered with feldspathic porcelain is reported involving a 65-year-old white woman who presented with partial edentulism and an unrestorable remaining dentition. After examination, 14 implants were planned (8 in the maxillary arch and 6 in the mandibular arch), and implant-supported zirconia framework screw-retained partial fixed dental prostheses (ISZPFDPs) were fabricated and made in sections for easier retrievability and management. No major complications were encountered during follow-up appointments at 6-month intervals for 4 years. However, minor fractures of the veneering ceramic were noted 4 years after placement. The ISZPFDPs were well accepted by the patient and had a favorable outcome in terms of patient acceptability and success, despite some complications. PMID:24674806

  5. The National Response Plan: a new framework for homeland security, public health, and bioterrorism response.

    PubMed

    Kamoie, Brian

    2005-01-01

    This Article provides a detailed overview of the new National Response Plan (NRP) with a focus on its applicability to bioterrorism and other public health emergencies. The Article highlights critical policy and legal issues left unresolved by the NRP, and offers recommendations for the resolution of those issues. The author concludes that, although the NRP is not perfect, it represents a major advance in domestic incident management and provides regular opportunities for review and revision as we learn how to best coordinate the national response to major incidents. A close working relationship between the Departments of Health and Human Services and Homeland Security should enable a unified response to bioterrorism and other public health emergencies in support of state and local efforts. PMID:16270671

  6. A framework for fast and secure packaging identification on mobile phones

    NASA Astrophysics Data System (ADS)

    Diephuis, Maurits; Voloshynovskiy, Svyatoslav; Holotyak, Taras; Stendardo, Nabil; Keel, Bruno

    2014-02-01

    In this paper, we address the problem of fast and secure packaging identification on mobile phones. It is a well known fact that consumer goods are counterfeited on a massive scale in certain regions of the world, illustrating how existing counter measures fall short or don't exist at all, as can be seen in the local absence of laws pertaining to brand protection. This paper introduces a technological tool that allows the consumer to quickly identify a product or package with a mobile device using a physical non-cloneable features in the form of a surface micro- structure image. This natural occurring identifier allows a producer or brand owner to track and trace all its products and gives the consumer a powerful tool to confirm the authenticity of an offered product.

  7. An Examination of an Information Security Framework Implementation Based on Agile Values to Achieve Health Insurance Portability and Accountability Act Security Rule Compliance in an Academic Medical Center: The Thomas Jefferson University Case Study

    ERIC Educational Resources Information Center

    Reis, David W.

    2012-01-01

    Agile project management is most often examined in relation to software development, while information security frameworks are often examined with respect to certain risk management capabilities rather than in terms of successful implementation approaches. This dissertation extended the study of both Agile project management and information…

  8. Need for a gender-sensitive human security framework: results of a quantitative study of human security and sexual violence in Djohong District, Cameroon

    PubMed Central

    2014-01-01

    Background Human security shifts traditional concepts of security from interstate conflict and the absence of war to the security of the individual. Broad definitions of human security include livelihoods and food security, health, psychosocial well-being, enjoyment of civil and political rights and freedom from oppression, and personal safety, in addition to absence of conflict. Methods In March 2010, we undertook a population-based health and livelihood study of female refugees from conflict-affected Central African Republic living in Djohong District, Cameroon and their female counterparts within the Cameroonian host community. Embedded within the survey instrument were indicators of human security derived from the Leaning-Arie model that defined three domains of psychosocial stability suggesting individuals and communities are most stable when their core attachments to home, community and the future are intact. Results While the female refugee human security outcomes describe a population successfully assimilated and thriving in their new environments based on these three domains, the ability of human security indicators to predict the presence or absence of lifetime and six-month sexual violence was inadequate. Using receiver operating characteristic (ROC) analysis, the study demonstrates that common human security indicators do not uncover either lifetime or recent prevalence of sexual violence. Conclusions These data suggest that current gender-blind approaches of describing human security are missing serious threats to the safety of one half of the population and that efforts to develop robust human security indicators should include those that specifically measure violence against women. PMID:24829613

  9. Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

    NASA Astrophysics Data System (ADS)

    Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

    2016-03-01

    Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

  10. Core Structure Elements Architectures to Facilitate Construction and Secure Interconnection of Mobile Services Frameworks and Advanced IAM Systems

    NASA Astrophysics Data System (ADS)

    Karantjias, Athanasios; Polemi, Nineta

    The impressing penetration rates of electronic and mobile networks provide the unique opportunity to organizations to provide advanced e/m-services, accelerating their entrance in the digital society, and strengthening their fundamental structure. Service Oriented Architectures (SOAs) is an acknowledged promising technology to overcome the complexity inherent to the communication among multiple e-business actors across organizational domains. Nevertheless, the need for more privacy-aware transactions raises specific challenges that SOAs need to address, including the problems of managing identities and ensuring privacy in the e/m-environment. This article presents a targeted, user-centric scalable and federated Identity Management System (IAM), calledSecIdAM, and a mobile framework for building privacy-aware, interoperable, and secure mobile applications with respect to the way that the trust relationship among the involved entities, users and SOAs, is established. Finally, it analyzes a user-transparent m-process for obtaining an authentication and authorization token, issued from the SecIdAM as integrated in the IST European programme SWEB for the public sector.

  11. Complete Transmetalation in a Metal-Organic Framework by Metal Ion Metathesis in a Single Crystal for Selective Sensing of Phosphate Ions in Aqueous Media.

    PubMed

    Asha, K S; Bhattacharjee, Rameswar; Mandal, Sukhendu

    2016-09-12

    A complete transmetalation has been achieved on a barium metal-organic framework (MOF), leading to the isolation of a new Tb-MOF in a single-crystal (SC) to single-crystal (SC) fashion. It leads to the transformation of an anionic framework with cations in the pore to one that is neutral. The mechanistic studies proposed a core-shell metal exchange through dissociation of metal-ligand bonds. This Tb-MOF exhibits enhanced photoluminescence and acts as a selective sensor for phosphate anion in aqueous medium. Thus, this work not only provides a method to functionalize a MOF that can have potential application in sensing but also elucidates the formation mechanism of the resulting MOF. PMID:27516367

  12. Moving towards a complete molecular framework of the Nematoda: a focus on the Enoplida and early-branching clades

    PubMed Central

    2010-01-01

    Background The subclass Enoplia (Phylum Nematoda) is purported to be the earliest branching clade amongst all nematode taxa, yet the deep phylogeny of this important lineage remains elusive. Free-living marine species within the order Enoplida play prominent roles in marine ecosystems, but previous molecular phylogenies have provided only the briefest evolutionary insights; this study aimed to firmly resolve internal relationships within the hyper-diverse but poorly understood Enoplida. In addition, we revisited the molecular framework of the Nematoda using a rigorous phylogenetic approach in order to investigate patterns of early splits amongst the oldest lineages (Dorylaimia and Enoplia). Results Morphological identifications, nuclear gene sequences (18S and 28S rRNA), and mitochondrial gene sequences (cox1) were obtained from marine Enoplid specimens representing 37 genera. The 18S gene was used to resolve deep splits within the Enoplia and evaluate the branching order of major clades in the nematode tree; multiple phylogenetic methods and rigorous empirical tests were carried out to assess tree topologies under different parameters and combinations of taxa. Significantly increased taxon sampling within the Enoplida resulted in a well-supported, robust phylogenetic topology of this group, although the placement of certain clades was not fully resolved. Our analysis could not unequivocally confirm the earliest splits in the nematode tree, and outgroup choice significantly affected the observed branching order of the Dorylaimia and Enoplia. Both 28S and cox1 were too variable to infer deep phylogeny, but provided additional insight at lower taxonomic levels. Conclusions Analysis of internal relationships reveals that the Enoplia is split into two main clades, with groups consisting of terrestrial (Triplonchida) and primarily marine fauna (Enoplida). Five independent lineages were recovered within the Enoplida, containing a mixture of marine and terrestrial species

  13. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    ERIC Educational Resources Information Center

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  14. A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application

    NASA Astrophysics Data System (ADS)

    Compagna, Luca; El Khoury, Paul; Massacci, Fabio; Saidane, Ayda

    Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.

  15. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    ERIC Educational Resources Information Center

    Mohammadi, Hadi

    2014-01-01

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

  16. Security for grids

    SciTech Connect

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  17. Universal framework for unmanned system penetration testing

    NASA Astrophysics Data System (ADS)

    Kobezak, Philip; Abbot-McCune, Sam; Tront, Joseph; Marchany, Randy; Wicks, Alfred

    2013-05-01

    Multiple industries, from defense to medical, are increasing their use of unmanned systems. Today, many of these systems are rapidly designed, tested, and deployed without adequate security testing. To aid the quick turnaround, commercially available subsystems and embedded components are often used. These components may introduce security vulnerabilities particularly if the designers do not fully understand their functionality and limitations. There is a need for thorough testing of unmanned systems for security vulnerabilities, which includes all subsystems. Using a penetration testing framework would help find these vulnerabilities across different unmanned systems applications. The framework should encompass all of the commonly implemented subsystems including, but not limited to, wireless networks, CAN buses, passive and active sensors, positioning receivers, and data storage devices. Potential attacks and vulnerabilities can be identified by looking at the unique characteristics of these subsystems. The framework will clearly outline the attack vectors as they relate to each subsystem. If any vulnerabilities exist, a mitigation plan can be developed prior to the completion of the design phase. Additionally, if the vulnerabilities are known in advance of deployment, monitoring can be added to the design to alert operators of any attempted or successful attacks. This proposed framework will help evaluate security risks quickly and consistently to ensure new unmanned systems are ready for deployment. Verifying that a new unmanned system has passed a comprehensive security evaluation will ensure greater confidence in its operational effectiveness.

  18. Use of the Iowa Model of Research in Practice as a Curriculum Framework for Doctor of Nursing Practice (DNP) Project Completion.

    PubMed

    Lloyd, Susan T; D'Errico, Ellen; Bristol, Shirley T

    2016-01-01

    Doctoral education requires academic motivation and persistence on the part of nursing students; commitment to the process is essential and should be linked to programmatic structure. Programmatic issues in doctor of nursing practice (DNP) programs may be barriers to completion of the final project and lead to attrition. A large, private health care university developed an infrastructure for the DNP curriculum and final project utilizing the Iowa Model of Research in Practice. The purpose was to ensure competency fulfillment, retention and timely completion, and implementation of evidence-based practice and translation science utilizing a leadership approach. The program has experienced a high completion rate to date. PMID:27164780

  19. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  20. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  1. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  2. Flexible, secure agent development framework

    DOEpatents

    Goldsmith; Steven Y.

    2009-04-07

    While an agent generator is generating an intelligent agent, it can also evaluate the data processing platform on which it is executing, in order to assess a risk factor associated with operation of the agent generator on the data processing platform. The agent generator can retrieve from a location external to the data processing platform an open site that is configurable by the user, and load the open site into an agent substrate, thereby creating a development agent with code development capabilities. While an intelligent agent is executing a functional program on a data processing platform, it can also evaluate the data processing platform to assess a risk factor associated with performing the data processing function on the data processing platform.

  3. Secure Sensor Platform

    Energy Science and Technology Software Center (ESTSC)

    2010-08-25

    The Secure Sensor Platform (SSP) software provides a framework of functionality to support the development of low-power autonomous sensors for nuclear safeguards. This framework provides four primary functional blocks of capabilities required to implement autonomous sensors. The capabilities are: communications, security, power management, and cryptography. Utilizing this framework establishes a common set of functional capabilities for seamless interoperability of any sensor based upon the SSP concept.

  4. Information Security Status in Organisations 2008

    NASA Astrophysics Data System (ADS)

    Tawileh, Anas; Hilton, Jeremy; McIntosh, Stephen

    This paper presents the results of the latest survey on information security management and pracitces in organisations. The study is based on a holistic approach to information security that does not confine itself to technical measures and technology implementations, but encompasses other equally important aspects such as human, social, motiviational and trust. In order to achieve this purpose, a comprehensive intellectual framework of the concepts of information security using Soft Systems Methodology (SSM) was utilised. The survey questions were drived from this conceptual model to ensure their coherence, completeness and relevance to the topic being addressed. The paper concludes with a discussion of the survey results and draws significant insight into the existing status of informaiton assurance in organisations that could be useful for security practitioners, researchers and managers.

  5. The Complete Set of Genes Encoding Major Intrinsic Proteins in Arabidopsis Provides a Framework for a New Nomenclature for Major Intrinsic Proteins in Plants1

    PubMed Central

    Johanson, Urban; Karlsson, Maria; Johansson, Ingela; Gustavsson, Sofia; Sjövall, Sara; Fraysse, Laure; Weig, Alfons R.; Kjellbom, Per

    2001-01-01

    Major intrinsic proteins (MIPs) facilitate the passive transport of small polar molecules across membranes. MIPs constitute a very old family of proteins and different forms have been found in all kinds of living organisms, including bacteria, fungi, animals, and plants. In the genomic sequence of Arabidopsis, we have identified 35 different MIP-encoding genes. Based on sequence similarity, these 35 proteins are divided into four different subfamilies: plasma membrane intrinsic proteins, tonoplast intrinsic proteins, NOD26-like intrinsic proteins also called NOD26-like MIPs, and the recently discovered small basic intrinsic proteins. In Arabidopsis, there are 13 plasma membrane intrinsic proteins, 10 tonoplast intrinsic proteins, nine NOD26-like intrinsic proteins, and three small basic intrinsic proteins. The gene structure in general is conserved within each subfamily, although there is a tendency to lose introns. Based on phylogenetic comparisons of maize (Zea mays) and Arabidopsis MIPs (AtMIPs), it is argued that the general intron patterns in the subfamilies were formed before the split of monocotyledons and dicotyledons. Although the gene structure is unique for each subfamily, there is a common pattern in how transmembrane helices are encoded on the exons in three of the subfamilies. The nomenclature for plant MIPs varies widely between different species but also between subfamilies in the same species. Based on the phylogeny of all AtMIPs, a new and more consistent nomenclature is proposed. The complete set of AtMIPs, together with the new nomenclature, will facilitate the isolation, classification, and labeling of plant MIPs from other species. PMID:11500536

  6. GrabBlur - a framework to facilitate the secure exchange of whole-exome and -genome SNV data using VCF files

    PubMed Central

    2014-01-01

    Background Next Generation Sequencing (NGS) of whole exomes or genomes is increasingly being used in human genetic research and diagnostics. Sharing NGS data with third parties can help physicians and researchers to identify causative or predisposing mutations for a specific sample of interest more efficiently. In many cases, however, the exchange of such data may collide with data privacy regulations. GrabBlur is a newly developed tool to aggregate and share NGS-derived single nucleotide variant (SNV) data in a public database, keeping individual samples unidentifiable. In contrast to other currently existing SNV databases, GrabBlur includes phenotypic information and contact details of the submitter of a given database entry. By means of GrabBlur human geneticists can securely and easily share SNV data from resequencing projects. GrabBlur can ease the interpretation of SNV data by offering basic annotations, genotype frequencies and in particular phenotypic information - given that this information was shared - for the SNV of interest. Tool description GrabBlur facilitates the combination of phenotypic and NGS data (VCF files) via a local interface or command line operations. Data submissions may include HPO (Human Phenotype Ontology) terms, other trait descriptions, NGS technology information and the identity of the submitter. Most of this information is optional and its provision at the discretion of the submitter. Upon initial intake, GrabBlur merges and aggregates all sample-specific data. If a certain SNV is rare, the sample-specific information is replaced with the submitter identity. Generally, all data in GrabBlur are highly aggregated so that they can be shared with others while ensuring maximum privacy. Thus, it is impossible to reconstruct complete exomes or genomes from the database or to re-identify single individuals. After the individual information has been sufficiently "blurred", the data can be uploaded into a publicly accessible domain where

  7. Secure Transportation Management

    SciTech Connect

    Gibbs, P. W.

    2014-10-15

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  8. Data security.

    PubMed

    2016-09-01

    A government-commissioned review of data security across health and care has led to the proposal of new standards for security and options for a consent/opt-out model. Standards include that all staff complete appropriate annual data security training and pass a mandatory test provided through the revised Information Governance Toolkit, that personal confidential data is only accessible to staff who need it for their current role, and that access is removed as soon as it is no longer required. The consent/opt-out model is outlined under 8 statements, and includes certain circumstances where it will not apply, for example, where there is an overriding public interest, or mandatory legal requirement. PMID:27581899

  9. Framework solutions for complete collaborative environments

    NASA Astrophysics Data System (ADS)

    Saunders, Vance M.; Maddox, Derek

    2000-06-01

    Collaboration of experts from different domains within an enterprise has always posed logistical and knowledge management challenges to managers and members of the collaboration. Scheduling meetings, arranging travel, getting data and information into the right hands at the right time all require time, money and energy that could be better spent on product development. Advances in information technology have made it easier to communicate to solve, or at least mitigate, some of these problems using e-mail, audio conferencing, and database management software, but a great detail of human intervention is still required to make these collaborations operate smoothly. Over the past ten years enterprises have come to require more than just total asset visibility and human communication capabilities. To design and field products better, faster and cheaper more human creativity and energy must be focused on the products and less on the operation of the collaboration. The collaborative environment solutions of the future must not only provide the communication and knowledge management that exist today, but also provide seamless access to resources and information, product and process modeling and the advanced decision support that results from the availability of necessary resources and information.

  10. Alternative security

    SciTech Connect

    Weston, B.H. )

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview.

  11. Space-time framework of internal measurement

    NASA Astrophysics Data System (ADS)

    Matsuno, Koichiro

    1998-07-01

    Measurement internal to material bodies is ubiquitous. The internal observer has its own local space-time framework that enables the observer to distinguish, even to a slightest degree, those material bodies fallen into that framework. Internal measurement proceeding among the internal observers come to negotiate a construction of more encompassing local framework of space and time. The construction takes place through friction among the internal observers. Emergent phenomena are related to an occurrence of enlarging the local space-time framework through the frictional negotiation among the material participants serving as the internal observers. Unless such a negotiation is obtained, the internal observers would have to move around in the local space-time frameworks of their own that are mutually incommensurable. Enhancement of material organization as demonstrated in biological evolutionary processes manifests an inexhaustible negotiation for enlarging the local space-time framework available to the internal observers. In contrast, Newtonian space-time framework, that remains absolute and all encompassing, is an asymptote at which no further emergent phenomena could be expected. It is thus ironical to expect something to emerge within the framework of Newtonian absolute space and time. Instead of being a complex and organized configuration of interaction to appear within the global space-time framework, emergent phenomena are a consequence of negotiation among the local space-time frameworks available to internal measurement. Most indicative of the negotiation of local space-time frameworks is emergence of a conscious self grounding upon the reflexive nature of perceptions, that is, a self-consciousness in short, that certainly goes beyond the Kantian transcendental subject. Accordingly, a synthetic discourse on securing consciousness upon the ground of self-consciousness can be developed, though linguistic exposition of consciousness upon self

  12. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  13. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  14. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  15. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  16. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  17. Complete diphallia.

    PubMed

    Acimi, Smail

    2008-01-01

    A case of complete diphallia in a 4-month-old boy is reported. This is the second case to be published from this institution. The embryogenesis and associated anomalies of diphallia are discussed, together with a proposal for a classification based on anatomical, functional and therapeutic aspects of the malformation. PMID:19230173

  18. ITIL{sup ®} and information security

    SciTech Connect

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-03-10

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

  19. Framework for a Risk-Informed Groundwater Compliance Strategy for Corrective Action Unit 98: Frenchman Flat, Nevada National Security Site, Nye County, Nevada, Revision 1

    SciTech Connect

    Marutzky, Sam

    2010-09-01

    Note: This document was prepared before the NTS was renamed the Nevada National Security Site (August 23, 2010); thus, all references to the site herein remain NTS. Corrective Action Unit (CAU) 98, Frenchman Flat, at the Nevada Test Site (NTS) was the location of ten underground nuclear tests between 1965 and 1971. As a result, radionuclides were released in the subsurface in the vicinity of the test cavities. Corrective Action Unit 98 and other CAUs at the NTS and offsite locations are being investigated. The Frenchman Flat CAU is one of five Underground Test Area (UGTA) CAUs at the NTS that are being evaluated as potential sources of local or regional impact to groundwater resources. For UGTA sites, including Frenchman Flat, contamination in and around the test cavities will not be remediated because it is technologically infeasible due to the depth of the test cavities (150 to 2,000 feet [ft] below ground surface) and the volume of contaminated groundwater at widely dispersed locations on the NTS. Instead, the compliance strategy for these sites is to model contaminant flow and transport, estimate the maximum spatial extent and volume of contaminated groundwater (over a period of 1,000 years), maintain institutional controls, and restrict access to potentially contaminated groundwater at areas where contaminants could migrate beyond the NTS boundaries.

  20. Security Evolution.

    ERIC Educational Resources Information Center

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  1. Collection Security.

    ERIC Educational Resources Information Center

    Boss, Richard W.

    1984-01-01

    Presents a systematic approach to the problem of security of library collections and facilities from theft and vandalism. Highlights include responses to losses, defining security needs, typical weaknesses of facilities, policies and procedures that weaken a library's security, conducting a security audit, cost of security, cost-effectiveness, and…

  2. FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption

    PubMed Central

    2015-01-01

    Background The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. Methods We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. Results The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Conclusions Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics. PMID:26733391

  3. Complete prewetting

    NASA Astrophysics Data System (ADS)

    Yatsyshin, P.; Parry, A. O.; Kalliadasis, S.

    2016-07-01

    We study continuous interfacial transitions, analagous to two-dimensional complete wetting, associated with the first-order prewetting line, which can occur on steps, patterned walls, grooves and wedges, and which are sensitive to both the range of the intermolecular forces and interfacial fluctuation effects. These transitions compete with wetting, filling and condensation producing very rich phase diagrams even for relatively simple prototypical geometries. Using microscopic classical density functional theory to model systems with realistic Lennard-Jones fluid–fluid and fluid–substrate intermolecular potentials, we compute mean-field fluid density profiles, adsorption isotherms and phase diagrams for a variety of confining geometries.

  4. 6 CFR 27.225 - Site security plans.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.225 Site security plans. (a) The Site Security Plan must... chemical facility security. (b) Except as provided in § 27.235, a covered facility must complete the...

  5. 6 CFR 27.225 - Site security plans.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.225 Site security plans. (a) The Site Security Plan must... chemical facility security. (b) Except as provided in § 27.235, a covered facility must complete the...

  6. 6 CFR 27.225 - Site security plans.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.225 Site security plans. (a) The Site Security Plan must... chemical facility security. (b) Except as provided in § 27.235, a covered facility must complete the...

  7. 6 CFR 27.225 - Site security plans.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.225 Site security plans. (a) The Site Security Plan must... chemical facility security. (b) Except as provided in § 27.235, a covered facility must complete the...

  8. 6 CFR 27.225 - Site security plans.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.225 Site security plans. (a) The Site Security Plan must... chemical facility security. (b) Except as provided in § 27.235, a covered facility must complete the...

  9. 6 CFR 27.215 - Security vulnerability assessments.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 6 Domestic Security 1 2013-01-01 2013-01-01 false Security vulnerability assessments. 27.215... FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.215 Security vulnerability...-risk, the facility must complete a Security Vulnerability Assessment. A Security...

  10. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 6 Domestic Security 1 2013-01-01 2013-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  11. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  12. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 6 Domestic Security 1 2012-01-01 2012-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  13. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  14. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  15. Complete Makeover

    NASA Technical Reports Server (NTRS)

    2004-01-01

    [figure removed for brevity, see original site]

    Released July 23, 2004 The atmosphere of Mars is a dynamic system. Water-ice clouds, fog, and hazes can make imaging the surface from space difficult. Dust storms can grow from local disturbances to global sizes, through which imaging is impossible. Seasonal temperature changes are the usual drivers in cloud and dust storm development and growth.

    Eons of atmospheric dust storm activity has left its mark on the surface of Mars. Dust carried aloft by the wind has settled out on every available surface; sand dunes have been created and moved by centuries of wind; and the effect of continual sand-blasting has modified many regions of Mars, creating yardangs and other unusual surface forms.

    We finish our look at Mars's dynamic atmosphere with an image of the surface that has been completely modified by the wind. Even the small ridges that remain have been ground down to a cliff-face with a 'tail' of eroded material. The crosshatching shows that the wind regime has remained mainly E/W to ENE/WSW.

    Image information: VIS instrument. Latitude 8.9, Longitude 221 East (139 West). 19 meter/pixel resolution.

    Note: this THEMIS visual image has not been radiometrically nor geometrically calibrated for this preliminary release. An empirical correction has been performed to remove instrumental effects. A linear shift has been applied in the cross-track and down-track direction to approximate spacecraft and planetary motion. Fully calibrated and geometrically projected images will be released through the Planetary Data System in accordance with Project policies at a later time.

    NASA's Jet Propulsion Laboratory manages the 2001 Mars Odyssey mission for NASA's Office of Space Science, Washington, D.C. The Thermal Emission Imaging System (THEMIS) was developed by Arizona State University, Tempe, in collaboration with Raytheon Santa Barbara Remote Sensing. The THEMIS investigation is led by Dr. Philip

  16. Can relativistic bit commitment lead to secure quantum oblivious transfer?

    NASA Astrophysics Data System (ADS)

    He, Guang Ping

    2015-05-01

    While unconditionally secure bit commitment (BC) is considered impossible within the quantum framework, it can be obtained under relativistic or experimental constraints. Here we study whether such BC can lead to secure quantum oblivious transfer (QOT). The answer is not completely negative. In one hand, we provide a detailed cheating strategy, showing that the "honest-but-curious adversaries" in some of the existing no-go proofs on QOT still apply even if secure BC is used, enabling the receiver to increase the average reliability of the decoded value of the transferred bit. On the other hand, it is also found that some other no-go proofs claiming that a dishonest receiver can always decode all transferred bits simultaneously with reliability 100% become invalid in this scenario, because their models of cryptographic protocols are too ideal to cover such a BC-based QOT.

  17. 46 CFR 64.45 - Securing devices.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 46 Shipping 2 2010-10-01 2010-10-01 false Securing devices. 64.45 Section 64.45 Shipping COAST... HANDLING SYSTEMS Standards for an MPT § 64.45 Securing devices. An MPT or its framework must have sufficient number of positive action securing devices, including hooks, lugs, or padeyes, to attach the...

  18. 46 CFR 64.45 - Securing devices.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 46 Shipping 2 2011-10-01 2011-10-01 false Securing devices. 64.45 Section 64.45 Shipping COAST... HANDLING SYSTEMS Standards for an MPT § 64.45 Securing devices. An MPT or its framework must have sufficient number of positive action securing devices, including hooks, lugs, or padeyes, to attach the...

  19. Security Locks

    ERIC Educational Resources Information Center

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions affected--perhaps the…

  20. Formal Verification of Security Policy Implementations in Enterprise Networks

    NASA Astrophysics Data System (ADS)

    Bera, P.; Ghosh, S. K.; Dasgupta, Pallab

    In enterprise networks, the management of security policies and their configurations becoming increasingly difficult due to complex security constraints of the organizations. In such networks, the overall organizational security policy (global policy) is defined as a collection of rules for providing service accesses between various network zones. Often, the specification of the global policy is incomplete; where all possible service access paths may not be covered explicitly by the "permit" and "deny" rules. This policy is implemented in a distributed manner through appropriate sets of access control rules (ACL rules) in the network interfaces. However, the implementation must be complete i.e., all service access paths across the network must be implemented as "permit" and "deny" ACL rules. In that case, the unspecified access paths in a given policy must be implemented as either "permit" or "deny" rules; hence there may exist multiple ACL implementations corresponding to that policy. Formally verifying that the ACL rules distributed across the network interfaces guarantees proper enforcement of the global security policy is an important requirement and a major technical challenge. The complexity of the problem is compounded by the fact that some combination of network services may lead to inconsistent hidden access paths in the network. The ACL implementations ignoring these hidden access paths may result in violation of one or more policy rules implicitly. This paper presents a formal verification framework for analyzing security policy implementations in enterprise networks. It stems from boolean modeling of the network topology, network services and security policy where the unspecified access paths are modeled as "don't-care" rules. The framework formally models the hidden access rules and incorporates them in the distributed ACL implementations for extracting a security implementation model, and finally formulates a QSAT (satisfiability of quantified boolean

  1. Examining the Relationship between Organization Systems and Information Security Awareness

    ERIC Educational Resources Information Center

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  2. The Common Ground Preparedness Framework: A Comprehensive Description of Public Health Emergency Preparedness

    PubMed Central

    Theadore, Fred; Jellison, James B.

    2012-01-01

    Currently, public health emergency preparedness (PHEP) is not well defined. Discussions about public health preparedness often make little progress, for lack of a shared understanding of the topic. We present a concise yet comprehensive framework describing PHEP activities. The framework, which was refined for 3 years by state and local health departments, uses terms easily recognized by the public health workforce within an information flow consistent with the National Incident Management System. To assess the framework's completeness, strengths, and weaknesses, we compare it to 4 other frameworks: the RAND Corporation's PREPARE Pandemic Influenza Quality Improvement Toolkit, the National Response Framework's Public Health and Medical Services Functional Areas, the National Health Security Strategy Capabilities List, and the Centers for Disease Control and Prevention's PHEP Capabilities. PMID:22397343

  3. The common ground preparedness framework: a comprehensive description of public health emergency preparedness.

    PubMed

    Gibson, P Joseph; Theadore, Fred; Jellison, James B

    2012-04-01

    Currently, public health emergency preparedness (PHEP) is not well defined. Discussions about public health preparedness often make little progress, for lack of a shared understanding of the topic. We present a concise yet comprehensive framework describing PHEP activities. The framework, which was refined for 3 years by state and local health departments, uses terms easily recognized by the public health workforce within an information flow consistent with the National Incident Management System. To assess the framework's completeness, strengths, and weaknesses, we compare it to 4 other frameworks: the RAND Corporation's PREPARE Pandemic Influenza Quality Improvement Toolkit, the National Response Framework's Public Health and Medical Services Functional Areas, the National Health Security Strategy Capabilities List, and the Centers for Disease Control and Prevention's PHEP Capabilities. PMID:22397343

  4. Development of a security-by-design handbook.

    SciTech Connect

    Olson, David L.; Snell, Mark Kamerer; Iida, Toru; Ochiai, Kazuya; Tanuma, Koji

    2010-06-01

    There is an increasing awareness that efficient and effective nuclear facility design is best achieved when requirements from the 3S disciplines Safety, Safeguards, and Security - are balanced and intrinsic to the facility design. This can be achieved when policy, processes, methods, and technologies are understood and applied in these areas during all phases of the design process. For the purposes of this paper, Security-by-design will be defined as the system level incorporation of the physical protection system (PPS) into a new or retrofitted nuclear power plant (NPP) or nuclear facility (NF) resulting in intrinsic security. Security-by-design can also be viewed as a framework to achieve robust and durable security systems. This paper reports on work performed to date to create a Security-by-Design Handbook, under a bilateral agreement between the United States and Japan, specifically, a review of physical protection principles and best practices, and a decommissioning to better understand where these principles and practices can be applied. This paper describes physical protection principles and best practices to achieve security-by- design that were gathered from International, Japanese, and U.S. sources. Principles are included for achieving security early in the design process where security requirements are typically less costly and easier to incorporate. The paper then describes a generic design process that covers the entire facility lifecycle from scoping and planning of the project to decommissioning and decontamination. Early design process phases, such as conceptual design, offer opportunities to add security features intrinsic to the facility design itself. Later phases, including design engineering and construction, are important for properly integrating security features into a coherent design and for planning for and assuring the proper performance of the security system during the operation and decommissioning of the facility. The paper also

  5. Information risk and security modeling

    NASA Astrophysics Data System (ADS)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  6. Security of medical multimedia.

    PubMed

    Tzelepi, S; Pangalos, G; Nikolacopoulou, G

    2002-09-01

    The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented. PMID:12507263

  7. Energy and National Security

    ERIC Educational Resources Information Center

    Abelson, Philip H.

    1973-01-01

    Discussed in this editorial is the need for a broad and detailed government policy on energy use. Oil companies can not be given complete responsibility to demonstrate usage of different energy sources. The government should construct plants because energy is connected with national security. (PS)

  8. IBRD Operational Decision Framework

    SciTech Connect

    Greenwalt, R; Hibbard, W; Raber, E; Carlsen, T; Folks, K; MacQueen, D; Mancieri, S; Bunt, T; Richards, J; Hirabayashi-Dethier, J

    2010-11-12

    completion of the Operational Decision Framework, another joint LLNL/SNL working group conducted a day-long review. Identified modifications were made to the document, resulting in the included product.

  9. Conceptual Privacy Framework for Health Information on Wearable Device

    PubMed Central

    Safavi, Seyedmostafa; Shukur, Zarina

    2014-01-01

    Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup. PMID:25478915

  10. Conceptual privacy framework for health information on wearable device.

    PubMed

    Safavi, Seyedmostafa; Shukur, Zarina

    2014-01-01

    Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup. PMID:25478915

  11. School Security and Crisis Preparedness: Make It Your Business.

    ERIC Educational Resources Information Center

    Trump, Kenneth S.

    1999-01-01

    The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related staffing.…

  12. Secure Data Network System (SDNS) network, transport, and message security protocols

    NASA Astrophysics Data System (ADS)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  13. Physical Security

    SciTech Connect

    2008-01-01

    The future of physical security at government facilities and national laboratories is rapidly progressing beyond the cliché of gates, guns and guards, and is quickly being replaced by radars, sensors and cameras. Learn more about INL's security research at http://www.facebook.com/idahonationallaboratory.

  14. School Security.

    ERIC Educational Resources Information Center

    Bete, Tim, Ed.

    1998-01-01

    Presents the opinions of four security experts on the issue of guns in schools. The experts respond to the following questions: will schools ever be free of weapons; will card access systems become common in public schools; will metal detectors solve school security problems; and will students ever be issued bullet-proof vests along with…

  15. 76 FR 69755 - National Disaster Recovery Framework (NDRF)

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-11-09

    ... SECURITY Federal Emergency Management Agency National Disaster Recovery Framework (NDRF) AGENCY: Federal... the availability of the final National Disaster Recovery Framework (NDRF). The NDRF is intended to... principles solely focused on disaster recovery. Recognizing the continuum between preparedness,...

  16. Security extensions to DICOM

    NASA Astrophysics Data System (ADS)

    Thiel, Andreas; Bernarding, Johannes; Schaaf, Thorsten; Bellaire, Gunter; Tolxdorff, Thomas

    1999-07-01

    To ensure the acceptance of telemedical applications several obstacles must be overcome: the transfer of huge amounts of data over heterogeneous hard- and software platforms must be optimized; extended data post-processing is often required; and data security must be taken into consideration; post- processing based on secured data exchange must retain the relationship between original and post-processed images. To analyze and solve these problems, applications of distributed medical services were integrated. Data transfer and management was based on the Digital Imaging and Communications (DICOM) standard. To account for platform- independence of remote users, a novel DICOM server and viewer as implemented in JAVA. Different DICOM-conform data security concepts were analyzed. Encryption of the complete data stream using secure socket layers as well as a partial encryption concepts were tested. The best result was attained by a DICOM-conform encryption of patient-relevant data. The implementation medical services, which used newly develop techniques of magnetic resonance imaging, allowed a much earlier diagnosis of the human brain infarct. The integrated data security enabled remote segmentation within the unsecured internet, followed by storing the data back into the secured network.

  17. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 3 2011-10-01 2011-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  18. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 3 2012-10-01 2012-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  19. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 3 2010-10-01 2010-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  20. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 3 2014-10-01 2014-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  1. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 3 2013-10-01 2013-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  2. Secure Objectives for School Security

    ERIC Educational Resources Information Center

    Dalton-Noblitt, April

    2012-01-01

    In a study conducted among more than 980 American four-year and two-year colleges and universities, including institutions such as the University of Michigan, MIT, UCLA and Columbia, security staff and other administrators identified the five leading goals for their security systems: (1) Preventing unauthorized people from entering their…

  3. Secure PVM

    SciTech Connect

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  4. A security architecture for health information networks.

    PubMed

    Kailar, Rajashekar; Muralidhar, Vinod

    2007-01-01

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

  5. Security Detail.

    ERIC Educational Resources Information Center

    Epstein, Marc A.

    2003-01-01

    Describes problems of maintaining discipline and security at Jamaica High School in Queens, New York. Argues that court decisions and school regulations have allowed minority of aggressive and disruptive students to destabilize the learning environment. (PKP)

  6. Secure portal.

    SciTech Connect

    Nelson, Cynthia Lee

    2007-09-01

    There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allow special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal

  7. 19 CFR 191.51 - Completion of drawback claims.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 19 Customs Duties 2 2011-04-01 2011-04-01 false Completion of drawback claims. 191.51 Section 191.51 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY (CONTINUED) DRAWBACK Completion of Drawback Claims § 191.51 Completion of drawback claims. (a) General—(1) Complete claim....

  8. Secure Information Sharing

    Energy Science and Technology Software Center (ESTSC)

    2005-09-09

    We are develoing a peer-to-peer system to support secure, location independent information sharing in the scientific community. Once complete, this system will allow seamless and secure sharing of information between multiple collaborators. The owners of information will be able to control how the information is stored, managed. ano shared. In addition, users will have faster access to information updates within a collaboration. Groups collaborating on scientific experiments have a need to share information and data.more » This information and data is often represented in the form of files and database entries. In a typical scientific collaboration, there are many different locations where data would naturally be stored. This makes It difficult for collaborators to find and access the information they need. Our goal is to create a lightweight file-sharing system that makes it’easy for collaborators to find and use the data they need. This system must be easy-to-use, easy-to-administer, and secure. Our information-sharing tool uses group communication, in particular the InterGroup protocols, to reliably deliver each query to all of the current participants in a scalable manner, without having to discover all of their identities. We will use the Secure Group Layer (SGL) and Akenti to provide security to the participants of our environment, SGL will provide confldentiality, integrity, authenticity, and authorization enforcement for the InterGroup protocols and Akenti will provide access control to other resources.« less

  9. 75 FR 6681 - National Disaster Recovery Framework

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-10

    ... SECURITY Federal Emergency Management Agency National Disaster Recovery Framework AGENCY: Federal Emergency... Management Agency (FEMA), in coordination with the interagency Long Term Disaster Recovery Working Group, is accepting comments on the draft National Disaster Recovery Framework (NDRF). The NDRF is intended to work...

  10. Security in the Schools.

    ERIC Educational Resources Information Center

    Nelson, Jesse

    1997-01-01

    Discusses the benefits of school library security, software security, and computer security systems. Describes specific products for each type of security system. A sidebar lists names and addresses of security manufacturers and distributors. (AEF)

  11. The European TrustHealth project experiences with implementing a security infrastructure.

    PubMed

    Blobel, B

    2000-11-01

    Accepting the shared care paradigm, communication and co-operation required between health care establishments must be provided in a trustworthy way. The solution for establishing such trustworthy environment has to be based on a common policy framework, on services, and mechanisms, which have been standardised. In Europe, the legal framework, other policy issues, and the services and mechanisms needed have been developed within projects launched by the European Commission, by the European standards body CEN as well as by temporarily established groups. Within the European TrustHealth projects. a security infrastructure for trustworthy health telematics applications has been specified, implemented, and evaluated. It is based on Health Professional Cards and Trusted Third Party services. Experiences regarding organisational and technological implications of the specification, implementation, maintenance, and evaluation of such a security infrastructure are described on the basis of the ONOCONET example. For the complete software lifecycle, the UML methodology has been deployed. PMID:11154971

  12. 49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for... SECURITY CIVIL AVIATION SECURITY INDIRECT AIR CARRIER SECURITY § 1548.15 Access to cargo: Security threat... must successfully complete a security threat assessment or comparable security threat...

  13. Straightforward and complete deposition of NMR data to the PDBe.

    PubMed

    Penkett, Christopher J; van Ginkel, Glen; Velankar, Sameer; Swaminathan, Jawahar; Ulrich, Eldon L; Mading, Steve; Stevens, Tim J; Fogh, Rasmus H; Gutmanas, Aleksandras; Kleywegt, Gerard J; Henrick, Kim; Vranken, Wim F

    2010-10-01

    We present a suite of software for the complete and easy deposition of NMR data to the PDB and BMRB. This suite uses the CCPN framework and introduces a freely downloadable, graphical desktop application called CcpNmr Entry Completion Interface (ECI) for the secure editing of experimental information and associated datasets through the lifetime of an NMR project. CCPN projects can be created within the CcpNmr Analysis software or by importing existing NMR data files using the CcpNmr FormatConverter. After further data entry and checking with the ECI, the project can then be rapidly deposited to the PDBe using AutoDep, or exported as a complete deposition NMR-STAR file. In full CCPN projects created with ECI, it is straightforward to select chemical shift lists, restraint data sets, structural ensembles and all relevant associated experimental collection details, which all are or will become mandatory when depositing to the PDB. Instructions and download information for the ECI are available from the PDBe web site at http://www.ebi.ac.uk/pdbe/nmr/deposition/eci.html . PMID:20680401

  14. 6 CFR 27.215 - Security vulnerability assessments.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... identification of existing layers of protection; (2) Threat Assessment, which includes a description of possible... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security vulnerability assessments. 27.215...-risk, the facility must complete a Security Vulnerability Assessment. A Security...

  15. 49 CFR 1544.233 - Security coordinators and crewmembers, training.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR... Program approved under SFAR 58 in 14 CFR part 121, that individual has satisfactorily completed the security training required by 14 CFR 121.417(b)(3)(v) or 135.331(b)(3)(v), and as specified in the...

  16. 49 CFR 1544.233 - Security coordinators and crewmembers, training.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR... Program approved under SFAR 58 in 14 CFR part 121, that individual has satisfactorily completed the security training required by 14 CFR 121.417(b)(3)(v) or 135.331(b)(3)(v), and as specified in the...

  17. 49 CFR 1544.233 - Security coordinators and crewmembers, training.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR... Program approved under SFAR 58 in 14 CFR part 121, that individual has satisfactorily completed the security training required by 14 CFR 121.417(b)(3)(v) or 135.331(b)(3)(v), and as specified in the...

  18. 49 CFR 1544.233 - Security coordinators and crewmembers, training.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR... Program approved under SFAR 58 in 14 CFR part 121, that individual has satisfactorily completed the security training required by 14 CFR 121.417(b)(3)(v) or 135.331(b)(3)(v), and as specified in the...

  19. 49 CFR 1540.209 - Fees for security threat assessment.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under this...

  20. 49 CFR 1540.209 - Fees for security threat assessment.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under subpart....

  1. 49 CFR 1540.209 - Fees for security threat assessment.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under this...

  2. Validity and reliability of food security measures.

    PubMed

    Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

    2014-12-01

    This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. PMID:25407084

  3. MVC Framework

    SciTech Connect

    Benz, Zachary; McClain, Jonathan; Bauer, Travis; Titus, Brian

    2008-06-03

    Provides a reusable model-view-controller application programming interface (API) for use in the rapid development of graphical user interface applications in the .NET 2.0 framework. This includes a mechanism for adding new data stores, data sources, data analyses, and visualizations in the form of plugins.] The MVC Framework is implemented in C# as a .NET 2.0 framework that can then be built against when developing applications. The infrasturcture allows for presenting application specific views (visualizations) to the user to interact with. Based on the interactions the suer makes with a view, requests are generated which in turn are handled by the central controller facility. The controller handles the request in an application specific manner by routing the request to appropriate data stores, data accessors or data analyzers. Retrieved or processed data is published to subscribed components for further processing or for presentation to the user.

  4. MVC Framework

    Energy Science and Technology Software Center (ESTSC)

    2008-06-03

    Provides a reusable model-view-controller application programming interface (API) for use in the rapid development of graphical user interface applications in the .NET 2.0 framework. This includes a mechanism for adding new data stores, data sources, data analyses, and visualizations in the form of plugins.] The MVC Framework is implemented in C# as a .NET 2.0 framework that can then be built against when developing applications. The infrasturcture allows for presenting application specific views (visualizations) tomore » the user to interact with. Based on the interactions the suer makes with a view, requests are generated which in turn are handled by the central controller facility. The controller handles the request in an application specific manner by routing the request to appropriate data stores, data accessors or data analyzers. Retrieved or processed data is published to subscribed components for further processing or for presentation to the user.« less

  5. Security Systems Consideration: A Total Security Approach

    NASA Astrophysics Data System (ADS)

    Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

    2007-12-01

    The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

  6. Insider Threat and Information Security Management

    NASA Astrophysics Data System (ADS)

    Coles-Kemp, Lizzie; Theoharidou, Marianthi

    The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

  7. Towards An Engineering Discipline of Computational Security

    SciTech Connect

    Mili, Ali; Sheldon, Frederick T; Jilani, Lamia Labed; Ayed, Rahma Ben

    2007-01-01

    George Boole ushered the era of modern logic by arguing that logical reasoning does not fall in the realm of philosophy, as it was considered up to his time, but in the realm of mathematics. As such, logical propositions and logical arguments are modeled using algebraic structures. Likewise, we submit that security attributes must be modeled as formal mathematical propositions that are subject to mathematical analysis. In this paper, we approach this problem by attempting to model security attributes in a refinement-like framework that has traditionally been used to represent reliability and safety claims. Keywords: Computable security attributes, survivability, integrity, dependability, reliability, safety, security, verification, testing, fault tolerance.

  8. 19 CFR 122.75 - Complete manifest.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 19 Customs Duties 1 2010-04-01 2010-04-01 false Complete manifest. 122.75 Section 122.75 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Documents Required for Clearance and Permission To Depart;...

  9. A cryptographic approach to securely share and query genomic sequences.

    PubMed

    Kantarcioglu, Murat; Jiang, Wei; Liu, Ying; Malin, Bradley

    2008-09-01

    To support large-scale biomedical research projects, organizations need to share person-specific genomic sequences without violating the privacy of their data subjects. In the past, organizations protected subjects' identities by removing identifiers, such as name and social security number; however, recent investigations illustrate that deidentified genomic data can be "reidentified" to named individuals using simple automated methods. In this paper, we present a novel cryptographic framework that enables organizations to support genomic data mining without disclosing the raw genomic sequences. Organizations contribute encrypted genomic sequence records into a centralized repository, where the administrator can perform queries, such as frequency counts, without decrypting the data. We evaluate the efficiency of our framework with existing databases of single nucleotide polymorphism (SNP) sequences and demonstrate that the time needed to complete count queries is feasible for real world applications. For example, our experiments indicate that a count query over 40 SNPs in a database of 5000 records can be completed in approximately 30 min with off-the-shelf technology. We further show that approximation strategies can be applied to significantly speed up query execution times with minimal loss in accuracy. The framework can be implemented on top of existing information and network technologies in biomedical environments. PMID:18779075

  10. Nuclear security

    SciTech Connect

    Not Available

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected.

  11. Security system

    DOEpatents

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  12. Security seal

    DOEpatents

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  13. The European Qualification Framework: Skills, Competences or Knowledge?

    ERIC Educational Resources Information Center

    Mehaut, Philippe; Winch, Christopher

    2012-01-01

    The European Qualification Framework (EQF) is intended to transform European national qualification frameworks (NQFs) by moulding them into a learning outcomes framework. Currently adopted as an enabling law by the European Union, the EQF has now operated for several years. In order to secure widespread adoption, however, it will be necessary for…

  14. Transportation Security Administration

    MedlinePlus

    ... content Official website of the Department of Homeland Security Transportation Security Administration When I fly can I bring my... ... to know if you could bring through the security checkpoint. Main menu Administrator Travel Security Screening Special ...

  15. Statistical security for Social Security.

    PubMed

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts. PMID:22592944

  16. RFID Based Context Information Security System Architecture for Securing Personal Information under Ubiquitous Environment

    NASA Astrophysics Data System (ADS)

    Song, Jae-Gu; Park, Gil-Cheol; Kim, Seoksoo

    2007-12-01

    In this study, framework for securing personal information among various contexts collected and utilized under ubiquitous environment is proposed. The proposed framework will analyze relativity among information used to determine the exposure of personal information according to circumstances where personal information is used. In addition, the study will define the definition of role-based structure and propose a structure applying password security system according to access level. Furthermore, the study will propose a method for building information security system using RFID tag information which generates context information.

  17. Predictive Dynamic Security Assessment through Advanced Computing

    SciTech Connect

    Huang, Zhenyu; Diao, Ruisheng; Jin, Shuangshuang; Chen, Yousu

    2014-11-30

    Abstract— Traditional dynamic security assessment is limited by several factors and thus falls short in providing real-time information to be predictive for power system operation. These factors include the steady-state assumption of current operating points, static transfer limits, and low computational speed. This addresses these factors and frames predictive dynamic security assessment. The primary objective of predictive dynamic security assessment is to enhance the functionality and computational process of dynamic security assessment through the use of high-speed phasor measurements and the application of advanced computing technologies for faster-than-real-time simulation. This paper presents algorithms, computing platforms, and simulation frameworks that constitute the predictive dynamic security assessment capability. Examples of phasor application and fast computation for dynamic security assessment are included to demonstrate the feasibility and speed enhancement for real-time applications.

  18. Secure public cloud platform for medical images sharing.

    PubMed

    Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

    2015-01-01

    Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking. PMID:25991144

  19. Amodal Completion in Bonobos

    ERIC Educational Resources Information Center

    Nagasaka, Yasuo; Brooks, Daniel I.; Wasserman, Edward A.

    2010-01-01

    We trained two bonobos to discriminate among occluded, complete, and incomplete stimuli. The occluded stimulus comprised a pair of colored shapes, one of which appeared to occlude the other. The complete and incomplete stimuli involved the single shape that appeared to have been partially covered in the occluded stimulus; the complete stimulus…

  20. What's Ahead for Campus Security?

    ERIC Educational Resources Information Center

    Queeno, Cam

    2000-01-01

    Identifies five trends in security technology and what they mean for colleges and universities in the near future. Trends addressed are: less emphasis on complete system integration; increased prevalence of open networking protocol systems; rising use of proximity and smart cards; increased use of digital technology and remote video surveillance;…

  1. Nuclear security

    SciTech Connect

    Dingell, J.D.

    1991-02-01

    The Department of Energy's (DOE) Lawrence Livermore National Laboratory, located in Livermore, California, generates and controls large numbers of classified documents associated with the research and testing of nuclear weapons. Concern has been raised about the potential for espionage at the laboratory and the national security implications of classified documents being stolen. This paper determines the extent of missing classified documents at the laboratory and assesses the adequacy of accountability over classified documents in the laboratory's custody. Audit coverage was limited to the approximately 600,000 secret documents in the laboratory's custody. The adequacy of DOE's oversight of the laboratory's secret document control program was also assessed.

  2. Security Issues of Ohio Public Libraries.

    ERIC Educational Resources Information Center

    Lorenzen, Michael

    A survey was conducted in January 1997 to determine security issues of Ohio public libraries. The survey was distributed to 100 libraries of differing sizes with a 70% completion rate. The following questions were asked: (1) Do you believe that security is a problem at your library? (2) Do you believe that mutilation of periodicals is a problem at…

  3. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.262 Security measures for newly-hired employees. (a... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is...

  4. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.262 Security measures for newly-hired employees. (a... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is...

  5. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.262 Security measures for newly-hired employees. (a... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is...

  6. Developing a Regional Recovery Framework

    SciTech Connect

    Lesperance, Ann M.; Olson, Jarrod; Stein, Steven L.; Clark, Rebecca; Kelly, Heather; Sheline, Jim; Tietje, Grant; Williamson, Mark; Woodcock, Jody

    2011-09-01

    Abstract A biological attack would present an unprecedented challenge for local, state, and federal agencies; the military; the private sector; and individuals on many fronts ranging from vaccination and treatment to prioritization of cleanup actions to waste disposal. To prepare the Seattle region to recover from a biological attack, the Seattle Urban Area Security Initiative (UASI) partners collaborated with military and federal agencies to develop a Regional Recovery Framework for a Biological Attack in the Seattle Urban Area. The goal was to reduce the time and resources required to recover and restore wide urban areas, military installations, and other critical infrastructure following a biological incident by providing a coordinated systems approach. Based on discussions in small workshops, tabletop exercises, and interviews with emergency response agency staff, the partners identified concepts of operation for various areas to address critical issues the region will face as recovery progresses. Key to this recovery is the recovery of the economy. Although the Framework is specific to a catastrophic, wide-area biological attack using anthrax, it was designed to be flexible and scalable so it could also serve as the recovery framework for an all-hazards approach. The Framework also served to coalesce policy questions that must be addressed for long-term recovery. These questions cover such areas as safety and health, security, financial management, waste management, legal issues, and economic development.

  7. Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

    ERIC Educational Resources Information Center

    Edwards, Gregory

    2011-01-01

    Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

  8. Multi-Disciplinary Analysis and Optimization Frameworks

    NASA Technical Reports Server (NTRS)

    Naiman, Cynthia Gutierrez

    2009-01-01

    Since July 2008, the Multidisciplinary Analysis & Optimization Working Group (MDAO WG) of the Systems Analysis Design & Optimization (SAD&O) discipline in the Fundamental Aeronautics Program s Subsonic Fixed Wing (SFW) project completed one major milestone, Define Architecture & Interfaces for Next Generation Open Source MDAO Framework Milestone (9/30/08), and is completing the Generation 1 Framework validation milestone, which is due December 2008. Included in the presentation are: details of progress on developing the Open MDAO framework, modeling and testing the Generation 1 Framework, progress toward establishing partnerships with external parties, and discussion of additional potential collaborations

  9. Secure surface identification codes

    NASA Astrophysics Data System (ADS)

    Beekhof, F.; Voloshynovskiy, S.; Koval, O.; Villan, R.; Pun, T.

    2008-02-01

    This paper introduces an identification framework for random microstructures of material surfaces. These microstructures represent a kind of unique fingerprints that can be used to track and trace an item as well as for anti-counterfeiting. We first consider the architecture for mobile phone-based item identification and then introduce a practical identification algorithm enabling fast searching in large databases. The proposed algorithm is based on reference list decoding. The link to digital communications and robust perceptual hashing is shown. We consider a practical construction of reference list decoding, which comprizes computational complexity, security, memory storage and performance requirements. The efficiency of the proposed algorithm is demonstrated on experimental data obtained from natural paper surfaces.

  10. Framework faults

    NASA Astrophysics Data System (ADS)

    Vierkorn-Rudolph, Beatrix

    2009-02-01

    Your news story "Carbon-capture and gamma-ray labs top Euro wish list" (January p6) states that the European Strategy Forum for Research Infrastructures (ESFRI) has a budget of €1.7bn and is "part of the European Union's Seventh Framework Programme (FP7)". Neither of these statements is true. In fact, as vice-chair of the ESFRI, I should point out that it is an independent strategic forum where delegates (nominated and mandated by the research ministers of the member states and associated states of the European Community) jointly reflect on the development of strategic policies for pan-European research infrastructures. As the forum is an informal body, it does not have any funds.

  11. Asian Energy Security

    SciTech Connect

    Peter Hayes, PhD

    2003-12-01

    OAK-B135 In the Asian Energy Security (AES) Project, Nautilus Institute works together with a network of collaborating groups from the countries of Northeast Asia to evaluate the energy security implications of different national and regional energy ''paths''. The goal of the Asia Energy Security project is to illuminate energy paths--and the energy policy choices that might help to bring them about--that result in a higher degree of energy security for the region and for the world as a whole, that is, to identify energy paths that are ''robust'' in meeting many different energy security and development objectives, while also offering flexibility in the face of uncertainty. In work to date, Nautilus has carefully assembled a network of colleagues from the countries of the region, trained them together as a group in the use of a common, flexible, and transparent energy and environmental analysis planning software tool (LEAP, the Long-range Energy Alternatives Planning system), and worked with them to prepare base-year energy sector models for each country. To date, complete data sets and models for ''Business as Usual'' (BAU) energy paths have been compiled for China, Japan, the Republic of Korea, and the Democratic Peoples' Republic of Korea. A partial data set and BAU path has been compiled for the Russian Far East, and a data set is being started in Mongolia, where a team of researchers has just joined the AES project. In several countries, ''Alternative'' energy paths have been developed as well, or partially elaborated. National energy sector developments, progress on national LEAP modeling, additional LEAP training, and planning for the next phase of the AES project were the topics of a recent (early November) workshop held in Vancouver, British Columbia. With funding from the Department of Energy, Nautilus is poised to build upon the successes of the project to date with a coordinated international effort to research the energy security ramifications of

  12. Critical Infrastructures Security Modeling, Enforcement and Runtime Checking

    NASA Astrophysics Data System (ADS)

    Abou El Kalam, Anas; Deswarte, Yves

    This paper identifies the most relevant security requirements for critical infrastructures (CIs), and according to these requirements, proposes an access control framework. The latter supports the CI security policy modeling and enforcement. Then, it proposes a runtime model checker for the interactions between the organizations forming the CIs, to verify their compliance with previously signed contracts. In this respect, not only our security framework handles secure local and remote accesses, but also audits and verifies the different interactions. In particular, remote accesses are controlled, every deviation from the signed contracts triggers an alarm, the concerned parties are notified, and audits can be used as evidence for sanctioning the party responsible for the deviation.

  13. Complete analyticity for 2D Ising completed

    NASA Astrophysics Data System (ADS)

    Schonmann, Roberto H.; Shlosman, Senya B.

    1995-06-01

    We study the behavior of the two-dimensional nearest neighbor ferromagnetic Ising model under an external magnetic field h. We extend to every subcritical value of the temperature a result previously proven by Martirosyan at low enough temperature, and which roughly states that for finite systems with — boundary conditions under a positive external field, the boundary effect dominates in the bulk if the linear size of the system is of order B/h with B small enough, while if B is large enough, then the external field dominates in the bulk. As a consequence we are able to complete the proof that “complete analyticity for nice sets” holds for every value of the temperature and external field in the interior of the uniqueness region in the phase diagram of the model. The main tools used are the results and techniques developed to study large deviations for the block magnetization in the absence of the magnetic field, and recently extended to all temperatures below the critical one by Ioffe.

  14. Latino College Completion: Oklahoma

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  15. Latino College Completion: Washington

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  16. Latino College Completion: Wisconsin

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  17. Latino College Completion: Wyoming

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  18. Latino College Completion: Utah

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  19. Latino College Completion: Massachusetts

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  20. Latino College Completion: Kansas

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  1. Latino College Completion: Colorado

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  2. Latino College Completion: Alabama

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  3. Latino College Completion: Arizona

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  4. Latino College Completion: Michigan

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  5. Latino College Completion: Illinois

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  6. Latino College Completion: Minnesota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  7. Latino College Completion: Maine

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  8. Latino College Completion: Connecticut

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  9. Latino College Completion: Indiana

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  10. Latino College Completion: Maryland

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  11. Latino College Completion: Arkansas

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  12. Latino College Completion: Delaware

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  13. Latino College Completion: Alaska

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  14. Latino College Completion: Kentucky

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  15. Latino College Completion: Mississippi

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  16. Latino College Completion: Nevada

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  17. Latino College Completion: California

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  18. Latino College Completion: Missouri

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  19. Latino College Completion: Nebraska

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  20. Latino College Completion: Vermont

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  1. Latino College Completion: Montana

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  2. Latino College Completion: Florida

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  3. Latino College Completion: Oregon

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  4. Latino College Completion: Louisiana

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  5. Latino College Completion: Ohio

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  6. Latino College Completion: Hawaii

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  7. Latino College Completion: Idaho

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  8. Latino College Completion: Iowa

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  9. Latino College Completion: Tennessee

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  10. Latino College Completion: Pennsylvania

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  11. Latino College Completion: Georgia

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  12. Latino College Completion: Virginia

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  13. Latino College Completion: Texas

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  14. Classical versus quantum completeness

    NASA Astrophysics Data System (ADS)

    Hofmann, Stefan; Schneider, Marc

    2015-06-01

    The notion of quantum-mechanical completeness is adapted to situations where the only adequate description is in terms of quantum field theory in curved space-times. It is then shown that Schwarzschild black holes, although geodesically incomplete, are quantum complete.

  15. Methods of Organizational Information Security

    NASA Astrophysics Data System (ADS)

    Martins, José; Dos Santos, Henrique

    The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

  16. 76 FR 43696 - Nationwide Cyber Security Review (NCSR) Assessment

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-07-21

    ... SECURITY Nationwide Cyber Security Review (NCSR) Assessment AGENCY: National Protection and Programs... Review (NCSR) Assessment. DHS previously published this ICR in the Federal Register on April 21, 2011... government to complete a cyber network security assessment so that a full measure of gaps and...

  17. 78 FR 72063 - Open Meeting of the Information Security and Privacy Advisory Board

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-02

    ... security and privacy issues pertaining to federal computer systems. Details regarding the ISPAB's... Cybersecurity (78 FR 11737, February 19, 2013); Development of New Cybersecurity Framework; Request for Information (RFI)--Developing a Framework to Improve Critical Infrastructure Cybersecurity (78 FR...

  18. Computer security engineering management

    SciTech Connect

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system.

  19. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  20. Acceptance Criteria Framework for Autonomous Biological Detectors

    SciTech Connect

    Dzenitis, J M

    2006-12-12

    The purpose of this study was to examine a set of user acceptance criteria for autonomous biological detection systems for application in high-traffic, public facilities. The test case for the acceptance criteria was the Autonomous Pathogen Detection System (APDS) operating in high-traffic facilities in New York City (NYC). However, the acceptance criteria were designed to be generally applicable to other biological detection systems in other locations. For such detection systems, ''users'' will include local authorities (e.g., facility operators, public health officials, and law enforcement personnel) and national authorities [including personnel from the Department of Homeland Security (DHS), the BioWatch Program, the Centers for Disease Control and Prevention (CDC), and the Federal Bureau of Investigation (FBI)]. The panel members brought expertise from a broad range of backgrounds to complete this picture. The goals of this document are: (1) To serve as informal guidance for users in considering the benefits and costs of these systems. (2) To serve as informal guidance for developers in understanding the needs of users. In follow-up work, this framework will be used to systematically document the APDS for appropriateness and readiness for use in NYC.

  1. A Unified Approach to Intra-Domain Security

    SciTech Connect

    Shue, Craig A; Kalafut, Andrew J.; Gupta, Prof. Minaxi

    2009-01-01

    While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. We develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructure which can later be leveraged to support inter-domain authentication.

  2. Utilize common criteria methodology for secure ubiquitous healthcare environment.

    PubMed

    Yu, Yao-Chang; Hou, Ting-Wei

    2012-06-01

    RFID technology is widely used in healthcare environments to ensure patient safety. Therefore, the testing of RFID tags, such as performance tests and security evaluations, is necessary to ensure inter-operational functional compatibility with standards. A survey of the literature shows that while standards that are around RFID performance tests have been addressed, but the same is not true for security evaluations. Therefore, in this paper, we introduce the Common Criteria security evaluation methodology, also known as ISO/IEC 15408, for the security evaluation of RFID tags and propose a framework as a minimal requirement for RFID tags to improve security assurance. PMID:21086153

  3. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  4. 19 CFR 181.47 - Completion of claim for drawback.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 19 Customs Duties 2 2010-04-01 2010-04-01 false Completion of claim for drawback. 181.47 Section 181.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY (CONTINUED) NORTH AMERICAN FREE TRADE AGREEMENT Restrictions on Drawback and Duty-Deferral Programs § 181.47 Completion of claim...

  5. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

    SciTech Connect

    Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David

    2007-01-01

    Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.

  6. Security Data Warehouse Application

    NASA Technical Reports Server (NTRS)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  7. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  8. From Secure Memories to Smart Card Security

    NASA Astrophysics Data System (ADS)

    Handschuh, Helena; Trichina, Elena

    Non-volatile memory is essential in most embedded security applications. It will store the key and other sensitive materials for cryptographic and security applications. In this chapter, first an overview is given of current flash memory architectures. Next the standard security features which form the basis of so-called secure memories are described in more detail. Smart cards are a typical embedded application that is very vulnerable to attacks and that at the same time has a high need for secure non-volatile memory. In the next part of this chapter, the secure memories of so-called flash-based high-density smart cards are described. It is followed by a detailed analysis of what the new security challenges for such objects are.

  9. Beyond a series of security nets: Applying STAMP & STPA to port security

    SciTech Connect

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systems and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.

  10. Beyond a series of security nets: Applying STAMP & STPA to port security

    DOE PAGESBeta

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

  11. JACOB: An Enterprise Framework for Computational Chemistry

    PubMed Central

    Waller, Mark P; Dresselhaus, Thomas; Yang, Jack

    2013-01-01

    Here, we present just a collection of beans (JACOB): an integrated batch-based framework designed for the rapid development of computational chemistry applications. The framework expedites developer productivity by handling the generic infrastructure tier, and can be easily extended by user-specific scientific code. Paradigms from enterprise software engineering were rigorously applied to create a scalable, testable, secure, and robust framework. A centralized web application is used to configure and control the operation of the framework. The application-programming interface provides a set of generic tools for processing large-scale noninteractive jobs (e.g., systematic studies), or for coordinating systems integration (e.g., complex workflows). The code for the JACOB framework is open sourced and is available at: http://www.wallerlab.org/jacob. © 2013 Wiley Periodicals, Inc. PMID:23553271

  12. Modeling behavioral considerations related to information security.

    SciTech Connect

    Martinez-Moyano, I. J.; Conrad, S. H.; Andersen, D. F.

    2011-01-01

    The authors present experimental and simulation results of an outcome-based learning model for the identification of threats to security systems. This model integrates judgment, decision-making, and learning theories to provide a unified framework for the behavioral study of upcoming threats.

  13. 17 CFR 300.306 - Completion or closeout pursuant to SIPC direction.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Completion or closeout pursuant to SIPC direction. 300.306 Section 300.306 Commodity and Securities Exchanges SECURITIES AND... to SIPC direction. In its discretion SIPC may, in order to prevent a substantial detrimental...

  14. 17 CFR 300.306 - Completion or closeout pursuant to SIPC direction.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Completion or closeout pursuant to SIPC direction. 300.306 Section 300.306 Commodity and Securities Exchanges SECURITIES AND... to SIPC direction. In its discretion SIPC may, in order to prevent a substantial detrimental...

  15. 49 CFR 1542.201 - Security of the secured area.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Security of the secured area. 1542.201 Section 1542.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area....

  16. Dynamic security assessment processing system

    NASA Astrophysics Data System (ADS)

    Tang, Lei

    The architecture of dynamic security assessment processing system (DSAPS) is proposed to address online dynamic security assessment (DSA) with focus of the dissertation on low-probability, high-consequence events. DSAPS upgrades current online DSA functions and adds new functions to fit into the modern power grid. Trajectory sensitivity analysis is introduced and its applications in power system are reviewed. An index is presented to assess transient voltage dips quantitatively using trajectory sensitivities. Then the framework of anticipatory computing system (ACS) for cascading defense is presented as an important function of DSAPS. ACS addresses various security problems and the uncertainties in cascading outages. Corrective control design is automated to mitigate the system stress in cascading progressions. The corrective controls introduced in the dissertation include corrective security constrained optimal power flow, a two-stage load control for severe under-frequency conditions, and transient stability constrained optimal power flow for cascading outages. With state-of-the-art computing facilities to perform high-speed extended-term time-domain simulation and optimization for large-scale systems, DSAPS/ACS efficiently addresses online DSA for low-probability, high-consequence events, which are not addressed by today's industrial practice. Human interference is reduced in the computationally burdensome analysis.

  17. A Framework for Behavior-Based Malware Analysis in the Cloud

    NASA Astrophysics Data System (ADS)

    Martignoni, Lorenzo; Paleari, Roberto; Bruschi, Danilo

    To ease the analysis of potentially malicious programs, dynamic behavior-based techniques have been proposed in the literature. Unfortunately, these techniques often give incomplete results because the execution environments in which they are performed are synthetic and do not faithfully resemble the environments of end-users, the intended targets of the malicious activities. In this paper, we present a new framework for improving behavior-based analysis of suspicious programs. Our framework allows an end-user to delegate security labs, the cloud, the execution and the analysis of a program and to force the program to behave as if it were executed directly in the environment of the former. The evaluation demonstrated that the proposed framework allows security labs to improve the completeness of the analysis, by analyzing a piece of malware on behalf of multiple end-users simultaneously, while performing a fine-grained analysis of the behavior of the program with no computational cost for end-users.

  18. Unix Security Cookbook

    NASA Astrophysics Data System (ADS)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  19. Chapter 3: Energy Security

    SciTech Connect

    Foust, Thomas D.; Arent, Doug; de Carvalho Macedo, Isaias; Goldemberg, Jose; Hoysala, Chanakya; Filho, Rubens Maciel; Nigro, Francisco E. B.; Richard, Tom L.; Saddler, Jack; Samseth, Jon; Somerville, Chris R.

    2015-04-01

    This chapter considers the energy security implications and impacts of bioenergy. We provide an assessment to answer the following questions: What are the implications for bioenergy and energy security within the broader policy environment that includes food and water security, development, economic productivity, and multiple foreign policy aspects? What are the conditions under which bioenergy contributes positively to energy security?

  20. Building Security into Schools.

    ERIC Educational Resources Information Center

    Kosar, John E.; Ahmed, Faruq

    2000-01-01

    Offers tips for redesigning safer school sites; installing and implementing security technologies (closed-circuit television cameras, door security hardware, electronic security panels, identification cards, metal detectors, and panic buttons); educating students and staff about security functions; and minimizing costs via a comprehensive campus…

  1. Making College Completion Personal

    ERIC Educational Resources Information Center

    Thomas, Heather

    2011-01-01

    There are countless justifications for why young adults, faced with so many distractions, do not complete their educations. Many students fail to finish college because of a lack of information and understanding about healthy relationships and sex education. The author's own struggles and eventual successes as a student and mother compelled her to…

  2. Beyond FASFA Completion

    ERIC Educational Resources Information Center

    Castleman, Ben; Page, Lindsay

    2015-01-01

    The Free Application for Federal Student Aid (FAFSA)--which students must complete to qualify for most federal, state, and institutional financial aid--is a gateway to college through which many students must pass, particularly those from low- to moderate-income households (King, 2004; Kofoed, 2013). Yet given the complexity of the…

  3. Completing a Simple Circuit.

    ERIC Educational Resources Information Center

    Slater, Timothy F.; Adams, Jeffrey P.; Brown, Thomas R.

    2000-01-01

    Students have problems successfully arranging an electric circuit to make the bulb produce light. Investigates the percentage of students able to complete a circuit with a given apparatus, and the effects of prior experience on student success. Recommends hands-on activities at the elementary and secondary school levels. (Contains 14 references.)…

  4. Safeguards and security modeling for electrochemical plants

    SciTech Connect

    Cipiti, B.B.; Duran, F.A.; Mendoza, L.A.; Parks, M.J.; Dominguez, D.; Le, T.D.

    2013-07-01

    Safeguards and security design for reprocessing plants can lead to excessive costs if not incorporated early in the design process. The design for electrochemical plants is somewhat uncertain since these plants have not been built at a commercial scale in the past. The Separation and Safeguards Performance Model (SSPM), developed at Sandia National Laboratories, has been used for safeguards design and evaluation for multiple reprocessing plant types. The SSPM includes the following capabilities: -) spent fuel source term library, -) mass tracking of elements 1-99 and bulk solid/liquids, -) tracking of heat load and activity, -) customisable measurement points, -) automated calculation of ID and error propagation, -) alarm conditions and statistical tests, and -) user-defined diversion scenarios. Materials accountancy and process monitoring data can provide more timely detection of material loss specifically to protect against the insider threat. While the SSPM is capable of determining detection probabilities and examining detection times for material loss scenarios, it does not model the operations or spatial effects for a plant design. The STAGE software was chosen to model the physical protection system. STAGE provides a framework to create end-to-end scalable force-on-force combat simulations. It allows for a complete 3D model of a facility to be designed along with the design of physical protection elements. This software, then, can be used to model operations and response for various material loss scenarios. The future integration of the SSPM model data with the STAGE software will provide a more complete analysis of diversion scenarios to assist plant designers.

  5. 78 FR 79241 - Assessment Framework and Organizational Restatement Regarding Preemption for Certain Regulations...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-27

    ... December 27, 2013 Part V Department of Homeland Security Coast Guard 33 CFR Part 1 Assessment Framework and Organizational Restatement Regarding Preemption for Certain Regulations Issued by the Coast Guard; Proposed Rule...; ] DEPARTMENT OF HOMELAND SECURITY Coast Guard 33 CFR Part 1 RIN 1625-AB32 Assessment Framework...

  6. Efficient Controlled Quantum Secure Direct Communication Protocols

    NASA Astrophysics Data System (ADS)

    Patwardhan, Siddharth; Moulick, Subhayan Roy; Panigrahi, Prasanta K.

    2016-03-01

    We study controlled quantum secure direct communication (CQSDC), a cryptographic scheme where a sender can send a secret bit-string to an intended recipient, without any secure classical channel, who can obtain the complete bit-string only with the permission of a controller. We report an efficient protocol to realize CQSDC using Cluster state and then go on to construct a (2-3)-CQSDC using Brown state, where a coalition of any two of the three controllers is required to retrieve the complete message. We argue both protocols to be unconditionally secure and analyze the efficiency of the protocols to show it to outperform the existing schemes while maintaining the same security specifications.

  7. Efficient Controlled Quantum Secure Direct Communication Protocols

    NASA Astrophysics Data System (ADS)

    Patwardhan, Siddharth; Moulick, Subhayan Roy; Panigrahi, Prasanta K.

    2016-07-01

    We study controlled quantum secure direct communication (CQSDC), a cryptographic scheme where a sender can send a secret bit-string to an intended recipient, without any secure classical channel, who can obtain the complete bit-string only with the permission of a controller. We report an efficient protocol to realize CQSDC using Cluster state and then go on to construct a (2-3)-CQSDC using Brown state, where a coalition of any two of the three controllers is required to retrieve the complete message. We argue both protocols to be unconditionally secure and analyze the efficiency of the protocols to show it to outperform the existing schemes while maintaining the same security specifications.

  8. Executor Framework for DIRAC

    NASA Astrophysics Data System (ADS)

    Casajus Ramo, A.; Graciani Diaz, R.

    2012-12-01

    DIRAC framework for distributed computing has been designed as a group of collaborating components, agents and servers, with persistent database back-end. Components communicate with each other using DISET, an in-house protocol that provides Remote Procedure Call (RPC) and file transfer capabilities. This approach has provided DIRAC with a modular and stable design by enforcing stable interfaces across releases. But it made complicated to scale further with commodity hardware. To further scale DIRAC, components needed to send more queries between them. Using RPC to do so requires a lot of processing power just to handle the secure handshake required to establish the connection. DISET now provides a way to keep stable connections and send and receive queries between components. Only one handshake is required to send and receive any number of queries. Using this new communication mechanism DIRAC now provides a new type of component called Executor. Executors process any task (such as resolving the input data of a job) sent to them by a task dispatcher. This task dispatcher takes care of persisting the state of the tasks to the storage backend and distributing them among all the Executors based on the requirements of each task. In case of a high load, several Executors can be started to process the extra load and stop them once the tasks have been processed. This new approach of handling tasks in DIRAC makes Executors easy to replace and replicate, thus enabling DIRAC to further scale beyond the current approach based on polling agents.

  9. 48 CFR 3052.222-70 - Strikes or picketing affecting timely completion of the contract work.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Strikes or picketing affecting timely completion of the contract work. As prescribed in (HSAR) 48 CFR 3022... affecting timely completion of the contract work. 3052.222-70 Section 3052.222-70 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  10. Completely quantized collapse and consequences

    SciTech Connect

    Pearle, Philip

    2005-08-15

    Promotion of quantum theory from a theory of measurement to a theory of reality requires an unambiguous specification of the ensemble of realizable states (and each state's probability of realization). Although not yet achieved within the framework of standard quantum theory, it has been achieved within the framework of the continuous spontaneous localization (CSL) wave-function collapse model. In CSL, a classical random field w(x,t) interacts with quantum particles. The state vector corresponding to each w(x,t) is a realizable state. In this paper, I consider a previously presented model, which is predictively equivalent to CSL. In this completely quantized collapse (CQC) model, the classical random field is quantized. It is represented by the operator W(x,t) which satisfies [W(x,t),W(x{sup '},t{sup '})]=0. The ensemble of realizable states is described by a single state vector, the 'ensemble vector'. Each superposed state which comprises the ensemble vector at time t is the direct product of an eigenstate of W(x,t{sup '}), for all x and for 0{<=}t{sup '}{<=}t, and the CSL state corresponding to that eigenvalue. These states never interfere (they satisfy a superselection rule at any time), they only branch, so the ensemble vector may be considered to be, as Schroedinger put it, a 'catalog' of the realizable states. In this context, many different interpretations (e.g., many worlds, environmental decoherence, consistent histories, modal interpretation) may be satisfactorily applied. Using this description, a long-standing problem is resolved, where the energy comes from the particles gain due to the narrowing of their wave packets by the collapse mechanism. It is shown how to define the energy of the random field and its energy of interaction with particles so that total energy is conserved for the ensemble of realizable states. As a by-product, since the random-field energy spectrum is unbounded, its canonical conjugate, a self-adjoint time operator, can be

  11. Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications

    SciTech Connect

    Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

    2010-05-24

    This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

  12. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is not... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for newly-hired... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer...

  13. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is not... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Security measures for newly-hired... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer...

  14. Computer security is out of balance

    SciTech Connect

    Bush, G.; Brand, R.

    1989-01-31

    System Engineering practices are being applied to Computer Security, but not broadly enough. If we concentrate on only the computer security aspects in our field of computer security, then our focus may be too narrow, and consequently be out of balance. We must examine the complete system that includes the computers, the users, and their environment on the broadest scale possible. As an example of the problem in balance of emphasis, the work being done on Trusted Computer Bases is excellent, but is easily nullified by indifferent users. Our business is the search for weakest links, but that search cannot focus exclusively on just the part of the system that includes the computers. The dambuilding platitude is also relevant to this issue of focus, when the left side team builds their side of the dam higher than the right side team, no additional security (water) is realized. All parts and security programs must be in balance to be effective. 7 refs.

  15. Do healthy food baskets assess food security?

    PubMed

    Nathoo, Tasnim; Shoveller, Jean

    2003-01-01

    Developing indicators to measure the different facets of food security presents numerous conceptual and methodological challenges. This paper adopts an ecological framework to reflect on these issues through an examination of the Healthy Food Basket (HFB) tool. The HFB tool is used to measure food security conditions by determining the cost and availability of a group of foods in a shopping basket across a range of stores in different regions and neighbourhoods. The paper discusses the ability of the HFB tool to describe micro-, meso- and macro-level influences on food security and the use of the ecological model in developing complementary and alternative strategies for understanding and monitoring food security. PMID:12959676

  16. Complete scanpaths analysis toolbox.

    PubMed

    Augustyniak, Piotr; Mikrut, Zbigniew

    2006-01-01

    This paper presents a complete open software environment for control, data processing and assessment of visual experiments. Visual experiments are widely used in research on human perception physiology and the results are applicable to various visual information-based man-machine interfacing, human-emulated automatic visual systems or scanpath-based learning of perceptual habits. The toolbox is designed for Matlab platform and supports infra-red reflection-based eyetracker in calibration and scanpath analysis modes. Toolbox procedures are organized in three layers: the lower one, communicating with the eyetracker output file, the middle detecting scanpath events on a physiological background and the one upper consisting of experiment schedule scripts, statistics and summaries. Several examples of visual experiments carried out with use of the presented toolbox complete the paper. PMID:17945877

  17. Image Zoom Completion.

    PubMed

    Hidane, Moncef; El Gheche, Mireille; Aujol, Jean-Francois; Berthoumieu, Yannick; Deledalle, Charles-Alban

    2016-08-01

    We consider the problem of recovering a high-resolution image from a pair consisting of a complete low-resolution image and a high-resolution but incomplete one. We refer to this task as the image zoom completion problem. After discussing possible contexts in which this setting may arise, we introduce a nonlocal regularization strategy, giving full details concerning the numerical optimization of the corresponding energy and discussing its benefits and shortcomings. We also derive two total variation-based algorithms and evaluate the performance of the proposed methods on a set of natural and textured images. We compare the results and get with those obtained with two recent state-of-the-art single-image super-resolution algorithms. PMID:27249829

  18. Improved secure quantum sealed-bid auction

    NASA Astrophysics Data System (ADS)

    Yang, Yu-Guang; Naseri, Mosayeb; Wen, Qiao-Yan

    2009-10-01

    The security of a secure quantum sealed-bid auction protocol using quantum secure direct communication based on GHZ states [M. Naseri, Opt. Commun. 282 (2009) 1939] is reexamined. It is shown that the protocol does not complete the task of a sealed-bid auction fairly. It is shown that a dishonest bidder can obtain all the other one's secret bids by two special types of attack, i.e., double Controlled NOT attack or using fake entangled particles. Furthermore, a simple possible improvement of the protocol is proposed.

  19. Secure and Efficient Routable Control Systems

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  20. An Open Framework for Low-Latency Communications across the Smart Grid Network

    ERIC Educational Resources Information Center

    Sturm, John Andrew

    2011-01-01

    The recent White House (2011) policy paper for the Smart Grid that was released on June 13, 2011, "A Policy Framework for the 21st Century Grid: Enabling Our Secure Energy Future," defines four major problems to be solved and the one that is addressed in this dissertation is Securing the Grid. Securing the Grid is referred to as one of…

  1. Explaining the Socio-Economic Status School Completion Gap

    ERIC Educational Resources Information Center

    Polidano, Cain; Hanel, Barbara; Buddelmeyer, Hielke

    2013-01-01

    Relatively low rates of school completion among students from low socio-economic backgrounds is a key driver of intergenerational inequality. Linking data from the Programme for International Student Assessment with data from the Longitudinal Survey of Australian Youth, we use a decomposition framework to explain the gap in school completion rates…

  2. New initiatives in materials security

    SciTech Connect

    Cynthia, G.; Jones, Ph.D.

    2008-07-01

    Security Measures (61 Orders issued 1/04, Inspections done); Transportation of Radioactive Material Quantities of Concern (167 Orders Issued 07/05, Inspections done); Orders for Increased Control Measures for other types of sources by categories of licenses (1,098 NRC Orders and 1782 binding State requirements issued by 12/05, Implemented 06/06, Inspections done by NRC and States). Security Inspection Results: All first year Increased Control inspections completed; NRC Information Notice (IN) 2007-16 issued May 2007; Since IN 2007-16 was issued, {approx}50% of the NRC inspections performed resulted in violations; Licensees misinterpreted or incompletely implemented requirements; Common theme: failure to properly document actions or programs when implementing the Increased Controls. Energy Policy Act of 2005: Established Radiation Source Protection and Security Task Force: cooperative effort with 14 Federal agencies, 2 State organizations; Comprehensive analysis of the security of radiation sources in the U.S.; Directed NRC to contract with National Academy of Sciences to conduct a study on radiation source use and replacement; Report to the President and Congress issued 8/06 and every 4 years thereafter. Radiation Source Protection and Security Task Force: Need higher priority on international transport security; Evaluate feasibility of using new and existing technologies to detect and discourage theft during transport; Conduct a feasibility study on the possible phase out of CsCl in highly dispersible forms; Further evaluate potential alternative technologies; Expedite completion of fingerprint requirements in Act. National Source Tracking System: Joint NRC/DOE 2003 report on Radiological Dispersal Devices recommended development of a national source tracking system; IAEA Code of Conduct recommended establishment of a national registry; U.S. Energy Policy Act of 2005 placed requirements for NRC to issue regulations establishing a mandatory tracking system. New

  3. Digital security technology simplified.

    PubMed

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders. PMID:17907609

  4. Project Management Framework to Organizational Transitions

    NASA Technical Reports Server (NTRS)

    Kotnour, Tim; Barton, Saul

    1996-01-01

    This paper describes a project management framework and associated models for organizational transitions. The framework contains an integrated set of steps an organization can take to lead an organizational transition such as downsizing and change in mission or role. The framework is designed to help an organization do the right work the right way with the right people at the right time. The underlying rationale for the steps in the framework is based on a set of findings which include: defining a transition as containing both near-term and long-term actions, designing actions which respond to drivers and achieve desired results, aligning the organization with the external environment, and aligning the internal components of the organization. The framework was developed based on best practices found in the literature, lessons learned from heads of organizations who have completed large-scale organizational changes, and concerns from employees at the Kennedy Space Center (KSC). The framework is described using KSC.

  5. Evaluation Framework for Telemedicine Using the Logical Framework Approach and a Fishbone Diagram

    PubMed Central

    2015-01-01

    Objectives Technological advances using telemedicine and telehealth are growing in healthcare fields, but the evaluation framework for them is inconsistent and limited. This paper suggests a comprehensive evaluation framework for telemedicine system implementation and will support related stakeholders' decision-making by promoting general understanding, and resolving arguments and controversies. Methods This study focused on developing a comprehensive evaluation framework by summarizing themes across the range of evaluation techniques and organized foundational evaluation frameworks generally applicable through studies and cases of diverse telemedicine. Evaluation factors related to aspects of information technology; the evaluation of satisfaction of service providers and consumers, cost, quality, and information security are organized using the fishbone diagram. Results It was not easy to develop a monitoring and evaluation framework for telemedicine since evaluation frameworks for telemedicine are very complex with many potential inputs, activities, outputs, outcomes, and stakeholders. A conceptual framework was developed that incorporates the key dimensions that need to be considered in the evaluation of telehealth implementation for a formal structured approach to the evaluation of a service. The suggested framework consists of six major dimensions and the subsequent branches for each dimension. Conclusions To implement telemedicine and telehealth services, stakeholders should make decisions based on sufficient evidence in quality and safety measured by the comprehensive evaluation framework. Further work would be valuable in applying more comprehensive evaluations to verify and improve the comprehensive framework across a variety of contexts with more factors and participant group dimensions. PMID:26618028

  6. Insert tree completion system

    SciTech Connect

    Brands, K.W.; Ball, I.G.; Cegielski, E.J.; Gresham, J.S.; Saunders, D.N.

    1982-09-01

    This paper outlines the overall project for development and installation of a low-profile, caisson-installed subsea Christmas tree. After various design studies and laboratory and field tests of key components, a system for installation inside a 30-in. conductor was ordered in July 1978 from Cameron Iron Works Inc. The system is designed to have all critical-pressure-containing components below the mudline and, with the reduced profile (height) above seabed, provides for improved safety of satellite underwater wells from damage by anchors, trawl boards, and even icebergs. In addition to the innovative nature of the tree design, the completion includes improved 3 1/2-in. through flowline (TFL) pumpdown completion equipment with deep set safety valves and a dual detachable packer head for simplified workover capability. The all-hydraulic control system incorporates a new design of sequencing valve for both Christmas tree control and remote flowline connection. A semisubmersible drilling rig was used to initiate the first end flowline connection at the wellhead for subsequent tie-in to the prelaid, surface-towed, all-welded subsea pipeline bundle.

  7. Towards Efficient Collaboration in Cyber Security

    SciTech Connect

    Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

    2010-06-03

    Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently— for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

  8. Department of Homeland Security

    MedlinePlus

    ... Content Official website of the Department of Homeland Security Contact Us Quick Links Site Map A-Z ... Requested Pages TSA Pre✓® Active Shooter Preparedness Hometown Security Countering Violent Extremism Forms Combating Human Trafficking Taking ...

  9. Security system signal supervision

    SciTech Connect

    Chritton, M.R. ); Matter, J.C. )

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

  10. Security Research and Safety Aspects in Slovakia

    NASA Astrophysics Data System (ADS)

    Sinay, Juraj

    In 2004 the Slovak Republic joined the European Community. This accession called for changes in the new member state's internal and external processes, as well as the acceptance of the European Community regulatory framework and its implementation in Slovakian national legislation. Even though Slovakia had started with step-by-step integration of specific regulations during accession negotiations, final implementation was only concluded upon admission into the European Community. The process spanned the fields of occupational health and safety (Safety) and civil security (Security), notwithstanding that professionals in these areas had already been working in line with the European legislation.

  11. Beyond complete positivity

    NASA Astrophysics Data System (ADS)

    Dominy, Jason M.; Lidar, Daniel A.

    2016-04-01

    We provide a general and consistent formulation for linear subsystem quantum dynamical maps, developed from a minimal set of postulates, primary among which is a relaxation of the usual, restrictive assumption of uncorrelated initial system-bath states. We describe the space of possibilities admitted by this formulation, namely that, far from being limited to only completely positive (CP) maps, essentially any C-linear, Hermiticity-preserving, trace-preserving map can arise as a legitimate subsystem dynamical map from a joint unitary evolution of a system coupled to a bath. The price paid for this added generality is a trade-off between the set of admissible initial states and the allowed set of joint system-bath unitary evolutions. As an application, we present a simple example of a non-CP map constructed as a subsystem dynamical map that violates some fundamental inequalities in quantum information theory, such as the quantum data processing inequality.

  12. Completely bootstrapped tokamak

    SciTech Connect

    Weening, R.H. ); Boozer, A.H. )

    1992-01-01

    Numerical simulations of the evolution of large-scale magnetic fields have been developed using a mean-field Ohm's law. The Ohm's law is coupled to a {Delta}{prime} stabilty analysis and a magnetic island growth equation in order to simulate the behavior of tokamak plasmas that are subject to tearing modes. In one set of calculations, the magnetohydrodynamic (MHD)-stable regime of the tokamak is examined via the construction of an {ital l}{sub {ital i}} -{ital q}{sub {ital a}} diagram. The results confirm previous calculations that show that tearing modes introduce a stability boundary into the {ital l}{sub {ital i}} -{ital q}{sub {ital a}} space. In another series of simulations, the interaction between tearing modes and the bootstrap current is investigated. The results indicate that a completely bootstrapped tokamak may be possible, even in the absence of any externally applied loop voltage or current drive.

  13. Designing Ensemble Based Security Framework for M-Learning System

    ERIC Educational Resources Information Center

    Mahalingam, Sheila; Abdollah, Mohd Faizal; bin Sahibuddin, Shahrin

    2014-01-01

    Mobile Learning has a potential to improve efficiency in the education sector and expand educational opportunities to underserved remote area in higher learning institutions. However there are multi challenges in different altitude faced when introducing and implementing m-learning. Despite the evolution of technology changes in education,…

  14. Security: Progress and Challenges

    ERIC Educational Resources Information Center

    Luker, Mark A.

    2004-01-01

    The Homepage column in the March/April 2003 issue of "EDUCAUSE Review" explained the national implication of security vulnerabilities in higher education and the role of the EDUCAUSE/Internet2 Computer and Network Security Task Force in representing the higher education sector in the development of the National Strategy to Secure Cyberspace. Among…

  15. Making Schools More Secure.

    ERIC Educational Resources Information Center

    Grealy, Joseph I.

    The president of the National Association of School Security Directors, citing many specific incidents of school vandalism and personal assault and battery, states that the safety and security of school personnel and facilities are necessary requirements for effective education. The author's approach to a school security program is to determine…

  16. School Violence: Physical Security.

    ERIC Educational Resources Information Center

    Utah State Office of Education, Salt Lake City.

    This booklet provides an overview of security technology product areas that might be appropriate and affordable for school applications. Topics cover security concepts and operational issues; security issues when designing for new schools; the role of maintenance; video camera use; walk-through metal detectors; duress alarm devices; and a partial…

  17. Homeland Security and Information.

    ERIC Educational Resources Information Center

    Relyea, Harold C.

    2002-01-01

    Reviews the development of two similar policy concepts, national security and internal security, before exploring the new phrase homeland security that has become popular since the September 11 terrorist attacks. Discusses the significance of each for information policy and practice. (Author/LRW)

  18. Selecting Security Technology Providers

    ERIC Educational Resources Information Center

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  19. Integrating Intelligence for Border Security

    SciTech Connect

    Anderson, Dale N. ); Thompson, Sandra E. ); Wilhelm, Charles E. E.; Wogman, Ned A. )

    2004-02-04

    Effective utilization of all available intelligence, including sensor signatures and situational awareness is a key objective in homeland security. Binding all sources of information into an objective and lucid decision algorithm can provide clarity to identify signatures that are strongly and uniquely indicative of terrorist activities, thus reducing false alarms that conjure images of profiling and concerns regarding our civil rights. The fundamental premise of this paper is that the optimal integration of situational awareness, intelligence and hard sensor signatures should begin at the field level and work backward, that is, begin with the desired outcome and work backward. Construction of in-the-field algorithms with these characteristics will necessarily be dominated by careful mathematical and scientific thought as opposed to purely empirical, unguided data analysis. The research and development (R and D) effort for optimal decision algorithm construction naturally encourages homeland security communication at all operational levels including that between scientists, intelligence analysts, government leadership and the private sector. Why? Because decisions have consequences that impact all stakeholders, and a formal decision framework is capable of quantifying these consequences. A properly constructed framework naturally includes mathematical plug-in points for hard sensor data, intelligence and situational awareness. These plug-in points naturally guide the formulation of information to a common standard, thus facilitating and promoting intelligence sharing. A well established foundation to build these frameworks at the in-the-field and strategic level can be found in a body of theory in mathematical statistics -Bayesian decision sciences. We assert that decision algorithms with these characteristics are necessary for optimal front line operational capabilities in the war on terrorism.

  20. Second generation registry framework

    PubMed Central

    2014-01-01

    Background Information management systems are essential to capture data be it for public health and human disease, sustainable agriculture, or plant and animal biosecurity. In public health, the term patient registry is often used to describe information management systems that are used to record and track phenotypic data of patients. Appropriate design, implementation and deployment of patient registries enables rapid decision making and ongoing data mining ultimately leading to improved patient outcomes. A major bottleneck encountered is the static nature of these registries. That is, software developers are required to work with stakeholders to determine requirements, design the system, implement the required data fields and functionality for each patient registry. Additionally, software developer time is required for ongoing maintenance and customisation. It is desirable to deploy a sophisticated registry framework that can allow scientists and registry curators possessing standard computing skills to dynamically construct a complete patient registry from scratch and customise it for their specific needs with little or no need to engage a software developer at any stage. Results This paper introduces our second generation open source registry framework which builds on our previous rare disease registry framework (RDRF). This second generation RDRF is a new approach as it empowers registry administrators to construct one or more patient registries without software developer effort. New data elements for a diverse range of phenotypic and genotypic measurements can be defined at any time. Defined data elements can then be utilised in any of the created registries. Fine grained, multi-level user and workgroup access can be applied to each data element to ensure appropriate access and data privacy. We introduce the concept of derived data elements to assist the data element standards communities on how they might be best categorised. Conclusions We introduce the

  1. [Several problems in ecological security assessment research].

    PubMed

    Wang, Genxu; Cheng, Guodong; Qian, Ju

    2003-09-01

    Ecological security assessment is the identification and judgment of ecosystem completeness and sustainable ability to maintain ecosystem health under all kinds of risks, the core contents of which are ecological risk assessment and ecological health assessment. Ecological risk identification and ecological vulnerability are the composing elements of ecological risk assessment, while ecological health includes three aspects, i.e., ecological completeness, ecosystem vigor, and ecosystem resilience. In the studies of ecological security assessment, the rational combination of ecological risk and ecological health, and the establishment of integrated measure index system based on confirming spatial scale are needed. At present, risk factor identification index, exposure analysis index, and influence (response) analysis index are the broader construction systems of ecological risk index. Nevertheless, on the basis of the classification of EDI, REI and IRI, the method of superimposing exposure analysis index may be the development direction of establishing index system in the future. Among the methods of quantificational assessment, exposure-response analysis was one of the most extensive method used at present, but ecological model method to assess different-scale ecological security will be the main development field, and focused on the security of ecological processes in the future. Ecological security assessment must be intergraded with ecological prediction, security guarantee and management. PMID:14733019

  2. An Assessment of Integrated Health Management Frameworks

    SciTech Connect

    Lybeck, Nancy; Coble, Jamie B.; Tawfik, Magdy; Bond, Leonard J.

    2012-05-18

    In order to meet the ever increasing demand for energy, the United States nuclear industry is turning to life extension of existing nuclear power plants (NPPs). Economically ensuring the safe, secure, and reliable operation of aging NPPs presents many challenges. The 2009 Light Water Reactor Sustainability Workshop identified online monitoring of active and structural components as essential to better understanding and management of the challenges posed by aging NPPs. Additionally, there is increasing adoption of condition-based maintenance (CBM) for active components in NPPs. These techniques provide a foundation upon which a variety of advanced online surveillance, diagnostic, and prognostic techniques can be deployed to continuously monitor and assess the health of NPP systems and components. The next step in the development of advanced online monitoring is to move beyond CBM to estimating the remaining useful life of active components using prognostic tools. Deployment of prognostic health management (PHM) on the scale of an NPP requires the use of an integrated health management (IHM) framework - a software product (or suite of products) used to manage the necessary elements needed for a complete implementation of online monitoring and prognostics. This paper provides a thoughtful look at the desirable functions and features of IHM architectures. A full PHM system involves several modules, including data acquisition, system modeling, fault detection, fault diagnostics, system prognostics, and advisory generation (operations and maintenance planning). The standards applicable to PHM applications are indentified and summarized. A list of evaluation criteria for PHM software products, developed to ensure scalability of the toolset to an environment with the complexity of an NPP, is presented. Fourteen commercially available PHM software products are identified and classified into four groups: research tools, PHM system development tools, deployable architectures

  3. Computer Security Systems Enable Access.

    ERIC Educational Resources Information Center

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  4. Balancing Security and Learning. School Security Supplement.

    ERIC Educational Resources Information Center

    Kennedy, Mike

    2002-01-01

    Discusses ways to provide vital safety to schools without inhibiting the learning environment for students. Describes security efforts at Orange County, Florida schools, such as using video cameras, school police officers, and access-control systems. (EV)

  5. Quantum coin flipping secure against channel noises

    NASA Astrophysics Data System (ADS)

    Zhang, Sheng; Zhang, Yuexin

    2015-08-01

    So far, most existing single-shot quantum coin flipping (QCF) protocols have failed in a noisy quantum channel. Here, we present a nested-structure framework that makes it possible to achieve partially noise-tolerant QCF, due to a trade-off between the security and the justice correctness. It is showed that noise-tolerant single-shot QCF protocols can be produced by filling the presented framework up with existing or even future protocols. We also proved a lower bound of 0.25, with which a cheating Alice or Bob could bias the outcome.

  6. Securing collaborative environments

    SciTech Connect

    Agarwal, Deborah; Jackson, Keith; Thompson, Mary

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  7. Component-Based Security Policy Design with Colored Petri Nets

    NASA Astrophysics Data System (ADS)

    Huang, Hejiao; Kirchner, Hélène

    Security policies are one of the most fundamental elements of computer security. This paper uses colored Petri net process (CPNP) to specify and verify security policies in a modular way. It defines fundamental policy properties, i.e., completeness, termination, consistency and confluence, in Petri net terminology and gets some theoretical results. According to XACML combiners and property-preserving Petri net process algebra (PPPA), several policy composition operators are specified and property-preserving results are stated for the policy correctness verification.

  8. Motivations for providing a secure base: links with attachment orientation and secure base support behavior.

    PubMed

    Feeney, Brooke C; Collins, Nancy L; Van Vleet, Meredith; Tomlinson, Jennifer M

    2013-01-01

    This investigation examined the importance of underlying motivations in predicting secure base support behavior, as well as the extent to which support motivations are predicted by individual differences in attachment orientation. Participants were 189 married couples who participated in two laboratory sessions. During a questionnaire session, couples completed assessments of their underlying motivations for providing, and for not providing, support for their partner's exploration (i.e., goal-strivings), as well as assessments of their typical secure base support behavior. In an observational session, couples engaged in a discussion of one member's personal goals, during which the partner's secure base support was assessed. Results revealed a variety of distinct motivations for providing, and for not providing, secure base support to one's partner, as well as theoretically expected links between these motivations and both secure base behavior and attachment orientation. This work establishes motivations as important mechanisms that underlie the effective or ineffective provision of relational support. PMID:23581972

  9. Supervisor security provision: correlates and related mechanisms.

    PubMed

    Lavy, Shiri

    2014-06-01

    Attachment security in relationships is associated with several positive outcomes. Recently, researchers have applied attachment theory to employee-supervisor relationships. Two studies examined associations of supervisors' provision of attachment-related security with work-related outcomes and related underlying mechanisms. Participants completed measures of their supervisors' security provisions and of their own job satisfaction, organizational commitment, burnout, and performance. Supervisors' security provisions were associated with positive work-related outcomes, which were mediated by closeness behaviors (Study 1; N = 150, M age = 33.3 yr., SD = 9.6). These associations were also mediated by employees' sense of meaning at work when the supervisor was of the same sex (Study 2; N = 120, M age = 26.5 yr., SD = 5.0). Findings supported attachment-related dynamics in employee-supervisor relationships and suggested psychological mechanisms underlying these effects. PMID:25074301

  10. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  11. Towards Changes in Information Security Education

    ERIC Educational Resources Information Center

    Hentea, Mariana; Dhillon, Harpal S.; Dhillon, Manpreet

    2006-01-01

    Despite a variety of Information Security Assurance (ISA) curricula and diverse educational models, universities often fail to provide their graduates with skills demanded by employers. There is a big discrepancy between the levels of skills expected by employers and those the graduates have after completing their studies. The authors compare the…

  12. 10 CFR 54.13 - Completeness and accuracy of information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... FOR NUCLEAR POWER PLANTS General Provisions § 54.13 Completeness and accuracy of information. (a... implication for public health and safety or common defense and security. An applicant violates this paragraph... as having a significant implication for public health and safety or common defense and...

  13. What is Security? A perspective on achieving security

    SciTech Connect

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  14. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  15. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  16. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  17. Elementary Integrated Curriculum Framework

    ERIC Educational Resources Information Center

    Montgomery County Public Schools, 2010

    2010-01-01

    The Elementary Integrated Curriculum (EIC) Framework is the guiding curriculum document for the Elementary Integrated Curriculum and represents the elementary portion of the Montgomery County (Maryland) Public Schools (MCPS) Pre-K-12 Curriculum Frameworks. The EIC Framework contains the detailed indicators and objectives that describe what…

  18. Choices, Frameworks and Refinement

    NASA Technical Reports Server (NTRS)

    Campbell, Roy H.; Islam, Nayeem; Johnson, Ralph; Kougiouris, Panos; Madany, Peter

    1991-01-01

    In this paper we present a method for designing operating systems using object-oriented frameworks. A framework can be refined into subframeworks. Constraints specify the interactions between the subframeworks. We describe how we used object-oriented frameworks to design Choices, an object-oriented operating system.

  19. Computer security plan development using an expert system

    SciTech Connect

    Hunteman, W.J. ); Evans, R.; Brownstein, M.; Chapman, L. )

    1990-01-01

    The Computer Security Plan Assistant (SPA) is an expert system for reviewing Department of Energy (DOE) Automated Data Processing (ADP) Security Plans. DOE computer security policies require ADP security plans to be periodically reviewed and updated by all DOE sites. SPA is written in XI-Plus, an expert system shell. SPA was developed by BDM International, Inc., under sponsorship by the DOE Center for Computer Security at Los Alamos National Laboratory. SPA runs on an IBM or compatible personal computer. It presents a series of questions about the ADP security plan being reviewed. The SPA user references the ADP Security Plan and answers the questions. The SPA user reviews each section of the security plan, in any order, until all sections have been reviewed. The SPA user can stop the review process after any section and restart later. A Security Plan Review Report is available after the review of each section of the Security Plan. The Security Plan Review Report gives the user a written assessment of the completeness of the ADP Security Plan. SPA is being tested at Los Alamos and will soon be available to the DOE community.

  20. PACS image security server

    NASA Astrophysics Data System (ADS)

    Cao, Fei; Huang, H. K.

    2004-04-01

    Medical image security in a PACS environment has become a pressing issue as communications of images increasingly extends over open networks, and hospitals are currently hard-pushed by Health Insurance Portability and Accountability Act (HIPAA) to be HIPPA complaint for ensuring health data security. Other security-related guidelines and technical standards continue bringing to the public attention in healthcare. However, there is not an infrastructure or systematic method to implement and deploy these standards in a PACS. In this paper, we first review DICOM Part15 standard for secure communications of medical images and the HIPAA impacts on PACS security, as well as our previous works on image security. Then we outline a security infrastructure in a HIPAA mandated PACS environment using a dedicated PACS image security server. The server manages its own database of all image security information. It acts as an image Authority for checking and certificating the image origin and integrity upon request by a user, as a secure DICOM gateway to the outside connections and meanwhile also as a PACS operation monitor for HIPAA supporting information.

  1. A Highly Secure Mobile Agent System Architecture

    NASA Astrophysics Data System (ADS)

    Okataku, Yasukuni; Okutomi, Hidetoshi; Yoshioka, Nobukazu; Ohgishi, Nobuyuki; Honiden, Shinichi

    We propose a system architecture for mobile agents to improve their security in the environments of insecure networks and non-sophisticated terminals such as PDAs. As mobile agents freely migrate onto their favorite terminals through insecure networks or terminals, it is not appropriate for them to store some secret information for authentication and encryption/decryption. We introduce one and more secure nodes(OASIS NODE) for securely generating and verifying authentication codes. The each agent’s data are encrypted by a pseudo-chaos cipher mechanism which doesn’t need any floating processing co-processor. We’ve constructed a prototype system on a Java mobile agent framework, “Bee-gent" which implements the proposed authentication and cipher mechanisms, and evaluated their performances and their applicability to business fields such as an auction system by mobile agents.

  2. A conceptual framework of bonding.

    PubMed

    Gay, J

    1981-01-01

    Nurses involved in maternal-infant child care should objectively analyze any tools that purport to measure attachment and/or bonding. Has the author adequately defined the terms? Are directions given for making concepts operational for the practicing nurse? What are the foundations for placing values on parental behaviors? Do deviant parental behaviors reflect poor attachment or bonding, or are such behaviors merely indicative of limited parental opportunities for acquaintance? The presentation of of any conceptual framework should not be considered complete without empirical testing. Such testing and peer critique of a framework are essential fro any theory of bonding to evolve. With further research into the parental-child relationship, nurses can learn to provide adequate care for facilitating the bonding process in families. PMID:6913616

  3. Standard Agent Framework 1

    SciTech Connect

    Goldsmith, Steven Y.

    1999-04-06

    The Standard Agent framework provides an extensible object-oriented development environment suitable for use in both research and applications projects. The SAF provides a means for constructing and customizing multi-agent systems through specialization of standard base classes (architecture-driven framework) and by composition of component classes (data driven framework). The standard agent system is implemented as an extensible object-centerd framework. Four concrete base classes are developed: (1) Standard Agency; (2) Standard Agent; (3) Human Factor, and (4) Resources. The object-centered framework developed and utilized provides the best comprimise between generality and flexibility available in agent development systems today.

  4. The strategic security officer.

    PubMed

    Hodges, Charles

    2014-01-01

    This article discusses the concept of the strategic security officer, and the potential that it brings to the healthcare security operational environment. The author believes that training and development, along with strict hiring practices, can enable a security department to reach a new level of professionalism, proficiency and efficiency. The strategic officer for healthcare security is adapted from the "strategic corporal" concept of US Marine Corps General Charles C. Krulak which focuses on understanding the total force implications of the decisions made by the lowest level leaders within the Corps (Krulak, 1999). This article focuses on the strategic organizational implications of every security officer's decisions in the constantly changing and increasingly volatile operational environment of healthcare security. PMID:24707753

  5. 77 FR 33753 - Privacy Act of 1974; Department of Homeland Security, U.S. Customs and Border Protection, DHS/CBP...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-06-07

    ...In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to establish a new Department of Homeland Security system of records titled, ``Department of Homeland Security, U.S. Customs and Border Protection, DHS/CBP--017 Analytical Framework for Intelligence (AFI) System of Records.'' This system of records will allow the Department of Homeland Security/U.S.......

  6. Student Right-To-Know Completion Rates. Research Brief RB94-2.

    ERIC Educational Resources Information Center

    Prince George's Community Coll., Largo, MD. Office of Institutional Research and Analysis.

    The Student Right-to-Know and Campus Security Act requires institutions of higher education to disclose information about graduation and completion rates to current and prospective students. To be counted as a completion, a student must have graduated or transferred to a higher-level program within 150% of the normal time of completion, and have…

  7. Addressing Software Security

    NASA Technical Reports Server (NTRS)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  8. Beyond grid security

    NASA Astrophysics Data System (ADS)

    Hoeft, B.; Epting, U.; Koenig, T.

    2008-07-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

  9. OpenMDAO Framework Status

    NASA Technical Reports Server (NTRS)

    Naiman, Cynthia Gutierrez

    2010-01-01

    Advancing and exploring the science of Multidisciplinary Analysis & Optimization (MDAO) capabilities are high-level goals in the Fundamental Aeronautics Program s Subsonic Fixed Wing (SFW) project. The OpenMDAO team has made significant progress toward completing the Alpha OpenMDAO deliverable due in September 2010. Included in the presentation are: details of progress on developing the OpenMDAO framework, example usage of OpenMDAO, technology transfer plans, near term plans, progress toward establishing partnerships with external parties, and discussion of additional potential collaborations.

  10. The Price of Uncertainty in Security Games

    NASA Astrophysics Data System (ADS)

    Grossklags, Jens; Johnson, Benjamin; Christin, Nicolas

    In the realm of information security, lack of information about other users' incentives in a network can lead to inefficient security choices and reductions in individuals' payoffs. We propose, contrast and compare three metrics for measuring the price of uncertainty due to the departure from the payoff-optimal security outcomes under complete information. Per the analogy with other efficiency metrics, such as the price of anarchy, we define the price of uncertainty as the maximum discrepancy in expected payoff in a complete information environment versus the payoff in an incomplete information environment. We consider difference, payoffratio, and cost-ratio metrics as canonical nontrivial measurements of the price of uncertainty. We conduct an algebraic, numerical, and graphical analysis of these metrics applied to different well-studied security scenarios proposed in prior work (i.e., best shot, weakest-link, and total effort). In these scenarios, we study how a fully rational expert agent could utilize the metrics to decide whether to gather information about the economic incentives of multiple nearsighted and naïve agents. We find substantial differences between the various metrics and evaluate the appropriateness for security choices in networked systems.

  11. 49 CFR 1542.201 - Security of the secured area.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 9 2013-10-01 2013-10-01 false Security of the secured area. 1542.201 Section 1542.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT...

  12. 49 CFR 1542.201 - Security of the secured area.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security of the secured area. 1542.201 Section 1542.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT...

  13. 49 CFR 1542.201 - Security of the secured area.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security of the secured area. 1542.201 Section 1542.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT...

  14. 49 CFR 1542.201 - Security of the secured area.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Security of the secured area. 1542.201 Section 1542.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT...

  15. Center for computer security: Computer Security Group conference. Summary

    SciTech Connect

    Not Available

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  16. 50 CFR 86.101 - What is the Service schedule to adopt the National Framework?

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... National Framework? 86.101 Section 86.101 Wildlife and Fisheries UNITED STATES FISH AND WILDLIFE SERVICE... INFRASTRUCTURE GRANT (BIG) PROGRAM Service Completion of the National Framework § 86.101 What is the Service schedule to adopt the National Framework? The Secretary of the Interior adopted the National Framework...

  17. Corporate strategic plan for safeguards and security

    SciTech Connect

    1997-06-01

    Department of Energy (DOE) safeguards and security (S and S) is a team effort, consisting of Field, National Laboratories, Program Office, and Headquarters units cooperating to support the Department`s diverse security needs. As an integral part of the nation`s security structure, the DOE S and S Program regularly supports and works in cooperation with other US Government agencies and private industry to improve the national security posture. Thus, inter- and intra-agency partnerships play an invaluable role in the continuing efforts to integrate and implement improved ways of doing business. Their Corporate Strategic Plan provides a road map to guide, track, and provide feedback for the incorporation and implementation of S and S activities within DOE. Part 1 Planning Framework, describes those overarching factors which influence the planning endeavors. Part 2, Strategic Perspective, outlines where the S and S Program has been and how they will move to the future through core competencies, changing cultural thinking, and implementing their strategies. Part 3, Strategic and Operational Integration, details critical focus areas, strategies, and success indicators designed to enhance inter-agency S and S integration and promote cooperation with external agencies. This Plan will be reviewed annually to ensure it remains supportive and fully-engaged with the nation`s and international security environments.

  18. Selecting RMF Controls for National Security Systems

    SciTech Connect

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  19. Bio-Inspired Cyber Security for Smart Grid Deployments

    SciTech Connect

    McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

    2013-05-01

    mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

  20. Hydrological extremes and security

    NASA Astrophysics Data System (ADS)

    Kundzewicz, Z. W.; Matczak, P.

    2015-04-01

    Economic losses caused by hydrological extremes - floods and droughts - have been on the rise. Hydrological extremes jeopardize human security and impact on societal livelihood and welfare. Security can be generally understood as freedom from threat and the ability of societies to maintain their independent identity and their functional integrity against forces of change. Several dimensions of security are reviewed in the context of hydrological extremes. The traditional interpretation of security, focused on the state military capabilities, has been replaced by a wider understanding, including economic, societal and environmental aspects that get increasing attention. Floods and droughts pose a burden and serious challenges to the state that is responsible for sustaining economic development, and societal and environmental security. The latter can be regarded as the maintenance of ecosystem services, on which a society depends. An important part of it is water security, which can be defined as the availability of an adequate quantity and quality of water for health, livelihoods, ecosystems and production, coupled with an acceptable level of water-related risks to people, environments and economies. Security concerns arise because, over large areas, hydrological extremes - floods and droughts - are becoming more frequent and more severe. In terms of dealing with water-related risks, climate change can increase uncertainties, which makes the state's task to deliver security more difficult and more expensive. However, changes in population size and development, and level of protection, drive exposure to hydrological hazards.

  1. Addressing Information Security Risk

    ERIC Educational Resources Information Center

    Qayoumi, Mohammad H.; Woody, Carol

    2005-01-01

    Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…

  2. Network Security Is Manageable

    ERIC Educational Resources Information Center

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  3. School Safety and Security.

    ERIC Educational Resources Information Center

    California State Dept. of Education, Sacramento.

    This document offers additional guidelines for school facilities in California in the areas of safety and security, lighting, and cleanliness. It also offers a description of technology resources available on the World Wide Web. On the topic of safety and security, the document offers guidelines in the areas of entrances, doors, and controlled…

  4. Water Security Toolkit

    Energy Science and Technology Software Center (ESTSC)

    2012-09-11

    The Water Security Toolkit (WST) provides software for modeling and analyzing water distribution systems to minimize the potential impact of contamination incidents. WST wraps capabilities for contaminant transport, impact assessment, and sensor network design with response action plans, including source identification, rerouting, and decontamination, to provide a range of water security planning and real-time applications.

  5. Incidents of Security Concern

    SciTech Connect

    Atencio, Julian J.

    2014-05-01

    This presentation addresses incidents of security concern and an incident program for addressing them. It addresses the phases of an inquiry, and it divides incidents into categories based on severity and interest types based on whether security, management, or procedural interests are involved. A few scenarios are then analyzed according to these breakdowns.

  6. School Security, 2000.

    ERIC Educational Resources Information Center

    Agron, Joe, Ed.; Anderson, Larry, Ed.

    This supplement, a collaboration of "American School & University" and "Access Control & Security Systems Integration" magazines, presents four articles examining equipment and management strategies to ensure school safety. "School Security by the Numbers" (Joe Agron; Larry Anderson) defines the parameters and quantifies the trend in the school…

  7. NSI security task: Overview

    NASA Technical Reports Server (NTRS)

    Tencati, Ron

    1991-01-01

    An overview is presented of the NASA Science Internet (NSI) security task. The task includes the following: policies and security documentation; risk analysis and management; computer emergency response team; incident handling; toolkit development; user consulting; and working groups, conferences, and committees.

  8. School Security Technologies

    ERIC Educational Resources Information Center

    Schneider, Tod

    2010-01-01

    Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

  9. Technology's Role in Security.

    ERIC Educational Resources Information Center

    Day, C. William

    1999-01-01

    Examines the use of technology to bolster the school security system, tips on selecting a security consultant, and several basic strategies to make buildings and grounds safer. Technological ideas discussed include the use of telephones in classrooms to expedite care in emergency situations, surveillance cameras to reduce crime, and metal…

  10. Secure video communications system

    DOEpatents

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  11. CIOs Uncensored: Security Smarts.

    SciTech Connect

    Johnson, Gerald R.

    2008-02-25

    This commentary for the CIOs Uncensored section of InformationWeek will discuss PNNL’s “defense in depth” approach to cyber security. It will cover external and internal safeguards, as well as the all-important role of employees in the cyber security equation. For employees are your greatest vulnerability – and your last line of defense.

  12. The Remote Security Station (RSS) final report

    SciTech Connect

    Pletta, J.B.; Amai, W.A.; Klarer, P.; Frank, D.; Carlson, J.; Byrne, R.

    1992-10-01

    The Remote Security Station (RSS) was developed by Sandia National Laboratories for the Defense Nuclear Agency to investigate issues pertaining to robotics and sensor fusion in physical security systems. This final report documents the status of the RSS program at its completion in April 1992. The RSS system consists of the Man Portable Security Station (MaPSS) and the Telemanaged Mobile Security Station (TMSS), which are integrated by the Operator's Control Unit (OCU) into a flexible exterior perimeter security system. The RSS system uses optical, infrared, microwave, and acoustic intrusion detection sensors in conjunction with sensor fusion techniques to increase the probability of detection and to decrease the nuisance alarm rate of the system. Major improvements to the system developed during the final year are an autonomous patrol capability, which allows TMSS to execute security patrols with limited operator interaction, and a neural network approach to sensor fusion, which significantly improves the system's ability to filter out nuisance alarms due to adverse weather conditions.

  13. The Remote Security Station (RSS) final report

    SciTech Connect

    Pletta, J.B.; Amai, W.A.; Klarer, P.; Frank, D.; Carlson, J.; Byrne, R.

    1992-10-01

    The Remote Security Station (RSS) was developed by Sandia National Laboratories for the Defense Nuclear Agency to investigate issues pertaining to robotics and sensor fusion in physical security systems. This final report documents the status of the RSS program at its completion in April 1992. The RSS system consists of the Man Portable Security Station (MaPSS) and the Telemanaged Mobile Security Station (TMSS), which are integrated by the Operator`s Control Unit (OCU) into a flexible exterior perimeter security system. The RSS system uses optical, infrared, microwave, and acoustic intrusion detection sensors in conjunction with sensor fusion techniques to increase the probability of detection and to decrease the nuisance alarm rate of the system. Major improvements to the system developed during the final year are an autonomous patrol capability, which allows TMSS to execute security patrols with limited operator interaction, and a neural network approach to sensor fusion, which significantly improves the system`s ability to filter out nuisance alarms due to adverse weather conditions.

  14. Biometric template transformation: a security analysis

    NASA Astrophysics Data System (ADS)

    Nagar, Abhishek; Nandakumar, Karthik; Jain, Anil K.

    2010-01-01

    One of the critical steps in designing a secure biometric system is protecting the templates of the users that are stored either in a central database or on smart cards. If a biometric template is compromised, it leads to serious security and privacy threats because unlike passwords, it is not possible for a legitimate user to revoke his biometric identifiers and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key. Only the transformed template is stored and matching is performed directly in the transformed domain. In this paper, we formally investigate the security strength of template transformation techniques and define six metrics that facilitate a holistic security evaluation. Furthermore, we analyze the security of two wellknown template transformation techniques, namely, Biohashing and cancelable fingerprint templates based on the proposed metrics. Our analysis indicates that both these schemes are vulnerable to intrusion and linkage attacks because it is relatively easy to obtain either a close approximation of the original template (Biohashing) or a pre-image of the transformed template (cancelable fingerprints). We argue that the security strength of template transformation techniques must consider also consider the computational complexity of obtaining a complete pre-image of the transformed template in addition to the complexity of recovering the original biometric template.

  15. Network systems security analysis

    NASA Astrophysics Data System (ADS)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  16. Indirection and computer security.

    SciTech Connect

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  17. International Nuclear Security

    SciTech Connect

    Doyle, James E.

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  18. Privacy and Security: A Bibliography.

    ERIC Educational Resources Information Center

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  19. Electronic patient self-assessment and management (SAM): a novel framework for cancer survivorship

    PubMed Central

    2010-01-01

    Background We propose a novel framework for management of cancer survivorship: electronic patient Self-Assessment and Management (SAM). SAM is a framework for transfer of information to and from patients in such a way as to increase both the patient's and the health care provider's understanding of the patient's progress, and to help ensure that patient care follows best practice. Methods Patients who participate in the SAM system are contacted by email at regular intervals and asked to complete validated questionnaires online. Patient responses on these questionnaires are then analyzed in order to provide patients with real-time, online information about their progress and to provide them with tailored and standardized medical advice. Patient-level data from the questionnaires are ported in real time to the patient's health care provider to be uploaded to clinic notes. An initial version of SAM has been developed at Memorial Sloan-Kettering Cancer Center (MSKCC) and the University of California, San Francisco (UCSF) for aiding the clinical management of patients after surgery for prostate cancer. Results Pilot testing at MSKCC and UCSF suggests that implementation of SAM systems are feasible, with no major problems with compliance (> 70% response rate) or security. Conclusion SAM is a conceptually simple framework for passing information to and from patients in such a way as to increase both the patient's and the health care provider's understanding of the patient's progress, and to help ensure that patient care follows best practice. PMID:20565745

  20. Assessing Quality of Data Standards: Framework and Illustration Using XBRL GAAP Taxonomy

    NASA Astrophysics Data System (ADS)

    Zhu, Hongwei; Wu, Harris

    The primary purpose of data standards or metadata schemas is to improve the interoperability of data created by multiple standard users. Given the high cost of developing data standards, it is desirable to assess the quality of data standards. We develop a set of metrics and a framework for assessing data standard quality. The metrics include completeness and relevancy. Standard quality can also be indirectly measured by assessing interoperability of data instances. We evaluate the framework using data from the financial sector: the XBRL (eXtensible Business Reporting Language) GAAP (Generally Accepted Accounting Principles) taxonomy and US Securities and Exchange Commission (SEC) filings produced using the taxonomy by approximately 500 companies. The results show that the framework is useful and effective. Our analysis also reveals quality issues of the GAAP taxonomy and provides useful feedback to taxonomy users. The SEC has mandated that all publicly listed companies must submit their filings using XBRL. Our findings are timely and have practical implications that will ultimately help improve the quality of financial data.

  1. Yield threshold decision framework

    SciTech Connect

    Judd, B.R.; Younker, L.W.; Hannon, W.J.

    1989-08-17

    The USA is developing a decision analysis framework for evaluating the relative value of lower yield thresholds and related verification policies. The framework facilitates systematic analysis of the major issues in the yield threshold decision. The framework can be used to evaluate options proposed either in the inter-agency process or in the negotiations. In addition, the framework can measure the importance of uncertainties and alternative judgments, and thereby determine the advantages of additional research. Since the model is explicit and quantitative, it provides a rational, defensible approach for reaching important treaty and verification decisions. 9 figs.

  2. 76 FR 39884 - Aviation Security Advisory Committee

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-07-07

    ... SECURITY Aviation Security Advisory Committee AGENCY: Transportation Security Administration, DHS. ACTION... Security Administration (TSA) announces the re-establishment of the Aviation Security Advisory Committee (ASAC). The Secretary of Homeland Security has determined that the re- establishment of ASAC...

  3. Multimodal Biometrics and Multilayered IDM for Secure Authentication

    NASA Astrophysics Data System (ADS)

    Rashed, Abdullah; Santos, Henrique

    In the Electronic Society (e-world) users are represented by a set of data called Digital Identity (ID), which they must use for authentication purposes. Within the e-world it is certainly risky to lose the identity and this security threat must be ranking with the highest priority, forcing a solution that provides an amenable usage of digital identity. Efficient protection of the digital identity would also encourage users to enter the digital world without worries. Security needs to provide the necessary identity management (IDM) process to mitigate that threat. This paper gives an overview of IDM and suggests a framework that can be particularly useful for a secure user authentication. The proposed model appears as a multi-layered security approach, since it tries to integrate different security technologies and multimodal biometrics tools and practices, such as police, procedures, guidelines, standards and legislation. The advantages, limitations and requirements of the proposed model are discussed.

  4. SOA Security Aspects in Web-based Architectural Design

    NASA Astrophysics Data System (ADS)

    Shaikh, Asadullah; Ali, Shccraz; Memon, Nasrullah; Karampelas, Panagiotis

    Distributed web-based applications have been progressively increasing in number and scale over the past decades. There is an intensification of the need for security frameworks in the era of web-based applications when wc refer to distributed tclcmcdicinc interoperability architectures. In contrast. Service Oriented Architecture (SOA) is gaining popularity day by day when wc specially consider the web applications. SOA is playing a major role to maintain the security standards of distributed applications. This paper proposes a secure web-based architectural design by using the standards of SOA for distributed web application that maintains the interoperability and data integration through certain secure channels. Wc have created CRUD (Create, Read, Update, Delete) operations that has an implication on our own created web services and wc propose a secure architecture that is implemented on CRUD operations.

  5. Exploring Robust and Resilient Pathways to Water Security (Invited)

    NASA Astrophysics Data System (ADS)

    Brown, C. M.

    2013-12-01

    Lack of water security and the resultant cumulative effects of water-related hazards are understood to hinder economic growth throughout the world. Traditional methods for achieving water security as exemplified in the industrialized world have exerted negative externalities such as degradation of aquatic ecosystems. There is also growing concern that such methods may not be robust to climate variability change. It has been proposed that alternative pathways to water security must be followed in the developing world. However, it is not clear such pathways currently exist and there is an inherent moral hazard in such recommendations. This presentation will present a multidimensional definition of water security, explore the conflict in norms between engineering and ecologically oriented communities, and present a framework synthesizing those norms for assessing and innovating robust and resilient pathways to water security.

  6. Security Verification Techniques Applied to PatchLink COTS Software

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Powell, John D.; Bishop, Matt; Andrew, Chris; Jog, Sameer

    2006-01-01

    Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink's UNIX Agent, a Commercial-Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.

  7. FY 1986 activities and accomplishments of the DOE Center for Computer Security. Status report

    SciTech Connect

    Strittmatter, R.B.

    1986-10-01

    The Department of Energy (DOE) Center for Computer Security (CCS) at Los Alamos National Laboratory is responsible for developing, collecting, organizing, and disseminating computer security information to the DOE and DOE contractors. This responsibility involves operations and field support, computer security education and awareness, and research and development. During the current fiscal year, the Center completed the Link ACE II, the DOE/CCS computer laboratory and Wide-Band Security Test Bed, and the computer security products database and its merger with the National Bureau of Standard's database. Also completed was the implementation of the Data Encryption Standard on the Wide-Band Communications Network.

  8. Use of fuzzy evidential reasoning in maritime security assessment.

    PubMed

    Yang, Z L; Wang, J; Bonsall, S; Fang, Q G

    2009-01-01

    Over the last few years, there has been a growing international recognition that the security performance of the maritime industry needs to be reviewed on an urgent basis. A large number of optional maritime security control measures have been proposed through various regulations and publications in the post-9/11 era. There is a strong need for a sound and generic methodology, which is capable of taking into account multiple selection criteria such as the cost effectiveness of the measures based on reasonable security assessment. The use of traditional risk assessment and decision-making approaches to deal with potential terrorism threats in a maritime security area reveals two major challenges. They are lack of capability of analyzing security in situations of high-level uncertainty and lack of capability of processing diverse data in a utility form suitable as input to a risk inference mechanism. To deal with such difficulties, this article proposes a subjective security-based assessment and management framework using fuzzy evidential reasoning (ER) approaches. Consequently, the framework can be used to assemble and process subjective risk assessment information on different aspects of a maritime transport system from multiple experts in a systematic way. Outputs of this model can also provide decisionmakers with a transparent tool to evaluate maritime security policy options for a specific scenario in a cost-effective manner. PMID:19141152

  9. Economic performance of water storage capacity expansion for food security

    NASA Astrophysics Data System (ADS)

    Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

    2013-03-01

    SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

  10. DIAGNOSTIC ASSESSMENT OF AQUATIC AND ESTUARINE RESOURCES: CLASSIFICATION FRAMEWORK FOR COASTAL SYSTEMS

    EPA Science Inventory

    This research will produce a classification framework that groups estuaries that respond similarly to stressor loads. An extensive review of existing classification schemes was conducted and initial development of a classification framework for estuaries was completed. Physical...

  11. 19 CFR 10.483 - Framework for correcting declarations and certifications.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... SECURITY; DEPARTMENT OF THE TREASURY ARTICLES CONDITIONALLY FREE, SUBJECT TO A REDUCED RATE, ETC. United States-Chile Free Trade Agreement Penalties § 10.483 Framework for correcting declarations...

  12. Assessment of global water security: moving beyond water scarcity assessment

    NASA Astrophysics Data System (ADS)

    Wada, Y.; Gain, A. K.; Giupponi, C.

    2015-12-01

    Water plays an important role in underpinning equitable, stable and productive societies, and the ecosystems on which we depend. Many international river basins are likely to experience 'low water security' over the coming decades. Hence, ensuring water security along with energy and food securities has been recognised as priority goals in Sustainable Development Goals (SDGs) by the United Nations. This water security is not rooted only in the limitation of physical resources, i.e. the shortage in the availability of freshwater relative to water demand, but also on social and economic factors (e.g. flawed water planning and management approaches, institutional incapability to provide water services, unsustainable economic policies). Until recently, advanced tools and methods are available for assessment of global water scarcity. However, integrating both physical and socio-economic indicators assessment of water security at global level is not available yet. In this study, we present the first global understanding of water security using a spatial multi-criteria analysis framework that goes beyond available water scarcity assessment. For assessing water security at global scale, the term 'security' is conceptualized as a function of 'availability', 'accessibility to services', 'safety and quality', and 'management'. The Water security index is calculated by aggregating the indicators using both simple additive weighting (SAW) and ordered weighted average (OWA).

  13. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  14. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  15. HANFORD SITE CENTRAL PLATEAU CLEANUP COMPLETION STRATEGY

    SciTech Connect

    BERGMAN TB

    2011-01-14

    Cleanup of the Hanford Site is a complex and challenging undertaking. The U.S. Department of Energy (DOE) has developed a comprehensive vision for completing Hanford's cleanup mission including transition to post-cleanup activities. This vision includes 3 principle components of cleanup: the {approx}200 square miles ofland adjacent to the Columbia River, known as the River Corridor; the 75 square miles of land in the center of the Hanford Site, where the majority of the reprocessing and waste management activities have occurred, known as the Central Plateau; and the stored reprocessing wastes in the Central Plateau, the Tank Wastes. Cleanup of the River Corridor is well underway and is progressing towards completion of most cleanup actions by 2015. Tank waste cleanup is progressing on a longer schedule due to the complexity of the mission, with construction of the largest nuclear construction project in the United States, the Waste Treatment Plant, over 50% complete. With the progress on the River Corridor and Tank Waste, it is time to place increased emphasis on moving forward with cleanup of the Central Plateau. Cleanup of the Hanford Site has been proceeding under a framework defmed in the Hanford Federal Facility Agreement and Consent Order (Tri-Party Agreement). In early 2009, the DOE, the State of Washington Department of Ecology, and the U.S. Environmental Protection Agency signed an Agreement in Principle in which the parties recognized the need to develop a more comprehensive strategy for cleanup of the Central Plateau. DOE agreed to develop a Central Plateau Cleanup Completion Strategy as a starting point for discussions. This DOE Strategy was the basis for negotiations between the Parties, discussions with the State of Oregon, the Hanford Advisory Board, and other Stakeholder groups (including open public meetings), and consultation with the Tribal Nations. The change packages to incorporate the Central Plateau Cleanup Completion Strategy were signed by

  16. HCI∧2 framework: a software framework for multimodal human-computer interaction systems.

    PubMed

    Shen, Jie; Pantic, Maja

    2013-12-01

    This paper presents a novel software framework for the development and research in the area of multimodal human-computer interface (MHCI) systems. The proposed software framework, which is called the HCI∧2 Framework, is built upon publish/subscribe (P/S) architecture. It implements a shared-memory-based data transport protocol for message delivery and a TCP-based system management protocol. The latter ensures that the integrity of system structure is maintained at runtime. With the inclusion of bridging modules, the HCI∧2 Framework is interoperable with other software frameworks including Psyclone and ActiveMQ. In addition to the core communication middleware, we also present the integrated development environment (IDE) of the HCI∧2 Framework. It provides a complete graphical environment to support every step in a typical MHCI system development process, including module development, debugging, packaging, and management, as well as the whole system management and testing. The quantitative evaluation indicates that our framework outperforms other similar tools in terms of average message latency and maximum data throughput under a typical single PC scenario. To demonstrate HCI∧2 Framework's capabilities in integrating heterogeneous modules, we present several example modules working with a variety of hardware and software. We also present an example of a full system developed using the proposed HCI∧2 Framework, which is called the CamGame system and represents a computer game based on hand-held marker(s) and low-cost camera(s). PMID:24235258

  17. Security and SCADA protocols

    SciTech Connect

    Igure, V. M.; Williams, R. D.

    2006-07-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  18. Management of Global Nuclear Materials for International Security

    SciTech Connect

    Isaacs, T; Choi, J-S

    2003-09-18

    Nuclear materials were first used to end the World War II. They were produced and maintained during the cold war for global security reasons. In the succeeding 50 years since the Atoms for Peace Initiative, nuclear materials were produced and used in global civilian reactors and fuel cycles intended for peaceful purposes. The Nonproliferation Treaty (NPT) of 1970 established a framework for appropriate applications of both defense and civilian nuclear activities by nuclear weapons states and non-nuclear weapons states. As global inventories of nuclear materials continue to grow, in a diverse and dynamically changing manner, it is time to evaluate current and future trends and needed actions: what are the current circumstances, what has been done to date, what has worked and what hasn't? The aim is to identify mutually reinforcing programmatic directions, leading to global partnerships that measurably enhance international security. Essential elements are material protection, control and accountability (MPC&A) of separated nuclear materials, interim storage, and geologic repositories for all nuclear materials destined for final disposal. Cooperation among key partners, such as the MPC&A program between the U.S. and Russia for nuclear materials from dismantled weapons, is necessary for interim storage and final disposal of nuclear materials. Such cooperative partnerships can lead to a new nuclear regime where a complete fuel cycle service with fuel leasing and spent fuel take-back can be offered to reactor users. The service can effectively minimize or even eliminate the incentive or rationale for the user-countries to develop their indigenous enrichment and reprocessing technologies. International cooperation, supported by governments of key countries can be best to facilitate the forum for formation of such cooperative partnerships.

  19. Company profile: Complete Genomics Inc.

    PubMed

    Reid, Clifford

    2011-02-01

    Complete Genomics Inc. is a life sciences company that focuses on complete human genome sequencing. It is taking a completely different approach to DNA sequencing than other companies in the industry. Rather than building a general-purpose platform for sequencing all organisms and all applications, it has focused on a single application - complete human genome sequencing. The company's Complete Genomics Analysis Platform (CGA™ Platform) comprises an integrated package of biochemistry, instrumentation and software that sequences human genomes at the highest quality, lowest cost and largest scale available. Complete Genomics offers a turnkey service that enables customers to outsource their human genome sequencing to the company's genome sequencing center in Mountain View, CA, USA. Customers send in their DNA samples, the company does all the library preparation, DNA sequencing, assembly and variant analysis, and customers receive research-ready data that they can use for biological discovery. PMID:21345140

  20. Unicam Activity Framework (UAF)

    ERIC Educational Resources Information Center

    Gagliardi, R.; Mauri, M.; Polzonetti, A.

    2016-01-01

    This presentation illustrates the framework of processing performance of the faculty of the University of Camerino. The evaluation criteria are explained and the technological structure that allows automatic performance assessment available online anywhere and anytime. The designed framework is usually applied to the performance evaluation of…

  1. Overlooking the Conceptual Framework

    ERIC Educational Resources Information Center

    Leshem, Shosh; Trafford, Vernon

    2007-01-01

    The conceptual framework is alluded to in most serious texts on research, described in some and fully explained in few. However, examiners of doctoral theses devote considerable attention to exploring its function within social science doctoral vivas. A literature survey explores how the conceptual framework is itself conceptualised and explained.…

  2. P21 Framework Definitions

    ERIC Educational Resources Information Center

    Partnership for 21st Century Skills, 2009

    2009-01-01

    To help practitioners integrate skills into the teaching of core academic subjects, the Partnership for 21st Century Skills has developed a unified, collective vision for learning known as the Framework for 21st Century Learning. This Framework describes the skills, knowledge and expertise students must master to succeed in work and life; it is a…

  3. Frameworks of Educational Technology

    ERIC Educational Resources Information Center

    Ely, Donald

    2008-01-01

    This paper, written from a 20th-century perspective, traces the development of, and influences on, the field of instructional technology and attempts to describe a framework within which we can better understand the field. [This article is based on "Instructional Technology: Contemporary Frameworks" originally written by the author for the…

  4. A Framework for Teaching

    ERIC Educational Resources Information Center

    Squires, Geoffrey

    2004-01-01

    Teaching, like other professions, involves the performance of contingent functions. This suggests three basic questions: What do teachers do? What affects what they do? How do they do it? Together, these questions provide a three-dimensional framework which can be used to plan, analyse and evaluate teaching. Such a framework falls short of a…

  5. Complete to Compete: Common College Completion Metrics. Technical Guide

    ERIC Educational Resources Information Center

    Reyna, Ryan; Reindl, Travis; Witham, Keith; Stanley, Jeff

    2010-01-01

    Improved college completion rates are critical to the future of the United States, and states must have better data to understand the nature of the challenges they confront or target areas for policy change. The 2010-2011 National Governors Association (NGA) Chair's initiative, "Complete to Compete", recommends that all states collect data from…

  6. Estimation of completeness of AIDS case reporting in Massachusetts.

    PubMed

    Jara, M M; Gallagher, K M; Schieman, S

    2000-03-01

    One of the most important aspects of any surveillance system is degree of completeness. We conducted a multiple source capture-recapture study using the 1994 Massachusetts Uniform Hospital Discharge Data Set (UHDDS) and Medicaid claims data to evaluate the completeness of the state's AIDS registry. We used encrypted social security numbers as the primary link to ensure confidentiality. For cases that did not link in the first round owing to missing social security numbers, we linked using gender and date of birth. Staff reviewed unmatched records from the Uniform Hospital Discharge Data Set and Medicaid datasets to determine subjects' AIDS case status. Using the Uniform Hospital Discharge Data Set, the AIDS registry was 92.6% complete (95% confidence interval (CI) = 91.6-93.5). The Medicaid claims dataset suggested the AIDS registry to be 94.5% complete (95% confidence interval = 93.7-95.3). The completeness of reporting to the state AIDS registry continues to be high, but there are differences by gender and mode of transmission of the virus. The continued assessment of completeness of reporting is important to ensure quality of the surveillance database over time. PMID:11021621

  7. An Information Fusion Framework for Threat Assessment

    SciTech Connect

    Beaver, Justin M; Kerekes, Ryan A; Treadwell, Jim N

    2009-01-01

    Modern enterprises are becoming increasingly sensitive to the potential destructive power of small groups or individuals with malicious intent. In response, significant investments are being made in developing a means to assess the likelihood of certain threats to their enterprises. Threat assessment needs are typically focused in very specific application areas where current processes rely heavily on human analysis to both combine any available data and draw conclusions about the probability of a threat. A generic approach to threat assessment is proposed, including a threat taxonomy and decision-level information fusion framework, that provides a computational means for merging multi-modal data for the purpose of assessing the presence of a threat. The framework is designed for flexibility, and intentionally accounts for the accuracy of each data source, given the environmental conditions, in order to manage the uncertainty associated with any acquired data. The taxonomy and information fusion framework is described, and discussed in the context of real-world applications such as shipping container security and cyber security.

  8. Standard Agent Framework 1

    Energy Science and Technology Software Center (ESTSC)

    1999-04-06

    The Standard Agent framework provides an extensible object-oriented development environment suitable for use in both research and applications projects. The SAF provides a means for constructing and customizing multi-agent systems through specialization of standard base classes (architecture-driven framework) and by composition of component classes (data driven framework). The standard agent system is implemented as an extensible object-centerd framework. Four concrete base classes are developed: (1) Standard Agency; (2) Standard Agent; (3) Human Factor, and (4)more » Resources. The object-centered framework developed and utilized provides the best comprimise between generality and flexibility available in agent development systems today.« less

  9. 2016-2020 Strategic Plan and Implementing Framework

    SciTech Connect

    2015-11-01

    The 2016-2020 Strategic Plan and Implementing Framework from the Office of Energy Efficiency and Renewable Energy (EERE) is the blueprint for launching the nation’s leadership in the global clean energy economy. This document will guide the organization to build on decades of progress in powering our nation from clean, affordable and secure energy.

  10. Public Access to Government Electronic Information. Policy Framework.

    ERIC Educational Resources Information Center

    Bulletin of the American Society for Information Science, 1992

    1992-01-01

    This policy framework provides guidelines for federal agencies on public access to government electronic information. Highlights include reasons for disseminating information; defining user groups; which technology to use; pricing flexibility; security and privacy issues; and the private sector and state and local government roles. (LRW)

  11. Implementing Information Security and Its Technology: A LineManagement Perspective

    SciTech Connect

    Barletta, William A.

    2005-08-22

    Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

  12. Portable appliance security apparatus

    NASA Technical Reports Server (NTRS)

    Kerley, J. J. (Inventor)

    1981-01-01

    An apparatus for securing a small computer, or other portable appliance, against theft is described. It is comprised of a case having an open back through which the computer is installed or removed. Guide members in the form of slots are formed in a rear portion of opposite walls of the case for receiving a back plate to cover the opening and thereby secure the computer within the case. An opening formed in the top wall of the case exposes the keyboard and display of the computer. The back plate is locked in the closed position by a key-operated plug type lock. The lock is attached to one end of a hold down cable, the opposite end thereof being secured to a desk top or other stationary object. Thus, the lock simultaneously secures the back plate to the case and retains the case to the stationary object.

  13. Intelligent Sensors Security

    PubMed Central

    Bialas, Andrzej

    2010-01-01

    The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process. PMID:22315571

  14. Secure Chemical Facilities Act

    THOMAS, 113th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2013-01-23

    01/23/2013 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  15. Secure Chemical Facilities Act

    THOMAS, 112th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2011-03-31

    03/31/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  16. Teaching Secure Programming

    SciTech Connect

    Bishop, Matt; Frincke, Deb A.

    2005-09-01

    This article discusses issues in teaching secure coding in the context of both academic institutions and training organizations. The emphasis is on the importance of assurance. There is also some discussion of the role of checklists.

  17. Securing Cabin Baggage Act

    THOMAS, 111th Congress

    Rep. Lipinski, Daniel [D-IL-3

    2009-06-15

    06/17/2009 Referred to the Subcommittee on Transportation Security and Infrastructure Protection. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  18. Keep America Secure Act

    THOMAS, 112th Congress

    Rep. Slaughter, Louise McIntosh [D-NY-28

    2012-08-02

    09/05/2012 Referred to the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  19. Cognitive Computing for Security.

    SciTech Connect

    Debenedictis, Erik; Rothganger, Fredrick; Aimone, James Bradley; Marinella, Matthew; Evans, Brian Robert; Warrender, Christina E.; Mickel, Patrick

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  20. Secure Visas Act

    THOMAS, 111th Congress

    Rep. Smith, Lamar [R-TX-21

    2010-03-04

    04/26/2010 Referred to the Subcommittee on Immigration, Citizenship, Refugees, Border Security, and International Law. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  1. Security vs. Safety.

    ERIC Educational Resources Information Center

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  2. Requirements for security signalling

    SciTech Connect

    Pierson, L.G.; Tarman, T.D.

    1995-02-05

    There has been some interest lately in the need for ``authenticated signalling``, and the development of signalling specifications by the ATM Forum that support this need. The purpose of this contribution is to show that if authenticated signalling is required, then supporting signalling facilities for directory services (i.e. key management) are also required. Furthermore, this contribution identifies other security related mechanisms that may also benefit from ATM-level signalling accommodations. For each of these mechanisms outlined here, an overview of the signalling issues and a rough cut at the required fields for supporting Information Elements are provided. Finally, since each of these security mechanisms are specified by a number of different standards, issues pertaining to the selection of a particular security mechanism at connection setup time (i.e. specification of a required ``Security Quality of Service``) are also discussed.

  3. Secure quantum key distribution

    NASA Astrophysics Data System (ADS)

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  4. Lemnos Interoperable Security Program

    SciTech Connect

    Stewart, John; Halbgewachs, Ron; Chavez, Adrian; Smith, Rhett; Teumim, David

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  5. Secure video communications systems

    SciTech Connect

    Smith, R.L.

    1991-10-08

    This patent describes a secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  6. Variable contour securing system

    NASA Technical Reports Server (NTRS)

    Zebus, P. P.; Packer, P. N.; Haynie, C. C. (Inventor)

    1978-01-01

    A variable contour securing system has a retaining structure for a member whose surface contains a variable contour. The retaining mechanism includes a spaced array of adjustable spindles mounted on a housing. Each spindle has a base member support cup at one end. A vacuum source is applied to the cups for seating the member adjacent to the cups. A locking mechanism sets the spindles in a predetermined position once the member has been secured to the spindle support cups.

  7. Data port security lock

    DOEpatents

    Quinby, Joseph D.; Hall, Clarence S.

    2008-06-24

    In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

  8. Latino College Completion: Rhode Island

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  9. Latino College Completion: United States

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  10. Latino College Completion: North Carolina

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  11. Latino College Completion: New Jersey

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  12. Latino College Completion: South Carolina

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  13. Latino College Completion: New Hampshire

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  14. Latino College Completion: South Dakota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  15. Latino College Completion: North Dakota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  16. Latino College Completion: New York

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  17. Latino College Completion: West Virginia

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  18. Record completeness for individual volcanoes

    NASA Astrophysics Data System (ADS)

    Bebbington, Mark

    2016-04-01

    There has been considerable recent attention paid to completeness in global and regional (e.g. Japan) eruption data bases. This has taken the form of estimating dates at which the record is complete, either at a global or regional level, at a given VEI or magnitude. This has obvious utility when estimating hazard from very large eruptions, which may have effects 1000s of km from source. However, at a more local level, the question of interest is not so much the global, or the regional, completeness level, but the completeness of the record for an individual volcano. For example, forecast hazard is critically dependent on the size of the eruption, but it is impossible even to statistically describe the size distribution without knowing the completeness of the record. Current methods for eruption catalogue completeness using extreme value statistics rely on large samples for their validity, so a new approach is required for individual volcanoes, which may have only a handful of known eruptions. We will consider one possible such approach based using a Bayesian sequential algorithm assuming that the underlying process is Poissonian and that completeness at a lower VEI implies completeness at all higher VEIs. Results for individual volcanoes are compared with regional figures and, time-permitting, implications for a statistical model of VEI discussed.

  19. Strictly homogeneous laterally complete modules

    NASA Astrophysics Data System (ADS)

    Chilin, V. I.; Karimov, J. A.

    2016-03-01

    Let A be a laterally complete commutative regular algebra and X be a laterally complete A-module. In this paper we introduce a notion of homogeneous and strictly homogeneous A-modules. It is proved that any homogeneous A-module is strictly homogeneous A-module, if the Boolean algebra of all idempotents in A is multi-σ-finite.

  20. High School Completion Longitudinal Study

    ERIC Educational Resources Information Center

    Alberta Education, 2009

    2009-01-01

    While Alberta enjoys proven high, world-class results in student achievement, raising high school completion rates is one of the top priorities in improving the provincial education system. The 2011-12 targeted high school completion rate is 82% five years after entering Grade 10--a 2.5% increase from the current average rate of 79.5%. The purpose…

  1. Latino College Completion: New Mexico

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  2. Pure-state informationally complete and 'really' complete measurements

    SciTech Connect

    Finkelstein, J.

    2004-11-01

    I construct a positive-operator-valued measure (POVM) which has 2d rank-1 elements and which is informationally complete for generic pure states in d dimensions, thus confirming a conjecture made by Flammia, Silberfarb, and Caves (e-print quant-ph/0404137). I show that if a rank-1 POVM is required to be informationally complete for all pure states in d dimensions, it must have at least 3d-2 elements. I also show that, in a POVM which is informationally complete for all pure states in d dimensions, for any vector there must be at least 2d-1 POVM elements which do not annihilate that vector.

  3. [Food security in Mexico].

    PubMed

    Urquía-Fernández, Nuria

    2014-01-01

    An overview of food security and nutrition in Mexico is presented, based on the analysis of the four pillars of food security: availability, access, utilization of food, and stability of the food supply. In addition, the two faces of malnutrition in Mexico were analyzed: obesity and undernourishment. Data were gathered from the food security indicators of the United Nations's Food and Agriculture Organization, from the Mexican Scale of Food Security, and from the National Health and Nutrition Survey. Mexico presents an index of availability of 3 145 kilocalories per person per day, one of the highest indexes in the world, including both food production and imports. In contrast, Mexico is affected by a double burden of malnutrition: whereas children under five present 14% of stunt, 30% of the adult population is obese. Also, more than 18% of the population cannot afford the basic food basket (food poverty). Using perception surveys, people reports important levels of food insecurity, which concentrates in seven states of the Mexican Federation. The production structure underlying these indicators shows a very heterogeneous landscape, which translates in to a low productivity growth across the last years. Food security being a multidimensional concept, to ensure food security for the Mexican population requires a revision and redesign of public productive and social policies, placing a particular focus on strengthening the mechanisms of institutional governance. PMID:25649459

  4. Security systems engineering overview

    NASA Astrophysics Data System (ADS)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  5. Security systems engineering overview

    SciTech Connect

    Steele, B.J.

    1996-12-31

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).

  6. Computer access security code system

    NASA Technical Reports Server (NTRS)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  7. Safeguarding Your Technology: Practical Guidelines for Electronic Education Information Security.

    ERIC Educational Resources Information Center

    Szuba, Tom

    This guide was developed specifically for educational administrators at the building, campus, district, system, and state levels, and is meant to serve as a framework to help them better understand why and how to effectively secure their organization's information, software, and computer and networking equipment. This document is organized into 10…

  8. Three-step semiquantum secure direct communication protocol

    NASA Astrophysics Data System (ADS)

    Zou, XiangFu; Qiu, DaoWen

    2014-09-01

    Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first. In the existing schemes, quantum secure direct communication is possible only when both parties are quantum. In this paper, we construct a three-step semiquantum secure direct communication (SQSDC) protocol based on single photon sources in which the sender Alice is classical. In a semiquantum protocol, a person is termed classical if he (she) can measure, prepare and send quantum states only with the fixed orthogonal quantum basis {|0>, |1>}. The security of the proposed SQSDC protocol is guaranteed by the complete robustness of semiquantum key distribution protocols and the unconditional security of classical one-time pad encryption. Therefore, the proposed SQSDC protocol is also completely robust. Complete robustness indicates that nonzero information acquired by an eavesdropper Eve on the secret message implies the nonzero probability that the legitimate participants can find errors on the bits tested by this protocol. In the proposed protocol, we suggest a method to check Eves disturbing in the doves returning phase such that Alice does not need to announce publicly any position or their coded bits value after the photons transmission is completed. Moreover, the proposed SQSDC protocol can be implemented with the existing techniques. Compared with many quantum secure direct communication protocols, the proposed SQSDC protocol has two merits: firstly the sender only needs classical capabilities; secondly to check Eves disturbing after the transmission of quantum states, no additional classical information is needed.

  9. Molecule database framework: a framework for creating database applications with chemical structure search capability

    PubMed Central

    2013-01-01

    Background Research in organic chemistry generates samples of novel chemicals together with their properties and other related data. The involved scientists must be able to store this data and search it by chemical structure. There are commercial solutions for common needs like chemical registration systems or electronic lab notebooks. However for specific requirements of in-house databases and processes no such solutions exist. Another issue is that commercial solutions have the risk of vendor lock-in and may require an expensive license of a proprietary relational database management system. To speed up and simplify the development for applications that require chemical structure search capabilities, I have developed Molecule Database Framework. The framework abstracts the storing and searching of chemical structures into method calls. Therefore software developers do not require extensive knowledge about chemistry and the underlying database cartridge. This decreases application development time. Results Molecule Database Framework is written in Java and I created it by integrating existing free and open-source tools and frameworks. The core functionality includes: • Support for multi-component compounds (mixtures) • Import and export of SD-files • Optional security (authorization) For chemical structure searching Molecule Database Framework leverages the capabilities of the Bingo Cartridge for PostgreSQL and provides type-safe searching, caching, transactions and optional method level security. Molecule Database Framework supports multi-component chemical compounds (mixtures). Furthermore the design of entity classes and the reasoning behind it are explained. By means of a simple web application I describe how the framework could be used. I then benchmarked this example application to create some basic performance expectations for chemical structure searches and import and export of SD-files. Conclusions By using a simple web application it was

  10. The Impact of Regional Higher Education Spaces on the Security of International Students

    ERIC Educational Resources Information Center

    Forbes-Mewett, Helen

    2016-01-01

    The security of international students in regional higher education spaces in Australia has been overlooked. Contingency theory provides the framework for this case study to explore the organisational structure and support services relevant to a regional higher education space and how this impacts the security of international students. In-depth…

  11. Securing Location Services Infrastructures: Practical Criteria for Application Developers and Solutions Architects

    ERIC Educational Resources Information Center

    Karamanian, Andre

    2013-01-01

    This qualitative, exploratory, normative study examined the security and privacy of location based services in mobile applications. This study explored risk, and controls to implement privacy and security. This study was addressed using components of the FIPS Risk Management Framework. This study found that risk to location information was…

  12. Aligning the Effective Use of Student Data with Student Privacy and Security Laws

    ERIC Educational Resources Information Center

    Winnick, Steve; Coleman, Art; Palmer, Scott; Lipper, Kate; Neiditz, Jon

    2011-01-01

    This legal and policy guidance provides a summary framework for state policymakers as they work to use longitudinal data to improve student achievement while also protecting the privacy and security of individual student records. Summarizing relevant federal privacy and security laws, with a focus on the Family Educational Records and Privacy Act…

  13. Information Security Trends and Issues in the Moodle E-Learning Platform: An Ethnographic Content Analysis

    ERIC Educational Resources Information Center

    Schultz, Christopher

    2012-01-01

    Empirical research on information security trends and practices in e-learning is scarce. Many articles that have been published apply basic information security concepts to e-learning and list potential threats or propose frameworks for classifying threats. The purpose of this research is to identify, categorize and understand trends and issues in…

  14. The Globalization of Higher Education as a Societal and Cultural Security Problem

    ERIC Educational Resources Information Center

    Samier, Eugenie A.

    2015-01-01

    In this article, I propose a theory of the globalization of higher education as societal and cultural security problems for many regions of the world. The first section examines the field of security studies for theoretical frameworks appropriate to critiquing globalized higher education, including critical human, societal and cultural security…

  15. A Review of State Test Security Laws in 2013. ACT Research Report Series, 2014 (1)

    ERIC Educational Resources Information Center

    Croft, Michelle

    2014-01-01

    Test security has increased in importance in the last few years given high-profile cases of educator misconduct. This paper provides a review of state test security statutes and regulations related to statewide achievement testing using as a framework recent best practices reports by the U.S. Department of Education's National Center for Education…

  16. Oxytocin enhances the experience of attachment security.

    PubMed

    Buchheim, Anna; Heinrichs, Markus; George, Carol; Pokorny, Dan; Koops, Eva; Henningsen, Peter; O'Connor, Mary-Frances; Gündel, Harald

    2009-10-01

    Repeated interactions between infant and caregiver result in either secure or insecure relationship attachment patterns, and insecure attachment may affect individual emotion-regulation and health. Given that oxytocin enhances social approach behavior in animals and humans, we hypothesized that oxytocin might also promote the subjective experience of attachment security in humans. Within a 3-week interval, 26 healthy male students classified with an insecure attachment pattern were invited twice to an experimental session. At the beginning of each experiment, a single dose of oxytocin or placebo was administered intranasally, using a double-blind, placebo-controlled within-subject design. In both conditions, subjects completed an attachment task based on the Adult Attachment Projective Picture System (AAP). Thirty-two AAP picture system presentations depicted attachment-related events (e.g. illness, solitude, separation, and loss), and were each accompanied by four prototypical phrases representing one secure and three insecure attachment categories. In the oxytocin condition, a significant proportion of these insecure subjects (N=18; 69%) increased in their rankings of the AAP prototypical "secure attachment" phrases and decreased in overall ranking of the "insecure attachment" phrases. In particular, there was a significant decrease in the number of subjects ranking the pictures with "insecure-preoccupied" phrases from the placebo to the oxytocin condition. We find that a single dose of intranasally administered oxytocin is sufficient to induce a significant increase in the experience of attachment security in insecurely attached adults. PMID:19457618

  17. Wireless Network Security Vulnerabilities and Concerns

    NASA Astrophysics Data System (ADS)

    Mushtaq, Ahmad

    The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

  18. Oxytocin enhances the experience of attachment security

    PubMed Central

    Buchheim, Anna; Heinrichs, Markus; George, Carol; Pokorny, Dan; Koops, Eva; Henningsen, Peter; O’Connor, Mary-Frances; Gundel, Harald

    2011-01-01

    Summary Repeated interactions between infant and caregiver result in either secure or insecure relationship attachment patterns, and insecure attachment may affect individual emotion-regulation and health. Given that oxytocin enhances social approach behavior in animals and humans, we hypothesized that oxytocin might also promote the experience of attachment security in humans. Within a 3-week interval 26 healthy male students classified with an insecure attachment pattern were invited twice to an experimental session. Within each session, a single dose of oxytocin or placebo was administered, using a double-blind, placebo-controlled within-subject design. In both conditions, subjects completed an attachment task based on the Adult Attachment Projective Picture System (AAP). Thirty-two AAP picture system presentations depicted attachment-related events (e.g. illness, solitude, separation, loss), and were each accompanied by four prototypical phrases representing one secure and three insecure attachment categories. In the oxytocin condition, a significant proportion of these insecure subjects (N = 18; 69%) changed their rankings of “secure attachment” phrases towards the more appropriate for the AAP picture presentation, and the same subjects decreased in overall rating of the “insecure attachment” phrases. In particular, there was a significant decrease in the number of subjects ranking the pictures with “insecure-preoccupied” phrases from the placebo to the oxytocin condition. We find that a single dose of intranasally administered oxytocin is sufficient to induce a significant increase in the experience of attachment security in adults classified previously as insecure. PMID:19457618

  19. Roadmap on optical security

    NASA Astrophysics Data System (ADS)

    Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

    2016-08-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections

  20. Cooperative monitoring of regional security agreements

    SciTech Connect

    Pregenzer, A.L.; Vannoni, M.; Biringer, K.L.

    1996-11-01

    This paper argues that cooperative monitoring plays a critical role in the implementation of regional security agreements and confidence building measures. A framework for developing cooperative monitoring options is proposed and several possibilities for relating bilateral and regional monitoring systems to international monitoring systems are discussed. Three bilateral or regional agreements are analyzed briefly to illustrate different possibilities. These examples illustrate that the relationship of regional or bilateral arms control or security agreements to international agreements depends on a number of factors: the overlap of provisions between regional and international agreements; the degree of interest in a regional agreement among the international community; efficiency in implementing the agreement; and numerous political considerations. Given the importance of regional security to the international community, regions should be encouraged to develop their own infrastructure for implementing regional arms control and other security agreements. A regional infrastructure need not preclude participation in an international regime. On the contrary, establishing regional institutions for arms control and nonproliferation could result in more proactive participation of regional parties in developing solutions for regional and international problems, thereby strengthening existing and future international regimes. Possible first steps for strengthening regional infrastructures are identified and potential technical requirements are discussed.

  1. Secure and Authenticated Data Communication in Wireless Sensor Networks

    PubMed Central

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  2. Secure and Authenticated Data Communication in Wireless Sensor Networks.

    PubMed

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  3. [Biological review of completed suicide].

    PubMed

    Otsuka, Ikuo; Sora, Ichiro; Hishimoto, Akitoyo

    2016-06-01

    Family, twin and adoption studies have revealed genetic factors involved in suicide, while the accumulation of stress and mental illnesses are major contributing factors of suicide. Since higher lethality of suicidal behavior is considered to increase familial liability to suicidal behavior, we believe biological research of completed suicide is most important for a better understanding of the pathophysiology in suicide. Dysregulated hypothalamic-pituitary-adrenal axis has gained a special interest in the neurobiology of suicide, mostly because of the findings using a dexamethasone suppression test (DST), in which DST non-suppressors show a nearly 10-fold higher risk of completed suicide than DST suppressors in a depressed cohort. Other data mainly from postmortem brain studies indicate abnormalities of the noradrenergic-locus coeruleus system, serotonergic system, endogenous opioid system, brain-derived neurotrophic factor, inflammatory cytokines and omega-3 fatty acid in completed suicide. However, genetic research of complete suicide is behind other mental problems because it is extremely difficult to obtain tissue samples of completed suicide. Under the difficult situation, we now retain over 800 blood samples of suicide completers thanks to bereaved families' cooperation. We are actively working on the research of suicide, for instance, by performing a GWAS using 500 samples of suicide completers. PMID:27506081

  4. Integrated secure solution for electronic healthcare records sharing

    NASA Astrophysics Data System (ADS)

    Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

    2007-03-01

    The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

  5. Conductive open frameworks

    DOEpatents

    Yaghi, Omar M.; Wan, Shun; Doonan, Christian J.; Wang, Bo; Deng, Hexiang

    2016-02-23

    The disclosure relates generally to materials that comprise conductive covalent organic frameworks. The disclosure also relates to materials that are useful to store and separate gas molecules and sensors.

  6. Generic Overlay Framework

    Energy Science and Technology Software Center (ESTSC)

    2005-09-01

    This software provides a framework for building application layter overlay networks. It includes example overlays that can be used without modification. Also provided are example multicast and routing protocols that can be used with the overlays.

  7. Refusers, dropouts, and completers: measuring sex offender treatment efficacy.

    PubMed

    Seager, James A; Jellicoe, Debra; Dhaliwal, Gurmeet K

    2004-10-01

    A sex offender program delivered in a medium-security prison followed 109 treatment completers and 37 noncompleters for 2 years after release. Noncompleters, those who refused treatment or dropped out, had 6 times the rate of sexual and violent reoffending relative to completers. Among those who completed the program, however, positive evaluations of treatment change, such as quality of disclosure and enhanced victim empathy, found in posttreatment assessments did not correlate with recidivism. Furthermore, completers did not differ in their rates of recidivism from pretreatment rates predicted by the Static 99, an actuarial measure of anticipated sexual and violent recidivism. We conclude that the program did not influence propensities for sexual and violent recidivism but rather served as a prolonged screening instrument for sex offenders whose failure to comply with treatment attendance predicted higher rates of recidivism. PMID:15358934

  8. PRE: A framework for enterprise integration

    SciTech Connect

    Whiteside, R.A.; Friedman-Hill, E.J.; Detry, R.J.

    1998-03-01

    Sandia National Laboratories` Product Realization Environment (PRE) is a lightweight, CORBA based framework for the integration of a broad variety of applications. These applications are wrapped for use in the PRE framework as reusable components. For example, some of the PRE components currently available include: (1) product data management (PDM) system, (2) human resources database, several finite element analysis programs, and (3) a variety of image and document format converters. PRE enables the development of end user applications (as Java applets, for example) that use these components as building blocks. To aid such development, the PreLib library (available in both C++ and Java) permits both wrapping and using these components without knowledge of either CORBA or the security mechanisms used.

  9. Genotype imputation via matrix completion.

    PubMed

    Chi, Eric C; Zhou, Hua; Chen, Gary K; Del Vecchyo, Diego Ortega; Lange, Kenneth

    2013-03-01

    Most current genotype imputation methods are model-based and computationally intensive, taking days to impute one chromosome pair on 1000 people. We describe an efficient genotype imputation method based on matrix completion. Our matrix completion method is implemented in MATLAB and tested on real data from HapMap 3, simulated pedigree data, and simulated low-coverage sequencing data derived from the 1000 Genomes Project. Compared with leading imputation programs, the matrix completion algorithm embodied in our program MENDEL-IMPUTE achieves comparable imputation accuracy while reducing run times significantly. Implementation in a lower-level language such as Fortran or C is apt to further improve computational efficiency. PMID:23233546

  10. Completeness for sparse potential scattering

    SciTech Connect

    Shen, Zhongwei

    2014-01-15

    The present paper is devoted to the scattering theory of a class of continuum Schrödinger operators with deterministic sparse potentials. We first establish the limiting absorption principle for both modified free resolvents and modified perturbed resolvents. This actually is a weak form of the classical limiting absorption principle. We then prove the existence and completeness of local wave operators, which, in particular, imply the existence of wave operators. Under additional assumptions on the sparse potential, we prove the completeness of wave operators. In the context of continuum Schrödinger operators with sparse potentials, this paper gives the first proof of the completeness of wave operators.

  11. Building a Secure Library System.

    ERIC Educational Resources Information Center

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  12. A Portable Computer Security Workshop

    ERIC Educational Resources Information Center

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  13. Information Systems, Security, and Privacy.

    ERIC Educational Resources Information Center

    Ware, Willis H.

    1984-01-01

    Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

  14. Gross anatomy of network security

    NASA Technical Reports Server (NTRS)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  15. A framework for password selection. [Password recommendations

    SciTech Connect

    De Alvare', A.M.; Schultz, E.E. Jr.

    1988-01-01

    A major problem in computer security is intrusion into systems due to compromised authentication procedures. This paper focuses on the most commonly used authentication procedure--use of passwords. We have developed a framework for a methodology to estimate the guessability of passwords. We assume that passwords are usually based on a simple rule. If someone discovers one of a series of rule-based passwords, it is easier to guess other passwords. The framework we propose is that computer security experts can conduct guessability studies on a large number of passwords which are candidates for assignment to users. People who attempt to guess what a password is can be provided with cues, such as what a password for another account in the system is or a nickname. Hit rates (the percentage of passwords correctly guessed within a limited number of attempts) can then be obtained. This method can be used to develop metrics for guessability of classes of passwords. A system manager might utilize results of guessability studies by encouraging users to avoid choosing passwords which are closely associated with account names or which have been shown to be highly vulnerable to guessing, or by not assigning passwords which are from vulnerable classes of passwords. A pilot study confirmed the feasibility of this framework. Participants were given 20 attempts to guess an eight-character password which was either a common English word or two unrelated words joined by a control character (eight characters in all). The common English word was vulnerable to guessing, but only when cues about this word were provided. Participants never guessed the other password, however, even when cues were provided. The results not only demonstrate feasibility of our framework, but also suggest guidelines for selecting passwords which are less likely to result in compromised authentication procedures. 6 refs., 1 fig.

  16. Using software security analysis to verify the secure socket layer (SSL) protocol

    NASA Technical Reports Server (NTRS)

    Powell, John D.

    2004-01-01

    nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

  17. JWST Primary Mirror Installation Complete

    NASA Video Gallery

    Completing the assembly of the primary mirror, which took place at NASA’s Goddard Space Flight Center in Greenbelt, Maryland, is a significant milestone and the culmination of over a decade of desi...

  18. Is complete seizure control imperative?

    PubMed

    Andermann, Frederick

    2002-01-01

    Is complete control imperative? The answer depends on whether complete control is indeed possible, on the possibility of achieving modifications of lifestyle, and on the type of epilepsy, with particular reference to the presence of progressive dysfunction. This may be seen in patients with temporal lobe or other forms of focal epilepsy, in the epileptic encephalopathies such as West and Lennox Gastaut Syndromes and even in some patients with idiopathic generalized epilepsy. Progressive memory changes and global cognitive problems are examples. Progressive language deterioration, secondary epileptogenesis and phenomena analogous to kindling are also important issues. How long treatment should be continued depends on many factors, not least the preference of the patient and of the family. Weighing the benefits of complete control versus the side effects and risks of medication or surgery is crucial. There are obvious benefits to complete control; it is imperative if these benefits are greater than the cost. PMID:12143366

  19. Complete Blood Count (For Parents)

    MedlinePlus

    ... KidsHealth in the Classroom What Other Parents Are Reading Upsetting News Reports? What to Say Vaccines: Which ... Metabolic Panel (BMP) Blood Test: Hemoglobin Basic Blood Chemistry Tests Word! Complete Blood Count (CBC) Medical Tests ...

  20. A secure open system?

    NASA Astrophysics Data System (ADS)

    Crowe, James A.

    1993-08-01

    The notion of a large distributed computing system in support of a program like EOSDIS, carries with it the requirement that the system provide the user with guarantees about the integrity of the data and certain assurances about the security of the network of computing systems. This paper examines the challenges of providing a `secure' open system and how these challenges may be addressed from both an architectural as well as functional viewpoint. The role of discretionary access control, mandatory access control, and detection and control of computer viruses is discussed. It has often been observed that the role of the security engineer is one of restricting access to data, whereas the role of the system architect, of an open system that is encouraging research, should make data easy to obtain and utilize. This paradox is manifest in a system such a EOSDIS where to be useful, the systems data must be easy to obtain, but to ensure the integrity of the data it must exercise some level of security. This paper address the use and role of the Security Services of the OSF Distributed Computing Environment in support of networked applications, such as those that may be used in the implementation of the EOS Science Network. It further examines the role of mandatory access control mechanisms to provide data integrity guarantees. The paper further discusses how a system like EOSDIS may prevent computer viruses using a system of automated detection mechanisms and configuration control.

  1. Energy and national security.

    SciTech Connect

    Karas, Thomas H.

    2003-09-01

    On May 19 and 20, 2003, thirty-some members of Sandia staff and management met to discuss the long-term connections between energy and national security. Three broad security topics were explored: I. Global and U.S. economic dependence on oil (and gas); II. Potential security implications of global climate change; and III. Vulnerabilities of the U.S. domestic energy infrastructure. This report, rather than being a transcript of the workshop, represents a synthesis of background information used in the workshop, ideas that emerged in the discussions, and ex post facto analysis of the discussions. Each of the three subjects discussed at this workshop has significant U.S. national security implications. Each has substantial technology components. Each appears a legitimate area of concern for a national security laboratory with relevant technology capabilities. For the laboratory to play a meaningful role in contributing to solutions to national problems such as these, it needs to understand the political, economic, and social environments in which it expects its work to be accepted and used. In addition, it should be noted that the problems of oil dependency and climate change are not amenable to solution by the policies of any one nation--even the one that is currently the largest single energy consumer. Therefore, views, concerns, policies, and plans of other countries will do much to determine which solutions might work and which might not.

  2. Computer Security Risk Assessment

    Energy Science and Technology Software Center (ESTSC)

    1992-02-11

    LAVA/CS (LAVA for Computer Security) is an application of the Los Alamos Vulnerability Assessment (LAVA) methodology specific to computer and information security. The software serves as a generic tool for identifying vulnerabilities in computer and information security safeguards systems. Although it does not perform a full risk assessment, the results from its analysis may provide valuable insights into security problems. LAVA/CS assumes that the system is exposed to both natural and environmental hazards and tomore » deliberate malevolent actions by either insiders or outsiders. The user in the process of answering the LAVA/CS questionnaire identifies missing safeguards in 34 areas ranging from password management to personnel security and internal audit practices. Specific safeguards protecting a generic set of assets (or targets) from a generic set of threats (or adversaries) are considered. There are four generic assets: the facility, the organization''s environment; the hardware, all computer-related hardware; the software, the information in machine-readable form stored both on-line or on transportable media; and the documents and displays, the information in human-readable form stored as hard-copy materials (manuals, reports, listings in full-size or microform), film, and screen displays. Two generic threats are considered: natural and environmental hazards, storms, fires, power abnormalities, water and accidental maintenance damage; and on-site human threats, both intentional and accidental acts attributable to a perpetrator on the facility''s premises.« less

  3. Practical secure quantum communications

    NASA Astrophysics Data System (ADS)

    Diamanti, Eleni

    2015-05-01

    We review recent advances in the field of quantum cryptography, focusing in particular on practical implementations of two central protocols for quantum network applications, namely key distribution and coin flipping. The former allows two parties to share secret messages with information-theoretic security, even in the presence of a malicious eavesdropper in the communication channel, which is impossible with classical resources alone. The latter enables two distrustful parties to agree on a random bit, again with information-theoretic security, and with a cheating probability lower than the one that can be reached in a classical scenario. Our implementations rely on continuous-variable technology for quantum key distribution and on a plug and play discrete-variable system for coin flipping, and necessitate a rigorous security analysis adapted to the experimental schemes and their imperfections. In both cases, we demonstrate the protocols with provable security over record long distances in optical fibers and assess the performance of our systems as well as their limitations. The reported advances offer a powerful toolbox for practical applications of secure communications within future quantum networks.

  4. Biological and Chemical Security

    SciTech Connect

    Fitch, P J

    2002-12-19

    The LLNL Chemical & Biological National Security Program (CBNP) provides science, technology and integrated systems for chemical and biological security. Our approach is to develop and field advanced strategies that dramatically improve the nation's capabilities to prevent, prepare for, detect, and respond to terrorist use of chemical or biological weapons. Recent events show the importance of civilian defense against terrorism. The 1995 nerve gas attack in Tokyo's subway served to catalyze and focus the early LLNL program on civilian counter terrorism. In the same year, LLNL began CBNP using Laboratory-Directed R&D investments and a focus on biodetection. The Nunn-Lugar-Domenici Defense Against Weapons of Mass Destruction Act, passed in 1996, initiated a number of U.S. nonproliferation and counter-terrorism programs including the DOE (now NNSA) Chemical and Biological Nonproliferation Program (also known as CBNP). In 2002, the Department of Homeland Security was formed. The NNSA CBNP and many of the LLNL CBNP activities are being transferred as the new Department becomes operational. LLNL has a long history in national security including nonproliferation of weapons of mass destruction. In biology, LLNL had a key role in starting and implementing the Human Genome Project and, more recently, the Microbial Genome Program. LLNL has over 1,000 scientists and engineers with relevant expertise in biology, chemistry, decontamination, instrumentation, microtechnologies, atmospheric modeling, and field experimentation. Over 150 LLNL scientists and engineers work full time on chemical and biological national security projects.

  5. Maritime security laboratory for maritime security research

    NASA Astrophysics Data System (ADS)

    Bunin, Barry J.; Sutin, Alexander; Bruno, Michael S.

    2007-04-01

    Stevens Institute of Technology has established a new Maritime Security Laboratory (MSL) to facilitate advances in methods and technologies relevant to maritime security. MSL is designed to enable system-level experiments and data-driven modeling in the complex environment of an urban tidal estuary. The initial focus of the laboratory is on the threats posed by divers and small craft with hostile intent. The laboratory is, however, evolvable to future threats as yet unidentified. Initially, the laboratory utilizes acoustic, environmental, and video sensors deployed in and around the Hudson River estuary. Experimental data associated with boats and SCUBA divers are collected on a computer deployed on board a boat specifically designed and equipped for these experiments and are remotely transferred to a Visualization Center on campus. Early experiments utilizing this laboratory have gathered data to characterize the relevant parameters of the estuary, acoustic signals produced by divers, and water and air traffic. Hydrophones were deployed to collect data to enable the development of passive acoustic methodologies for maximizing SCUBA diver detection distance. Initial results involving characteristics of the estuary, acoustic signatures of divers, ambient acoustic noise in an urban estuary, and transmission loss of acoustic signals in a wide frequency band are presented. These results can also be used for the characterization of abnormal traffic and improvement of underwater communication in a shallow water estuary.

  6. Securities and Exchange Commission Semiannual Regulatory Agenda

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-04-26

    ... [Securities and Exchange Commission Semiannual Regulatory Agenda ] Part XXIII Securities and Exchange Commission Semiannual Regulatory Agenda ] SECURITIES AND EXCHANGE COMMISSION (SEC) SECURITIES AND EXCHANGE COMMISSION 17 CFR Ch. II Regulatory Flexibility Agenda AGENCY: Securities and Exchange Commission. ACTION: Semiannual regulatory...

  7. Complete colonic duplication in children

    PubMed Central

    Khaleghnejad Tabari, Ahmad; Mirshemirani, Alireza; Khaleghnejad Tabari, Nasibeh

    2012-01-01

    Background: Complete colonic duplication is a very rare congenital anomaly that may have different presentations according to its location and size. Complete colonic duplication can occur in 15% of gastrointestinal duplication. We report two cases of complete colonic duplications, and their characteristics. Case Presentation: We present two patients with complete colonic duplication with different types and presentations. Case 1: A 2- year old boy presented to the clinic with abdominal protrusion, difficulty to defecate, chronic constipation and mucosal prolaps covered bulging (rectocele) since he was 6 months old. The patient had palpable pelvic mass with doughy consistency. Rectal exam confirmed perirectal mass with soft consistency. The patient underwent a surgical operation that had total tubular colorectal duplication with one blind end and was treated with simple fenestration of distal end, and was discharged without complication. After two years follow up, he had normal defecation and good weight gain. Case 2: A 2 –day old infant was referred with imperforate anus and complete duplication of recto-sigmoid colon, diphallus, double bladder, and hypospadiasis. After clinical and paraclinical investigations, he underwent operations in several stages in different periods, and was discharged without complications. After four years follow up, he led a normal life. Conclusion: The patients with complete duplication have to be examined carefully because of the high incidence of other systemic anomalies. Treatment includes simple resection of distal common wall, fenestration, and repair other associated anomalies. PMID:24358440

  8. Port and Harbor Security

    SciTech Connect

    Saito, T; Guthmuller, H; DeWeert, M

    2004-12-15

    Port and Harbor Security is a daunting task to which optics and photonics offers significant solutions. We are pleased to report that the 2005 Defense and Security Symposium (DSS, Orlando, FL) will include reports on active and passive photonic systems operating from both airborne and subsurface platforms. In addition to imaging techniques, there are various photonic applications, such as total internal reflection fluorescence (TIRF), which can be used to ''sniff'' for traces of explosives or contaminants in marine. These non-imaging technologies are beyond the scope of this article, but will also be represented at DSS 2005. We encourage colleagues to join our technical group to help us to make our ports and harbors safer and more secure.

  9. Secure content objects

    DOEpatents

    Evans, William D.

    2009-02-24

    A secure content object protects electronic documents from unauthorized use. The secure content object includes an encrypted electronic document, a multi-key encryption table having at least one multi-key component, an encrypted header and a user interface device. The encrypted document is encrypted using a document encryption key associated with a multi-key encryption method. The encrypted header includes an encryption marker formed by a random number followed by a derivable variation of the same random number. The user interface device enables a user to input a user authorization. The user authorization is combined with each of the multi-key components in the multi-key encryption key table and used to try to decrypt the encrypted header. If the encryption marker is successfully decrypted, the electronic document may be decrypted. Multiple electronic documents or a document and annotations may be protected by the secure content object.

  10. Double layer secure sketch

    NASA Astrophysics Data System (ADS)

    Li, Cai

    2012-09-01

    Secure sketch has been applied successfully in a wide variety of applications like cryptography, biometric authentication systems and so on. All of these secure sketches have properties in common namely error-tolerance and small entropy loss. The former ensures an input set w' can unlock the system if w' is substantially overlapped with a template set w while the latter means it is hard for an adversary to get the information of w even with the knowledge of s, which is produced by w and stored in the system publicly. In their constructions, they all consider w as a set of atomic elements. However, in the real word, it is very likely the elements in the template set are sets as well. In this paper, we propose a double layer secure sketch to address this issue.

  11. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  12. A Learning-Based Approach to Reactive Security

    NASA Astrophysics Data System (ADS)

    Barth, Adam; Rubinstein, Benjamin I. P.; Sundararajan, Mukund; Mitchell, John C.; Song, Dawn; Bartlett, Peter L.

    Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker's incentives and knowledge.

  13. Cyber Security Evaluation Tool

    SciTech Connect

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

  14. Strategy for IT Security

    NASA Technical Reports Server (NTRS)

    Santiago, S. Scott; Moyles, Thomas J. (Technical Monitor)

    2001-01-01

    This viewgraph presentation provides information on the importance of information technology (IT) security (ITS) to NASA's mission. Several points are made concerning the subject. In order for ITS to be successful, it must be supported by management. NASA, while required by law to keep the public informed of its pursuits, must take precautions due to possible IT-based incursions by computer hackers and other malignant persons. Fear is an excellent motivation for establishing and maintaining a robust ITS policy. The ways in which NASA ITS personnel continually increase security are manifold, however a great deal relies upon the active involvement of the entire NASA community.

  15. Cyber Security Evaluation Tool

    Energy Science and Technology Software Center (ESTSC)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied tomore » enhance cybersecurity controls.« less

  16. Safety, Security and Multicore

    NASA Astrophysics Data System (ADS)

    Parkinson, Paul

    Historically many safety-related and security-critical systems have been developed and qualified using single-core processors. These platforms could easily meet their increases in system performance requirements through higher processor clock speeds. However, the industry is now approaching the limit of relatively simple upgrade path, and there is an increasing trend towards the adoption of multicore processor architectures in critical systems to address higher performance demands. In this paper, we will review the challenges involved in migration to multicore processor architectures and the specific challenges related to their use in safety-critical and security-sensitive systems.

  17. Security System Software

    NASA Technical Reports Server (NTRS)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  18. The art framework

    NASA Astrophysics Data System (ADS)

    Green, C.; Kowalkowski, J.; Paterno, M.; Fischler, M.; Garren, L.; Lu, Q.

    2012-12-01

    Future “Intensity Frontier” experiments at Fermilab are likely to be conducted by smaller collaborations, with fewer scientists, than is the case for recent “Energy Frontier” experiments. art is a C++ event-processing framework designed with the needs of such experiments in mind. An evolution from the framework of the CMS experiment, art was designed and implemented to be usable by multiple experiments without imposing undue maintenance effort requirements on either the art developers or experiments using it. We describe the key requirements and features of art and the rationale behind evolutionary changes, additions and simplifications with respect to the CMS framework. In addition, our package distribution system and our collaborative model with respect to the multiple experiments using art helps keep the maintenance burden low. We also describe in-progress and future enhancements to the framework, including strategies we are using to allow multi-threaded use of the art framework in today's multi- and many-core environments.

  19. General Aviation Data Framework

    NASA Technical Reports Server (NTRS)

    Blount, Elaine M.; Chung, Victoria I.

    2006-01-01

    The Flight Research Services Directorate at the NASA Langley Research Center (LaRC) provides development and operations services associated with three general aviation (GA) aircraft used for research experiments. The GA aircraft includes a Cessna 206X Stationair, a Lancair Colombia 300X, and a Cirrus SR22X. Since 2004, the GA Data Framework software was designed and implemented to gather data from a varying set of hardware and software sources as well as enable transfer of the data to other computers or devices. The key requirements for the GA Data Framework software include platform independence, the ability to reuse the framework for different projects without changing the framework code, graphics display capabilities, and the ability to vary the interfaces and their performance. Data received from the various devices is stored in shared memory. This paper concentrates on the object oriented software design patterns within the General Aviation Data Framework, and how they enable the construction of project specific software without changing the base classes. The issues of platform independence and multi-threading which enable interfaces to run at different frame rates are also discussed in this paper.

  20. Conceptual frameworks in astronomy

    NASA Astrophysics Data System (ADS)

    Pundak, David

    2016-06-01

    How to evaluate students' astronomy understanding is still an open question. Even though some methods and tools to help students have already been developed, the sources of students' difficulties and misunderstanding in astronomy is still unclear. This paper presents an investigation of the development of conceptual systems in astronomy by 50 engineering students, as a result of learning a general course on astronomy. A special tool called Conceptual Frameworks in Astronomy (CFA) that was initially used in 1989, was adapted to gather data for the present research. In its new version, the tool included 23 questions, and five to six optional answers were given for each question. Each of the answers was characterized by one of the four conceptual astronomical frameworks: pre-scientific, geocentric, heliocentric and sidereal or scientific. The paper describes the development of the tool and discusses its validity and reliability. Using the CFA we were able to identify the conceptual frameworks of the students at the beginning of the course and at its end. CFA enabled us to evaluate the paradigmatic change of students following the course and also the extent of the general improvement in astronomical knowledge. It was found that the measure of the students’ improvement (gain index) was g = 0.37. Approximately 45% of the students in the course improved their understanding of conceptual frameworks in astronomy and 26% deepened their understanding of the heliocentric or sidereal conceptual frameworks.