Science.gov

Sample records for facility security system

  1. Information security management system planning for CBRN facilities

    SciTech Connect

    Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  2. Helicopter acoustic alerting system for high-security facilities

    NASA Astrophysics Data System (ADS)

    Steadman, Robert L.; Hansen, Scott; Park, Chris; Power, Dennis

    2009-05-01

    Helicopters present a serious threat to high security facilities such as prisons, nuclear sites, armories, and VIP compounds. They have the ability to instantly bypass conventional security measures focused on ground threats such as fences, check-points, and intrusion sensors. Leveraging the strong acoustic signature inherent in all helicopters, this system would automatically detect, classify, and accurately track helicopters using multi-node acoustic sensor fusion. An alert would be generated once the threat entered a predefined 3-dimension security zone in time for security personnel to repel the assault. In addition the system can precisely identify the landing point on the facility grounds.

  3. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  4. Cold Vacuum Dryer (CVD) Facility Security System Design Description (SYS 54)

    SciTech Connect

    WHITEHURST, R.

    2000-09-11

    This system design description (SDD) addresses the Cold Vacuum Drying (CVD) Facility security system. The system's primary purpose is to provide reasonable assurance that breaches of security boundaries are detected and assessment information is provided to protective force personnel. In addition, the system is utilized by Operations to support reduced personnel radiation goals and to provide reasonable assurance that only authorized personnel are allowed to enter designated security areas.

  5. Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

    PubMed Central

    Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

    2012-01-01

    Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

  6. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  7. Alarm communication and display systems for high security department of energy facilities

    SciTech Connect

    Williams, J.S.

    1987-01-01

    An Alarm Communication and Display System collects alarm data, presents information to security operators, and enables the operators to enter commands affecting security operations; the ultimate goal of the system is to provide rapid assessment of alarms. This paper presents an overview of the architecture and operating principles used for alarm communication and display systems developed for application at several Department of Energy facilities. Although facilities have unique requirements and procedures, the architecture and operating principles of the ACDS presented in this paper have allowed site-specific implementations at several Department of Energy facilities. In addition, this technology has been transferred to other DOE facilities for adaptation to their requirements. Further efforts to enhance ACDS technology include the use of local area network technology to assist in peripheral switching, a distributed CCTV video switching system, and state-of-the-art hardware changes which improve system performance and effectiveness.

  8. Using vulnerability assessments to design facility safeguards and security systems

    SciTech Connect

    Snell, M.; Jaeger, C.

    1994-08-01

    The Weapons Complex Reconfiguration (WCR) Program is meant to prepare the Department of Energy (DOE) weapons complex to meet the needs of the next century through construction of now facilities or upgrades-in-place at existing facilities. This paper describes how a vulnerability (VA) was used to identify potential S&S features for the conceptual design for a plutonium storage facility as part of the WCR Program. We distinguish those features of the design that need to be investigated at the conceptual stage from those that can be evaluated later. We also examined what protection features may allow reduced S&S operating costs, with the main focus on protective force costs. While some of these concepts hold the promise for significantly reducing life-cycle protective force costs, their use depends on resolving long-standing tradeoffs between S&S and safety, which are discussed in the study.

  9. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  10. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  11. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  12. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  13. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  14. Regional Radiological Security Partnership in Southeast Asia – Increasing the Sustainability of Security Systems at the Site-Level by Using a Model Facility Approach

    SciTech Connect

    Chamberlain, Travis L.; Dickerson, Sarah; Ravenhill, Scott D.; Murray, Allan; Morris, Frederic A.; Herdes, Gregory A.

    2009-10-07

    In 2004, Australia, through the Australian Nuclear Science and Technology Organisation (ANSTO), created the Regional Security of Radioactive Sources (RSRS) project and partnered with the U.S. Department of Energy’s Global Threat Reduction Initiative (GTRI) and the International Atomic Energy Agency (IAEA) to form the Southeast Asian Regional Radiological Security Partnership (RRSP). The intent of the RRSP is to cooperate with countries in Southeast Asia to improve the security of their radioactive sources. This Southeast Asian Partnership supports objectives to improve the security of high risk radioactive sources by raising awareness of the need and developing national programs to protect and control such materials, improve the security of such materials, and recover and condition the materials no longer in use. The RRSP has utilized many tools to meet those objectives including: provision of physical protection upgrades, awareness training, physical protection training, regulatory development, locating and recovering orphan sources, and most recently - development of model security procedures at a model facility. This paper discusses the benefits of establishing a model facility, the methods employed by the RRSP, and three of the expected outcomes of the Model Facility approach. The first expected outcome is to increase compliance with source security guidance materials and national regulations by adding context to those materials, and illustrating their impact on a facility. Second, the effectiveness of each of the tools above is increased by making them part of an integrated system. Third, the methods used to develop the model procedures establishes a sustainable process that can ultimately be transferred to all facilities beyond the model. Overall, the RRSP has utilized the Model Facility approach as an important tool to increase the security of radioactive sources, and to position facilities and countries for the long term secure management of those sources.

  15. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  16. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  17. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  18. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  19. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  20. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  1. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  2. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  3. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  4. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  5. 78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-02-01

    ...This notice requests comments from facility owners and operators, State and local law enforcement agencies, port authorities, relevant security industry participants, and all other interested members of the public regarding how to best implement Section 822 of the Coast Guard Authorization Act of 2010. In particular, this notice discusses the Coast Guard's preliminary thoughts on how owners or......

  6. Secure Chemical Facilities Act

    THOMAS, 113th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2013-01-23

    01/23/2013 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  7. Secure Chemical Facilities Act

    THOMAS, 112th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2011-03-31

    03/31/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  8. Security system

    DOEpatents

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  9. Composite Data Products (CDPs) from the Hydrogen Secure Data Center (HSDC) at the Energy Systems Integration Facility (ESIF), NREL

    DOE Data Explorer

    The Hydrogen Secure Data Center (HSDC) at NREL's Energy Systems Integration Facility (ESIF) plays a crucial role in NREL's independent, third-party analysis of hydrogen fuel cell technologies in real-world operation. NREL partners submit operational, maintenance, safety, and cost data to the HSDC on a regular basis. NREL's Technology Validation Team uses an internal network of servers, storage, computers, backup systems, and software to efficiently process raw data, complete quarterly analysis, and digest large amounts of time series data for data visualization. While the raw data are secured by NREL to protect commercially sensitive and proprietary information, individualized data analysis results are provided as detailed data products (DDPs) to the partners who supplied the data. Individual system, fleet, and site analysis results are aggregated into public results called composite data products (CDPs) that show the status and progress of the technology without identifying individual companies or revealing proprietary information. These CDPs are available from this NREL website: 1) Hydrogen Fuel Cell Vehicle and Infrastructure Learning Demonstration; 2) Early Fuel Cell Market Demonstrations; 3) Fuel Cell Technology Status [Edited from http://www.nrel.gov/hydrogen/facilities_secure_data_center.html].

  10. Securing robust control in systems for closed-loop control of inertial thermal power facilities

    NASA Astrophysics Data System (ADS)

    Kovrigo, Yu. M.; Bagan, T. G.; Bunke, A. S.

    2014-03-01

    We consider two approaches to achieving the necessary stability margin in systems for closed-loop control of inertial thermal power facilities under the conditions of a variable operating mode of process equipment. Structural solutions for these systems are proposed, and tuning procedures are given. Transients in the synthesized systems are simulated, and the control quality indicators are calculated and compared. Application of the proposed procedures makes it possible to obtain a sufficient stability margin with preserving highquality performance of the closed-loop control systems.

  11. Waste Receiving and Processing (WRAP) Facility PMS Test Report For Data Management System (DMS) Security Test DMS-Y2K

    SciTech Connect

    PALMER, M.E.

    1999-09-21

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This document shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems.

  12. System Security Authorization Agreement (SSAA) for the WIRE Archive and Research Facility

    NASA Technical Reports Server (NTRS)

    2002-01-01

    The Wide-Field Infrared Explorer (WIRE) Archive and Research Facility (WARF) is operated and maintained by the Department of Physics, USAF Academy. The lab is located in Fairchild Hall, 2354 Fairchild Dr., Suite 2A103, USAF Academy, CO 80840. The WARF will be used for research and education in support of the NASA Wide Field Infrared Explorer (WIRE) satellite, and for related high-precision photometry missions and activities. The WARF will also contain the WIRE preliminary and final archives prior to their delivery to the National Space Science Data Center (NSSDC). The WARF consists of a suite of equipment purchased under several NASA grants in support of WIRE research. The core system consists of a Red Hat Linux workstation with twin 933 MHz PIII processors, 1 GB of RAM, 133 GB of hard disk space, and DAT and DLT tape drives. The WARF is also supported by several additional networked Linux workstations. Only one of these (an older 450 Mhz PIII computer running Red Hat Linux) is currently running, but the addition of several more is expected over the next year. In addition, a printer will soon be added. The WARF will serve as the primary research facility for the analysis and archiving of data from the WIRE satellite, together with limited quantities of other high-precision astronomical photometry data from both ground- and space-based facilities. However, the archive to be created here will not be the final archive; rather, the archive will be duplicated at the NSSDC and public access to the data will generally take place through that site.

  13. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Assessment (FSA) § 105.305 Facility Security Assessment (FSA) requirements. (a) Background. The facility owner or operator must...

  14. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Assessment (FSA) § 105.305 Facility Security Assessment (FSA) requirements. (a) Background. The facility owner or operator must...

  15. 33 CFR 127.701 - Security on existing facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... (CONTINUED) WATERFRONT FACILITIES WATERFRONT FACILITIES HANDLING LIQUEFIED NATURAL GAS AND LIQUEFIED HAZARDOUS GAS Waterfront Facilities Handling Liquefied Natural Gas Security § 127.701 Security on...

  16. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Facility Security Officer (FSO... MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security...) The same person may serve as the FSO for more than one facility, provided the facilities are in...

  17. Security systems engineering overview

    NASA Astrophysics Data System (ADS)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  18. Security systems engineering overview

    SciTech Connect

    Steele, B.J.

    1996-12-31

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).

  19. Perimeter security for Minnesota correctional facilities

    SciTech Connect

    Crist, D.; Spencer, D.D.

    1996-12-31

    For the past few years, the Minnesota Department of Corrections, assisted by Sandia National Laboratories, has developed a set of standards for perimeter security at medium, close, and maximum custody correctional facilities in the state. During this process, the threat to perimeter security was examined and concepts about correctional perimeter security were developed. This presentation and paper will review the outcomes of this effort, some of the lessons learned, and the concepts developed during this process and in the course of working with architects, engineers and construction firms as the state upgraded perimeter security at some facilities and planned new construction at other facilities.

  20. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Security Officer (FSO). 105.205 Section 105.205 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security Officer (FSO). (a) General. (1) The...

  1. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Facility Security Officer (FSO). 105.205 Section 105.205 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security Officer (FSO). (a) General. (1) The...

  2. Physical security technologies for weapons complex reconfiguration facilities

    SciTech Connect

    Jaeger, C.D.

    1994-07-01

    Sandia National Laboratories was a member of the Weapons Complex Reconfiguration (WCR) Safeguards and Security (S&S) team providing assistance to the Department of Energy`s (DOE) Office of Weapons Complex Reconfiguration. The physical security systems in the new and upgraded facilities being considered for the WCR had to meet DOE orders and other requirements set forth in the WCR Programmatic Design Criteria (PDC), incorporate the latest physical security technologies using proven state-of-the-art systems and meet fundamental security principles. The outcome was to avoid costly retrofits and provide effective and comprehensive protection against current and projected threats with minimal impact on operations, costs and schedule. Physical security requirements for WCR facilities include: (1) reducing S&S life-cycle costs, (2) where feasible automating S&S functions to minimize operational costs, access to critical assets and exposure of people to hazardous environments, (3) increasing the amount of delay to outsider adversary attack, (4) compartmentalizing the facility to minimize the number of personnel requiring access to critical areas and (5) having reliable and maintainable systems. To be most effective against threats physical security must be integrated with facility operations, safety and other S&S activities, such as material control and accountability, nuclear measurements and computer and information security. This paper will discuss the S&S issues, requirements, technology opportunities and needs. Physical security technologies and systems considered in the design effort of the Weapons Complex Reconfiguration facilities will be reviewed.

  3. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  4. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  5. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  6. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  7. Assessing the Security Vulnerabilities of Correctional Facilities

    SciTech Connect

    Morrison, G.S.; Spencer, D.S.

    1998-10-27

    The National Institute of Justice has tasked their Satellite Facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps to identi~ the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion fi-om outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees, In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these initial assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

  8. Assessing the security vulnerabilities of correctional facilities

    NASA Astrophysics Data System (ADS)

    Spencer, Debra D.; Morrison, G. Steve

    1998-12-01

    The National Institute of Justice has tasked their satellite facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps identify the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion from outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees. In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

  9. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall... manned television monitoring system is used, to detect— (a) Unauthorized personnel; (b) Fires; and...

  10. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security of aircraft and facilities. 1544.225... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.225 Security of aircraft and facilities....

  11. Security Systems Consideration: A Total Security Approach

    NASA Astrophysics Data System (ADS)

    Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

    2007-12-01

    The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

  12. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  13. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  14. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  15. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  16. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  17. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  18. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  19. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  20. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  1. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  2. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  3. Computer Security Systems Enable Access.

    ERIC Educational Resources Information Center

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  4. Secure video communications system

    DOEpatents

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  5. Network systems security analysis

    NASA Astrophysics Data System (ADS)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  6. Systems security and functional readiness

    SciTech Connect

    Bruckner, D.G.

    1988-01-01

    In Protective Programming Planning, it is important that every facility or installation be configured to support the basic functions and mission of the using organization. This paper addresses the process of identifying the key functional operations of our facilities in Europe and providing the security necessary to keep them operating in natural and man-made threat environments. Functional Readiness is important since many of our existing facilities in Europe were not constructed to meet the demands of today's requirements. There are increased requirements for real-time systems with classified terminals and stringent access control, tempest and other electronic protection devices. One must prioritize the operations of these systems so that essential functions are provided even when the facilities are affected by overt or covert hostile activities.

  7. 33 CFR 127.701 - Security on existing facilities.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security on existing facilities. 127.701 Section 127.701 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) WATERFRONT FACILITIES WATERFRONT FACILITIES HANDLING LIQUEFIED NATURAL GAS AND LIQUEFIED HAZARDOUS GAS Waterfront Facilities...

  8. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL...

  9. Secure videoconferencing equipment switching system and method

    DOEpatents

    Hansen, Michael E.

    2009-01-13

    A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

  10. Secure video communications systems

    SciTech Connect

    Smith, R.L.

    1991-10-08

    This patent describes a secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  11. A secure open system?

    NASA Astrophysics Data System (ADS)

    Crowe, James A.

    1993-08-01

    The notion of a large distributed computing system in support of a program like EOSDIS, carries with it the requirement that the system provide the user with guarantees about the integrity of the data and certain assurances about the security of the network of computing systems. This paper examines the challenges of providing a `secure' open system and how these challenges may be addressed from both an architectural as well as functional viewpoint. The role of discretionary access control, mandatory access control, and detection and control of computer viruses is discussed. It has often been observed that the role of the security engineer is one of restricting access to data, whereas the role of the system architect, of an open system that is encouraging research, should make data easy to obtain and utilize. This paradox is manifest in a system such a EOSDIS where to be useful, the systems data must be easy to obtain, but to ensure the integrity of the data it must exercise some level of security. This paper address the use and role of the Security Services of the OSF Distributed Computing Environment in support of networked applications, such as those that may be used in the implementation of the EOS Science Network. It further examines the role of mandatory access control mechanisms to provide data integrity guarantees. The paper further discusses how a system like EOSDIS may prevent computer viruses using a system of automated detection mechanisms and configuration control.

  12. Cyber Security and Resilient Systems

    SciTech Connect

    Robert S. Anderson

    2009-07-01

    next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  13. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  14. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  15. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  16. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  17. 77 FR 61771 - Facility Security Officer Training Requirements

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-10-11

    ... public dockets in the January 17, 2008, issue of the Federal Register (73 FR 3316). Information on... SECURITY Coast Guard Facility Security Officer Training Requirements AGENCY: Coast Guard, DHS. ACTION... receive comments on the development of a Facility Security Officer training program, with the...

  18. Security System Software

    NASA Technical Reports Server (NTRS)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  19. Variable contour securing system

    NASA Technical Reports Server (NTRS)

    Zebus, P. P.; Packer, P. N.; Haynie, C. C. (Inventor)

    1978-01-01

    A variable contour securing system has a retaining structure for a member whose surface contains a variable contour. The retaining mechanism includes a spaced array of adjustable spindles mounted on a housing. Each spindle has a base member support cup at one end. A vacuum source is applied to the cups for seating the member adjacent to the cups. A locking mechanism sets the spindles in a predetermined position once the member has been secured to the spindle support cups.

  20. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  1. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  2. Argonne's performance assessment of major facility systems to support semiconductor manufacturing by the National Security Agency/R Group, Ft. Meade, Maryland

    SciTech Connect

    Harrison, W.; Miller, G.M.

    1990-12-01

    The National Security Agency (NSA) was authorized in 1983 to construct a semiconductor and circuit-board manufacturing plant at its Ft. Meade, Maryland, facility. This facility was to become known as the Special Process Laboratories (SPL) building. Phase I construction was managed by the US Army Corps of Engineers, Baltimore District (USACE/BD) and commenced in January 1986. Phase I construction provided the basic building and support systems, such as the heating, ventilating, and air-conditioning system, the deionized-water and wastewater-treatment systems, and the high-purity-gas piping system. Phase II construction involved fitting the semiconductor manufacturing side of the building with manufacturing tools and enhancing various aspects of the Phase I construction. Phase II construction was managed by NSA and commenced in April 1989. Argonne National Laboratory (ANL) was contracted by USACE/BD midway through the Phase I construction period to provide quality-assured performance reviews of major facility systems in the SPL. Following completion of the Phase I construction, ANL continued its performance reviews under NSA sponsorship, focusing its attention on the enhancements to the various manufacturing support systems of interest. The purpose of this document is to provide a guide to the files that were generated by ANL during its term of technical assistance to USACE/BD and NSA and to explain the quality assurance program that was implemented when ANL conducted its performance reviews of the SPL building's systems. One set of the ANL project files is located at NSA, Ft. Meade, and two sets are at Argonne, Illinois. The ANL sets will be maintained until the year 2000, or for the 10-year estimated life of the project. 1 fig.

  3. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 9 2013-10-01 2013-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  4. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  5. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  6. Dynamic security assessment processing system

    NASA Astrophysics Data System (ADS)

    Tang, Lei

    The architecture of dynamic security assessment processing system (DSAPS) is proposed to address online dynamic security assessment (DSA) with focus of the dissertation on low-probability, high-consequence events. DSAPS upgrades current online DSA functions and adds new functions to fit into the modern power grid. Trajectory sensitivity analysis is introduced and its applications in power system are reviewed. An index is presented to assess transient voltage dips quantitatively using trajectory sensitivities. Then the framework of anticipatory computing system (ACS) for cascading defense is presented as an important function of DSAPS. ACS addresses various security problems and the uncertainties in cascading outages. Corrective control design is automated to mitigate the system stress in cascading progressions. The corrective controls introduced in the dissertation include corrective security constrained optimal power flow, a two-stage load control for severe under-frequency conditions, and transient stability constrained optimal power flow for cascading outages. With state-of-the-art computing facilities to perform high-speed extended-term time-domain simulation and optimization for large-scale systems, DSAPS/ACS efficiently addresses online DSA for low-probability, high-consequence events, which are not addressed by today's industrial practice. Human interference is reduced in the computationally burdensome analysis.

  7. Public eye security system

    NASA Astrophysics Data System (ADS)

    Aviv, David G.

    1999-01-01

    The recently patented system is a software engine that is connected to a television camera that is used for security applications. It will detect in near real time any physical criminal acts occurring within the field of view of the camera. It then instantaneously transmits an alarm to law enforcement and turns on a VCR and other crime deterrent systems, without human involvement.

  8. 14. Topside facility, interior of security office, view towards south. ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    14. Topside facility, interior of security office, view towards south. Lyon - Whiteman Air Force Base, Oscar O-1 Minuteman Missile Alert Facility, Southeast corner of Twelfth & Vendenberg Avenues, Knob Noster, Johnson County, MO

  9. Adaptive security systems -- Combining expert systems with adaptive technologies

    SciTech Connect

    Argo, P.; Loveland, R.; Anderson, K.

    1997-09-01

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting.

  10. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... Facility Security Plan (FSP). 105.405 Section 105.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Plan (FSP) § 105.405 Format and content of the Facility Security Plan (FSP). (a) A facility owner or operator...

  11. Subsurface Facility System Description Document

    SciTech Connect

    Eric Loros

    2001-07-31

    The Subsurface Facility System encompasses the location, arrangement, size, and spacing of the underground openings. This subsurface system includes accesses, alcoves, and drifts. This system provides access to the underground, provides for the emplacement of waste packages, provides openings to allow safe and secure work conditions, and interfaces with the natural barrier. This system includes what is now the Exploratory Studies Facility. The Subsurface Facility System physical location and general arrangement help support the long-term waste isolation objectives of the repository. The Subsurface Facility System locates the repository openings away from main traces of major faults, away from exposure to erosion, above the probable maximum flood elevation, and above the water table. The general arrangement, size, and spacing of the emplacement drifts support disposal of the entire inventory of waste packages based on the emplacement strategy. The Subsurface Facility System provides access ramps to safely facilitate development and emplacement operations. The Subsurface Facility System supports the development and emplacement operations by providing subsurface space for such systems as ventilation, utilities, safety, monitoring, and transportation.

  12. Building a Secure Library System.

    ERIC Educational Resources Information Center

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  13. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Processing security facility approval. 1016.9 Section 1016... § 1016.9 Processing security facility approval. The following receipt of an acceptable request for... granted pursuant to § 1016.6 of this part....

  14. Computer security in DOE distributed computing systems

    SciTech Connect

    Hunteman, W.J.

    1990-01-01

    The modernization of DOE facilities amid limited funding is creating pressure on DOE facilities to find innovative approaches to their daily activities. Distributed computing systems are becoming cost-effective solutions to improved productivity. This paper defines and describes typical distributed computing systems in the DOE. The special computer security problems present in distributed computing systems are identified and compared with traditional computer systems. The existing DOE computer security policy supports only basic networks and traditional computer systems and does not address distributed computing systems. A review of the existing policy requirements is followed by an analysis of the policy as it applies to distributed computing systems. Suggested changes in the DOE computer security policy are identified and discussed. The long lead time in updating DOE policy will require guidelines for applying the existing policy to distributed systems. Some possible interim approaches are identified and discussed. 2 refs.

  15. Cyberspace security system

    DOEpatents

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  16. Secure Repayable Storage System

    NASA Astrophysics Data System (ADS)

    Alkharobi, T. M.

    This paper proposes a method to create a system that allows data to be stored in several locations in secure and reliable manner. The system should create several shares from the data such that only pre-specified subsets of these shares can be used to retrieve the original data. The shares then will be distributed to shareholders over a local and/or wide area network. The system should allow requesting some/all shares from shareholders and using them to rebuild the data.

  17. Photovoltaic systems test facility

    NASA Technical Reports Server (NTRS)

    1979-01-01

    Facility provides broad and flexible capability for evaluating photovoltaic systems and design concepts. As 'breadboard' system, it can be used to check out complete systems, subsystems, and components before installation in actual service.

  18. Information Systems, Security, and Privacy.

    ERIC Educational Resources Information Center

    Ware, Willis H.

    1984-01-01

    Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

  19. Physical security and vulnerability modeling for infrasturcture facilities.

    SciTech Connect

    Nozick, Linda Karen; Jones, Dean A.; Davis, Chad Edward; Turnquist, Mark Alan

    2006-07-01

    A model of malicious intrusions in infrastructure facilities is developed, using a network representation of the system structure together with Markov models of intruder progress and strategy. This structure provides an explicit mechanism to estimate the probability of successful breaches of physical security, and to evaluate potential improvements. Simulation is used to analyze varying levels of imperfect information on the part of the intruders in planning their attacks. An example of an intruder attempting to place an explosive device on an airplane at an airport gate illustrates the structure and potential application of the model.

  20. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  1. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  2. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  3. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  4. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  5. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a chemical facility. (a) Information to determine security risk. In order...

  6. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a...

  7. Security system signal supervision

    SciTech Connect

    Chritton, M.R. ); Matter, J.C. )

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

  8. Insider threat to secure facilities: data analysis

    SciTech Connect

    Not Available

    1980-05-09

    Three data sets drawn from industries that have experienced internal security breaches are analyzed. The industries and the insider security breaches are considered analogous in one or more respects to insider threats potentially confronting managers in the nuclear industry. The three data sets are: bank fraud and embezzlement (BF and E), computer-related crime, and drug theft from drug manufacturers and distributors. A careful analysis by both descriptive and formal statistical techniques permits certain general conclusions on the internal threat to secure industries to be drawn. These conclusions are discussed and related to the potential insider threat in the nuclear industry. 49 tabs.

  9. Chemical Facility Security Improvement Act of 2013

    THOMAS, 113th Congress

    Rep. Jackson Lee, Sheila [D-TX-18

    2013-01-03

    02/12/2013 Referred to the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  10. 78 FR 48029 - Improving Chemical Facility Safety and Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    .... [FR Doc. 2013-19220 Filed 8-6-13; 8:45 am] Billing code 3295-F3 ... Documents#0;#0; ] Executive Order 13650 of August 1, 2013 Improving Chemical Facility Safety and Security By... departments and agencies (agencies) with regulatory authority to further improve chemical facility safety...

  11. VISA-2 - a general, vulnerability-oriented method for evaluating the performance of integrated safeguards/security systems at nuclear facilities

    SciTech Connect

    Harris, L.; Owel, W.R.

    1981-01-01

    This paper discusses the VISA (Vulnerability of Integrated Safeguards Analysis) method, developed in 1976-77 for the Nuclear Regulatory Commission, and which has been adapted more recently to a broader range of uses. The performance of VISA systems is evaluated in terms of how they perform as an integrated safeguards/security system. The resulting method has been designated VISA-2. 7 refs.

  12. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  13. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  14. Security system helps utility stay competitive

    SciTech Connect

    1995-04-01

    Atlantic Electric is saving more than $750,000 annually in security costs by using an innovative closed-circuit television (CCTV) system to guard its remote sites electronically. Today, a single guard in the central security control room at Atlantic Electric`s headquarters electronically surveys and controls some 20 remote sites such as combustion turbine sites, material storage, administrative facilities and operating centers. Protecting these sites are CCTV cameras mounted around each yard, floodlighting, and a motion detection and signal transmission system called Adpro SiteWatch by vsion Systems Inc. The SiteWatch system automatically displays to the central guard any intrusion at a site, and captures and replays the intrusion events similar to an instant replay in a televised sporting event. Over the five year transition, Atlantic Electric saved nearly $2 million in security costs.

  15. Advantages of redeployable security systems

    SciTech Connect

    Birch, A.

    1993-12-31

    Security systems must be proven dependable, cost effective, easily installed and maintained. Further, these technologies should not require skilled technicians to install, align, maintain and/or repair during the project`s life cycle. These new priorities and financial demands have to be addressed utilizing various existing and proven technologies that have been developed and are currently being applied. One of these technologies directly relates to the development and application of rapid deployment and redeployable sensor systems that permit flexible asset protection and smaller perimeters within a given complex, rather than intrusion detection systems for an entire facility. Both Rapid Deployment Intrusion Detection System (RDIDS), and Redeployable Intrusion Detection System (RIDS) technologies can be designed for operation in any weather conditions, impervious to salt air, chemical and most explosive environments, as well as highly resistant to false alarms. These systems utilize photovoltaic power with 12-hour battery backup as their primary source of energy. Sensor systems can be integrated with Radio Frequency (RF) polling transceivers operating in the VHF or UHF frequencies. This enhancement offers extensive flexibility and substantial cash savings Is compared to hard wired installations. RDIDS and RIDS can be deployed for limited areas and be operational in a fraction of the time required for conventional systems. The result affords a fully warranted long life RIDS, modular in design, flexible in application, false alarm free, self-diagnostic, and impervious to most environmental conditions. Further, RIDS can be engineered to interface with fiber optic technology thereby ensuring quality transmission in rural environments. Fiber optic integration proves even more effective when using CCTV cameras. The fiber optic module can be used for monitoring the tamper and alarm circuits as well as video transmission.

  16. Aviation security: A system's perspective

    SciTech Connect

    Martin, J.P.

    1988-01-01

    For many years the aviation industry and airports operated with security methods and equipment common to most other large industrial complexes. At that time, the security systems primarily provided asset and property protection. However, soon after the first aircraft hijacking the focus of security shifted to emphasize the security requirements necessary for protecting the traveling public and the one feature of the aviation industry that makes it unique---the airplane. The airplane and its operation offered attractive opportunities for the homesick refugee, the mentally unstable person and the terrorist wanting to make a political statement. The airport and its aircraft were the prime targets requiring enhanced security against this escalated threat. In response, the FAA, airport operators and air carriers began to develop plans for increasing security and assigning responsibilities for implementation.

  17. Information Security and Integrity Systems

    NASA Technical Reports Server (NTRS)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  18. Computer/information security design approaches for Complex 21/Reconfiguration facilities

    SciTech Connect

    Hunteman, W.J.; Zack, N.R.; Jaeger, C.D.

    1993-08-01

    Los Alamos National Laboratory and Sandia National Laboratories have been designated the technical lead laboratories to develop the design of the computer/information security, safeguards, and physical security systems for all of the DOE Complex 21/Reconfiguration facilities. All of the automated information processing systems and networks in these facilities will be required to implement the new DOE orders on computer and information security. The planned approach for a highly integrated information processing capability in each of the facilities will require careful consideration of the requirements in DOE Orders 5639.6 and 1360.2A. The various information protection requirements and user clearances within the facilities will also have a significant effect on the design of the systems and networks. Fulfilling the requirements for proper protection of the information and compliance with DOE orders will be possible because the computer and information security concerns are being incorporated in the early design activities. This paper will discuss the computer and information security addressed in the integrated design effort, uranium/lithium, plutonium, plutonium high explosive/assembly facilities.

  19. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Company or OCS facility personnel with security duties. 106.215 Section 106.215 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility...

  20. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Company or OCS facility personnel with security duties. 106.215 Section 106.215 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility...

  1. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Pt. 105, App. A Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  2. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Pt. 105, App. A Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  3. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    DOEpatents

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  4. Power Systems Development Facility

    SciTech Connect

    Southern Company Services

    2009-01-31

    In support of technology development to utilize coal for efficient, affordable, and environmentally clean power generation, the Power Systems Development Facility (PSDF), located in Wilsonville, Alabama, has routinely demonstrated gasification technologies using various types of coals. The PSDF is an engineering scale demonstration of key features of advanced coal-fired power systems, including a Transport Gasifier, a hot gas particulate control device, advanced syngas cleanup systems, and high-pressure solids handling systems. This final report summarizes the results of the technology development work conducted at the PSDF through January 31, 2009. Twenty-one major gasification test campaigns were completed, for a total of more than 11,000 hours of gasification operation. This operational experience has led to significant advancements in gasification technologies.

  5. 75 FR 5609 - Privacy Act of 1974; Department of Homeland Security/ALL-024 Facility and Perimeter Access...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-03

    ...In accordance with the Privacy Act of 1974 the Department of Homeland Security proposes to update and reissue Department of Homeland Security/ALL--024 Facility and Perimeter Access Control and Visitor Management System of Records to include record systems within the Federal Protective Service. Categories of individuals, categories of records, purpose and routine uses of this system have been......

  6. A demonstration of a low cost approach to security at shipping facilities and ports

    NASA Astrophysics Data System (ADS)

    Huck, Robert C.; Al Akkoumi, Mouhammad K.; Herath, Ruchira W.; Sluss, James J., Jr.; Radhakrishnan, Sridhar; Landers, Thomas L.

    2010-04-01

    Government funding for the security at shipping facilities and ports is limited so there is a need for low cost scalable security systems. With over 20 million sea, truck, and rail containers entering the United States every year, these facilities pose a large risk to security. Securing these facilities and monitoring the variety of traffic that enter and leave is a major task. To accomplish this, the authors have developed and fielded a low cost fully distributed building block approach to port security at the inland Port of Catoosa in Oklahoma. Based on prior work accomplished in the design and fielding of an intelligent transportation system in the United States, functional building blocks, (e.g. Network, Camera, Sensor, Display, and Operator Console blocks) can be assembled, mixed and matched, and scaled to provide a comprehensive security system. The following functions are demonstrated and scaled through analysis and demonstration: Barge tracking, credential checking, container inventory, vehicle tracking, and situational awareness. The concept behind this research is "any operator on any console can control any device at any time."

  7. Knowledge-based system for computer security

    SciTech Connect

    Hunteman, W.J.

    1988-01-01

    The rapid expansion of computer security information and technology has provided little support for the security officer to identify and implement the safeguards needed to secure a computing system. The Department of Energy Center for Computer Security is developing a knowledge-based computer security system to provide expert knowledge to the security officer. The system is policy-based and incorporates a comprehensive list of system attack scenarios and safeguards that implement the required policy while defending against the attacks. 10 figs.

  8. Towards an Experimental Testbed Facility for Cyber-Physical Security Research

    SciTech Connect

    Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

    2012-01-07

    Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

  9. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  10. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  11. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  12. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  13. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  14. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  15. 10 CFR 95.21 - Withdrawal of requests for facility security clearance.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Withdrawal of requests for facility security clearance. 95.21 Section 95.21 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Physical Security § 95.21 Withdrawal...

  16. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 36 Parks, Forests, and Public Property 3 2014-07-01 2014-07-01 false Minimum Security Standards... FACILITIES Pt. 1234, App. A Appendix A to Part 1234—Minimum Security Standards for Level III Federal Facilities Recommended Standards Chart Level III Perimeter Security Parking: Control of facility...

  17. It Security and EO Systems

    NASA Astrophysics Data System (ADS)

    Burnett, M.

    2010-12-01

    One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

  18. System and method for secure group transactions

    DOEpatents

    Goldsmith, Steven Y.

    2006-04-25

    A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

  19. Power Systems Development Facility

    SciTech Connect

    2003-07-01

    This report discusses Test Campaign TC12 of the Kellogg Brown & Root, Inc. (KBR) Transport Gasifier train with a Siemens Westinghouse Power Corporation (SW) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The Transport Gasifier is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using a particulate control device (PCD). While operating as a gasifier, either air or oxygen can be used as the oxidant. Test run TC12 began on May 16, 2003, with the startup of the main air compressor and the lighting of the gasifier start-up burner. The Transport Gasifier operated until May 24, 2003, when a scheduled outage occurred to allow maintenance crews to install the fuel cell test unit and modify the gas clean-up system. On June 18, 2003, the test run resumed when operations relit the start-up burner, and testing continued until the scheduled end of the run on July 14, 2003. TC12 had a total of 733 hours using Powder River Basin (PRB) subbituminous coal. Over the course of the entire test run, gasifier temperatures varied between 1,675 and 1,850 F at pressures from 130 to 210 psig.

  20. Multimedia Security System for Security and Medical Applications

    ERIC Educational Resources Information Center

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  1. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  2. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  3. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 6 Domestic Security 1 2012-01-01 2012-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  4. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  5. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 6 Domestic Security 1 2013-01-01 2013-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  6. Power Systems Development Facility

    SciTech Connect

    Southern Company Services

    2004-04-30

    This report discusses Test Campaign TC15 of the Kellogg Brown & Root, Inc. (KBR) Transport Gasifier train with a Siemens Power Generation, Inc. (SPG) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The Transport Gasifier is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or gasifier using a particulate control device (PCD). While operating as a gasifier, either air or oxygen can be used as the oxidant. Test run TC15 began on April 19, 2004, with the startup of the main air compressor and the lighting of the gasifier startup burner. The Transport Gasifier was shutdown on April 29, 2004, accumulating 200 hours of operation using Powder River Basin (PRB) subbituminous coal. About 91 hours of the test run occurred during oxygen-blown operations. Another 6 hours of the test run was in enriched-air mode. The remainder of the test run, approximately 103 hours, took place during air-blown operations. The highest operating temperature in the gasifier mixing zone mostly varied from 1,800 to 1,850 F. The gasifier exit pressure ran between 200 and 230 psig during air-blown operations and between 110 and 150 psig in oxygen-enhanced air operations.

  7. POWER SYSTEMS DEVELOPMENT FACILITY

    SciTech Connect

    Unknown

    2002-11-01

    This report discusses test campaign GCT4 of the Kellogg Brown & Root, Inc. (KBR) transport reactor train with a Siemens Westinghouse Power Corporation (Siemens Westinghouse) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The transport reactor is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using one of two possible particulate control devices (PCDs). The transport reactor was operated as a pressurized gasifier during GCT4. GCT4 was planned as a 250-hour test run to continue characterization of the transport reactor using a blend of several Powder River Basin (PRB) coals and Bucyrus limestone from Ohio. The primary test objectives were: Operational Stability--Characterize reactor loop and PCD operations with short-term tests by varying coal-feed rate, air/coal ratio, riser velocity, solids-circulation rate, system pressure, and air distribution. Secondary objectives included the following: Reactor Operations--Study the devolatilization and tar cracking effects from transient conditions during transition from start-up burner to coal. Evaluate the effect of process operations on heat release, heat transfer, and accelerated fuel particle heat-up rates. Study the effect of changes in reactor conditions on transient temperature profiles, pressure balance, and product gas composition. Effects of Reactor Conditions on Synthesis Gas Composition--Evaluate the effect of air distribution, steam/coal ratio, solids-circulation rate, and reactor temperature on CO/CO{sub 2} ratio, synthesis gas Lower Heating Value (LHV), carbon conversion, and cold and hot gas efficiencies. Research Triangle Institute (RTI) Direct Sulfur Recovery Process (DSRP) Testing--Provide syngas in support of the DSRP commissioning. Loop Seal Operations--Optimize loop seal operations and investigate increases to previously achieved maximum solids-circulation rate.

  8. Information technology security system engineering methodology

    NASA Technical Reports Server (NTRS)

    Childs, D.

    2003-01-01

    A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

  9. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of automatic data processing (ADP)...

  10. Securing the Global Airspace System Via Identity-Based Security

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  11. Internetting tactical security sensor systems

    NASA Astrophysics Data System (ADS)

    Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

    1998-08-01

    The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control

  12. Energy Systems Integration Facility Overview

    ScienceCinema

    Arvizu, Dan; Chistensen, Dana; Hannegan, Bryan; Garret, Bobi; Kroposki, Ben; Symko-Davies, Martha; Post, David; Hammond, Steve; Kutscher, Chuck; Wipke, Keith

    2014-06-10

    The U.S. Department of Energy's Energy Systems Integration Facility (ESIF) is located at the National Renewable Energy Laboratory is the right tool, at the right time... a first-of-its-kind facility that addresses the challenges of large-scale integration of clean energy technologies into the energy systems that power the nation.

  13. Energy Systems Integration Facility Overview

    SciTech Connect

    Arvizu, Dan; Chistensen, Dana; Hannegan, Bryan; Garret, Bobi; Kroposki, Ben; Symko-Davies, Martha; Post, David; Hammond, Steve; Kutscher, Chuck; Wipke, Keith

    2014-02-28

    The U.S. Department of Energy's Energy Systems Integration Facility (ESIF) is located at the National Renewable Energy Laboratory is the right tool, at the right time... a first-of-its-kind facility that addresses the challenges of large-scale integration of clean energy technologies into the energy systems that power the nation.

  14. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  15. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  16. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true Minimum Security Standards for.... 1234, App. A Appendix A to Part 1234—Minimum Security Standards for Level III Federal Facilities Recommended Standards Chart Level III Perimeter Security Parking: Control of facility parking...

  17. 3 CFR 13650 - Executive Order 13650 of August 1, 2013. Improving Chemical Facility Safety and Security

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... Chemical Facility Safety and Security 13650 Order 13650 Presidential Documents Executive Orders Executive Order 13650 of August 1, 2013 EO 13650 Improving Chemical Facility Safety and Security By the authority... and implemented numerous programs aimed at reducing the safety risks and security risks...

  18. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  19. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  20. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  1. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  2. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  3. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  4. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  5. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  6. Managing secure computer systems and networks.

    PubMed

    Von Solms, B

    1996-10-01

    No computer system or computer network can today be operated without the necessary security measures to secure and protect the electronic assets stored, processed and transmitted using such systems and networks. Very often the effort in managing such security and protection measures are totally underestimated. This paper provides an overview of the security management needed to secure and protect a typical IT system and network. Special reference is made to this management effort in healthcare systems, and the role of the information security officer is also highlighted. PMID:8960921

  7. DOE Integrated Security System (DISS) preliminary communication security analysis

    SciTech Connect

    Sweeney, D.J.

    1993-10-01

    The purpose of this analysis is to document a technical approach to improve DOE Integrated Security System (DISS) dial-up communications security and the requirements to address them. This document is not intended as a comprehensive analysis of the security aspects of the DISS computer system but rather as an analysis of the dial-up communications security as it pertains to the use of the DISS database in the new DOE Automated Visitors Access Control System (DAVACS) procedures. Current access controls into the DISS will be discussed with emphasis on the DAVACS procedures. Recommendations will be provided for increasing the dial-up communications security into DISS as it relates to the automated visit procedures. Finally a design for an encrypted dial-up communication link to DISS will be given.

  8. Survey of holographic security systems

    NASA Astrophysics Data System (ADS)

    Kontnik, Lewis T.; Lancaster, Ian M.

    1990-04-01

    The counterfeiting of products and financial instruments is a major problem throughout the world today. The dimensions of the problem are growing, accelerated by the expanding availability of production technologies to sophisticated counterfeiters and the increasing capabilities of these technologies. Various optical techniques, including holography, are beingused in efforts to mark authentic products and to distinguish them from copies. Industry is recognizing that the effectiveness of these techniques depends on such factors as the economics of the counterfeiting process and the distribution channels for the products involved, in addition to the performance of the particular optical security technologies used. This paper surveys the nature of the growing counterfeit market place and reviews the utility of holographic optical security systems. In particular, we review the use of holograms on credit cards and other products; and outline certain steps the holography industry should take to promote these application.

  9. POWER SYSTEMS DEVELOPMENT FACILITY

    SciTech Connect

    Unknown

    2002-05-01

    This report discusses test campaign GCT3 of the Halliburton KBR transport reactor train with a Siemens Westinghouse Power Corporation (Siemens Westinghouse) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The transport reactor is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using one of two possible particulate control devices (PCDs). The transport reactor was operated as a pressurized gasifier during GCT3. GCT3 was planned as a 250-hour test run to commission the loop seal and continue the characterization of the limits of operational parameter variations using a blend of several Powder River Basin coals and Bucyrus limestone from Ohio. The primary test objectives were: (1) Loop Seal Commissioning--Evaluate the operational stability of the loop seal with sand and limestone as a bed material at different solids circulation rates and establish a maximum solids circulation rate through the loop seal with the inert bed. (2) Loop Seal Operations--Evaluate the loop seal operational stability during coal feed operations and establish maximum solids circulation rate. Secondary objectives included the continuation of reactor characterization, including: (1) Operational Stability--Characterize the reactor loop and PCD operations with short-term tests by varying coal feed, air/coal ratio, riser velocity, solids circulation rate, system pressure, and air distribution. (2) Reactor Operations--Study the devolatilization and tar cracking effects from transient conditions during transition from start-up burner to coal. Evaluate the effect of process operations on heat release, heat transfer, and accelerated fuel particle heat-up rates. Study the effect of changes in reactor conditions on transient temperature profiles, pressure balance, and product gas composition. (3) Effects of Reactor Conditions on Syngas Composition--Evaluate the effect of air distribution, steam

  10. Threats to financial system security

    SciTech Connect

    McGovern, D.E.

    1997-06-01

    The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

  11. Security Encryption Scheme for Communication of Web Based Control Systems

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

  12. Food security practice in Kansas schools and health care facilities.

    PubMed

    Yoon, Eunju; Shanklin, Carol W

    2007-02-01

    This pilot study investigated perceived importance and frequency of specific preventive measures, and food and nutrition professionals' and foodservice directors' willingness to develop a food defense management plan. A mail questionnaire was developed based on the US Department of Agriculture document, Biosecurity Checklist for School Foodservice Programs--Developing a Biosecurity Management Plan. The survey was sent to food and nutrition professionals and foodservice operators in 151 acute care hospitals, 181 long-term-care facilities, and 450 school foodservice operations. Chemical use and storage was perceived as the most important practice to protect an operation and was the practice implemented most frequently. Results of the study indicate training programs on food security are needed to increase food and nutrition professionals' motivation to implement preventive measures. PMID:17258972

  13. A Security Audit Framework to Manage Information System Security

    NASA Astrophysics Data System (ADS)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  14. Security Equipment and Systems Certification Program (SESCP)

    SciTech Connect

    Steele, B.J.; Papier, I.I.

    1996-06-20

    Sandia National Laboratories (SNL) and Underwriters Laboratories, Inc., (UL) have jointly established the Security Equipment and Systems Certification Program (SESCP). The goal of this program is to enhance industrial and national security by providing a nationally recognized method for making informed selection and use decisions when buying security equipment and systems. The SESCP will provide a coordinated structure for private and governmental security standardization review. Members will participate in meetings to identify security problems, develop ad-hoc subcommittees (as needed) to address these identified problems, and to maintain a communications network that encourages a meaningful exchange of ideas. This program will enhance national security by providing improved security equipment and security systems based on consistent, reliable standards and certification programs.

  15. LANSCE radiation security system (RSS)

    SciTech Connect

    Gallegos, F.R.

    1996-12-31

    The Radiation Security System (RSS) is an engineered safety system which automatically terminates transmission of accelerated ion beams in response to pre-defined abnormal conditions. It is one of the four major mechanisms used to protect people from radiation hazards induced by accelerated pulsed ion beams at the Los Alamos Neutron Science Center (LANSCE). The others are shielding, administrative policies and procedures, and qualified, trained personnel. Prompt radiation hazards at the half-mile long LANSCE accelerator exist due to average beam intensities ranging from 1 milli-amp for H{sup +} beam to 100 micro-amps for the high intensity H{sup {minus}} beam. Experimental programs are supplied with variable energy (maximum 800 MeV), pulse-width (maximum 1 msec), and pulse frequency (maximum 120 Hz) ion beams. The RSS includes personnel access control systems, beam spill monitoring systems, and beam current level limiting systems. It is a stand-alone system with redundant logic chains. A fault of the RSS will cause the insertion of fusible beam plugs in the accelerator low energy beam transport. The design philosophy, description, and operation of the RSS are described in this paper.

  16. Cyberspace Security Econometrics System (CSES)

    Energy Science and Technology Software Center (ESTSC)

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for themore » criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.« less

  17. Computer access security code system

    NASA Technical Reports Server (NTRS)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  18. Cyberspace Security Econometrics System (CSES)

    SciTech Connect

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.

  19. Improving Security in Schools. Managing School Facilities, Guide 4.

    ERIC Educational Resources Information Center

    Department for Education and Employment, London (England).

    This booklet offers guidance on how to improve school security, including advice on the management of security and the roles of local education authorities, school governors, and headteachers. The guide describes how schools can carry out their own security surveys, assess themselves in terms of risk, and then consider security measures…

  20. Secure resource management: Specifying and testing secure operating systems

    SciTech Connect

    Archer, M.; Frincke, D.A.; Levitt, K. . Div. of Computer Science)

    1990-04-10

    Much work has been devoted to methods for reasoning about the specifications of operating system specifications, the goal being to develop specifications for an operating system that are verified to be secure. Before the verification should be attempted, the specifications should be tested. This paper presents tools that can assist in the security testing of specifications. The first tool is based on the final Algebra Specification and Execution (FASE) system, and would be used to test specifications with real input values. FASE is an executable specification language which is operational in style, in which entities are represented in terms of their observable behavior. To facilitate the testing of an operating system (and its specification), use FASE we have specified a Secure Resource Manager (SRM), a generic template of an operating system. The SRM specification can be specialized to a specification of a particular operating system; the SRM is quite general and handles most features of modern nondistributed operating systems. The second tool, called the PLANNER, is used to derive a sequence of operations that exhibits a security flaw, most often a covert channel for information flow. The PLANNER is based on classical methods of AI planning, specialized to achieve goals concerned with information flow. The tools are demonstrated with respect to a simple operating system specification develop by Millen.

  1. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  2. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  3. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  4. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  5. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  6. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  7. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  8. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  9. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  10. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  11. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  12. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  13. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  14. Radio frequency security system, method for a building facility or the like, and apparatus and methods for remotely monitoring the status of fire extinguishers

    DOEpatents

    Runyon, Larry; Gunter, Wayne M.; Gilbert, Ronald W.

    2006-07-25

    A system for remotely monitoring the status of one or more fire extinguishers includes means for sensing at least one parameter of each of the fire extinguishers; means for selectively transmitting the sensed parameters along with information identifying the fire extinguishers from which the parameters were sensed; and means for receiving the sensed parameters and identifying information for the fire extinguisher or extinguishers at a common location. Other systems and methods for remotely monitoring the status of multiple fire extinguishers are also provided.

  15. Implementing Improved Security and Encryption for Balloon Flight Systems

    NASA Astrophysics Data System (ADS)

    Denney, Andrew; Stilwell, Bryan D.

    The Columbia Scientific Balloon Facility uses a broad array of communication techniques be-tween its balloon-borne flight systems and ground command and control systems. These com-munication mediums vary from commercially available routing such as e-mail and IP based TCP/UDP protocols to military grade proprietary line-of-sight configurations; each with their own unique benefits and shortfalls. While each new advancement in technology improves secu-rity in some capacity, it does not always address the limitation of older, less advanced security or encryption capabilities. As the proliferation of newer, more commercially viable technologies become common place, safeguarding mission critical applications from unauthorized access and improve data integrity in the process becomes ever more necessary. Therefore, this paper will evaluate several security measures and methods of data encryption; including formalizing a standardized security philosophy that improves and addresses the mixture of established and emerging technologies.

  16. 33 CFR 105.210 - Facility personnel with security duties.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... must have knowledge, through training or equivalent job experience, in the following, as appropriate: (a) Knowledge of current security threats and patterns; (b) Recognition and detection of dangerous... control techniques; (f) Security related communications; (g) Knowledge of emergency procedures...

  17. Safeguards and security considerations for automated and robotic systems

    SciTech Connect

    Jordan, S.E.; Jaeger, C.D.

    1994-09-01

    Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A&R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S&S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S&S into the design of future A&R systems. Towards this, the authors first examined existing A and R systems from a security perspective to identify areas of concern and possible solutions of these problems. They then were able to develop generalized S&S guidance and design considerations for automation and robotics.

  18. The NASA personnel security processing expert system

    SciTech Connect

    Silberberg, D.; Thomas, R.

    1996-12-31

    The NASA Personnel Security Processing Expert System is a tool that automatically determines the appropriate personnel background investigation required for a civil servant or contractor occupying a position of national security or public trust. It also instructs the personnel security processing staff to perform special checks based on a specific position. The system is implemented using a rule-based expert system and a World Wide Web interface. The system design separates the user interface, knowledge base and control structure to simplify system evolution. When one subsystem is modified, the others are impacted minimally. This system provides many benefits to the NASA Personnel Security Program. First, it frees the agency personnel security specialist from trouble-shooting and correcting all investigative problems. It also provides a learning tool for security processing staff at each installation. The system ensures that each installation security office is in compliance with all applicable laws, regulations and policies. Finally, eliminating overlapping, inappropriate and duplicative efforts to process employees saves many resources. The system was deployed less than a year ago. To date, it saved $1.2 million of the $1.5 million agency-wide personnel security budget.

  19. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 36 Parks, Forests, and Public Property 3 2012-07-01 2012-07-01 false Minimum Security Standards for Level III Federal Facilities A Appendix A to Part 1234 Parks, Forests, and Public Property NATIONAL ARCHIVES AND RECORDS ADMINISTRATION RECORDS MANAGEMENT FACILITY STANDARDS FOR RECORDS STORAGE FACILITIES Pt. 1234, App. A Appendix A to Part...

  20. Secure Internet video conferencing for assessing acute medical problems in a nursing facility.

    PubMed Central

    Weiner, M.; Schadow, G.; Lindbergh, D.; Warvel, J.; Abernathy, G.; Dexter, P.; McDonald, C. J.

    2001-01-01

    Although video-based teleconferencing is becoming more widespread in the medical profession, especially for scheduled consultations, applications for rapid assessment of acute medical problems are rare. Use of such a video system in a nursing facility may be especially beneficial, because physicians are often not immediately available to evaluate patients. We have assembled and tested a portable, wireless conferencing system to prepare for a randomized trial of the system s influence on resource utilization and satisfaction. The system includes a rolling cart with video conferencing hardware and software, a remotely controllable digital camera, light, wireless network, and battery. A semi-automated paging system informs physicians of patient s study status and indications for conferencing. Data transmission occurs wirelessly in the nursing home and then through Internet cables to the physician s home. This provides sufficient bandwidth to support quality motion images. IPsec secures communications. Despite human and technical challenges, this system is affordable and functional. Images Figure 1 PMID:11825286

  1. 33 CFR 105.210 - Facility personnel with security duties.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ...: (a) Knowledge of current security threats and patterns; (b) Recognition and detection of dangerous substances and devices; (c) Recognition of characteristics and behavioral patterns of persons who are...

  2. High Assurance Models for Secure Systems

    ERIC Educational Resources Information Center

    Almohri, Hussain M. J.

    2013-01-01

    Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

  3. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  4. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  5. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  6. [Security Management in Clinical Laboratory Departments and Facilities: Current Status and Issues].

    PubMed

    Ishida, Haku; Nakamura, Junji; Yoshida, Hiroshi; Koike, Masaru; Inoue, Yuji

    2014-11-01

    We conducted a questionnaire survey regarding the current activities for protecting patients' privacy and the security of information systems (IS) related to the clinical laboratory departments of university hospitals, certified training facilities for clinical laboratories, and general hospitals in Yamaguchi Prefecture. The response rate was 47% from 215 medical institutions, including three commercial clinical laboratory centers. The results showed that there were some differences in management activities among facilities with respect to continuing education, the documentation or regulation of operational management for paper records, electronic information, remaining samples, genetic testing, and laboratory information for secondary use. They were suggested to be caused by differences in functions between university and general hospitals, differences in the scale of hospitals, or whether or not hospitals have received accreditation or ISO 15189. Regarding the IS, although the majority of facilities had sufficiently employed the access control to IS, there was some room for improvement in the management of special cases such as VIPs and patients with HIV infection. Furthermore, there were issues regarding the login method for computers shared by multiple staff, the showing of the names of personnel in charge of reports, and the risks associated with direct connections to systems and the Internet and the use of portable media such as USB memory sticks. These results indicated that further efforts are necessary for each facility to continue self-assessment and make improvements. PMID:27509732

  7. Recommended Practice for Securing Control System Modems

    SciTech Connect

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  8. Post 9-11 Security Issues for Non-Power Reactor Facilities

    SciTech Connect

    Zaffuts, P. J.

    2003-02-25

    This paper addresses the legal and practical issues arising out of the design and implementation of a security-enhancement program for non power reactor nuclear facilities. The security enhancements discussed are derived from the commercial nuclear power industry's approach to security. The nuclear power industry's long and successful experience with protecting highly sensitive assets provides a wealth of information and lessons that should be examined by other industries contemplating security improvements, including, but not limited to facilities using or disposing of nuclear materials. This paper describes the nuclear industry's approach to security, the advantages and disadvantages of its constituent elements, and the legal issues that facilities will need to address when adopting some or all of these elements in the absence of statutory or regulatory requirements to do so.

  9. Situated Usability Testing for Security Systems

    SciTech Connect

    Greitzer, Frank L.

    2011-03-02

    While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused on matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.

  10. Secure videoconferencing equipment switching system and method

    DOEpatents

    Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

    2013-04-30

    Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

  11. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  12. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  13. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  14. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  15. CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL

    SciTech Connect

    Kathleen A. Lee

    2008-01-01

    The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

  16. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  17. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  18. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  19. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  20. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  1. 10 CFR 1016.39 - Termination, suspension, or revocation of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Termination, suspension, or revocation of security facility approval. 1016.39 Section 1016.39 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Control of Information § 1016.39 Termination, suspension, or revocation of security...

  2. 78 FR 77606 - Security Requirements for Facilities Storing Spent Nuclear Fuel

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-24

    ... SECY-07- 0148, to strengthen security requirements at ISFSIs. On December 16, 2009 (74 FR 66589), the... COMMISSION 10 CFR Parts 72 and 73 RIN 3150-AI78 Security Requirements for Facilities Storing Spent Nuclear... known as the technical basis] document for a proposed rulemaking that would revise the...

  3. Control Systems Cyber Security Standards Support Activities

    SciTech Connect

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  4. Anchor Toolkit - a secure mobile agent system

    SciTech Connect

    Mudumbai, Srilekha S.; Johnston, William; Essiari, Abdelilah

    1999-05-19

    Mobile agent technology facilitates intelligent operation insoftware systems with less human interaction. Major challenge todeployment of mobile agents include secure transmission of agents andpreventing unauthorized access to resources between interacting systems,as either hosts, or agents, or both can act maliciously. The Anchortoolkit, designed by LBNL, handles the transmission and secure managementof mobile agents in a heterogeneous distributed computing environment. Itprovides users with the option of incorporating their security managers.This paper concentrates on the architecture, features, access control anddeployment of Anchor toolkit. Application of this toolkit in a securedistributed CVS environment is discussed as a case study.

  5. Secure and Efficient Routable Control Systems

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  6. Security for safety critical space borne systems

    NASA Technical Reports Server (NTRS)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  7. Securing iris recognition systems against masquerade attacks

    NASA Astrophysics Data System (ADS)

    Galbally, Javier; Gomez-Barrero, Marta; Ross, Arun; Fierrez, Julian; Ortega-Garcia, Javier

    2013-05-01

    A novel two-stage protection scheme for automatic iris recognition systems against masquerade attacks carried out with synthetically reconstructed iris images is presented. The method uses different characteristics of real iris images to differentiate them from the synthetic ones, thereby addressing important security flaws detected in state-of-the-art commercial systems. Experiments are carried out on the publicly available Biosecure Database and demonstrate the efficacy of the proposed security enhancing approach.

  8. Birds of a Feather: Supporting Secure Systems

    SciTech Connect

    Braswell III, H V

    2006-04-24

    Over the past few years Lawrence Livermore National Laboratory has begun the process of moving to a diskless environment in the Secure Computer Support realm. This movement has included many moving targets and increasing support complexity. We would like to set up a forum for Security and Support professionals to get together from across the Complex and discuss current deployments, lessons learned, and next steps. This would include what hardware, software, and hard copy based solutions are being used to manage Secure Computing. The topics to be discussed include but are not limited to: Diskless computing, port locking and management, PC, Mac, and Linux/UNIX support and setup, system imaging, security setup documentation and templates, security documentation and management, customer tracking, ticket tracking, software download and management, log management, backup/disaster recovery, and mixed media environments.

  9. CORBA security services for health information systems.

    PubMed

    Blobel, B; Holena, M

    1998-01-01

    The structure of healthcare systems in developed countries is changing to 'shared care', enforced by economic constraints and caused by a change in the basic conditions of care. That development results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and, as far as their domains are concerned, heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems require a high level of data protection and data security, both with respect to patient information and with respect to users. This paper, relying on experience gained through our activities in CORBAmed, describes the possibilities the CORBA middleware provides to achieve application and communication security. On the background of the overall CORBA architecture, it outlines the different security services previewed in the adopted CORBA specifications which are discussed in the context of the security requirements of healthcare information systems. Security services required in the healthcare domain but not available at the moment are mentioned. A solution is proposed, which on the one hand allows to make use of the available CORBA security services and additional ones, on the other hand remains open to other middleware approaches, such as DHE or HL7. PMID:9848400

  10. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... to complete and submit a Top-Screen process, which may be completed through a secure Department Web... submit a Top-Screen in accordance with the schedule provided in § 27.210, the calculation provisions in... Department requests that a facility complete and submit a Top-Screen, the facility must designate a...

  11. National Ignition Facility system design requirements conventional facilities SDR001

    SciTech Connect

    Hands, J.

    1996-04-09

    This System Design Requirements (SDR) document specifies the functions to be performed and the minimum design requirements for the National Ignition Facility (NIF) site infrastructure and conventional facilities. These consist of the physical site and buildings necessary to house the laser, target chamber, target preparation areas, optics support and ancillary functions.

  12. Security model for picture archiving and communication systems.

    PubMed

    Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

    2000-05-01

    The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model. PMID:10847401

  13. Secure Video Surveillance System (SVSS) for unannounced safeguards inspections.

    SciTech Connect

    Galdoz, Erwin G. , Rio de Janeiro, Brazil); Pinkalla, Mark

    2010-09-01

    The Secure Video Surveillance System (SVSS) is a collaborative effort between the U.S. Department of Energy (DOE), Sandia National Laboratories (SNL), and the Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC). The joint project addresses specific requirements of redundant surveillance systems installed in two South American nuclear facilities as a tool to support unannounced inspections conducted by ABACC and the International Atomic Energy Agency (IAEA). The surveillance covers the critical time (as much as a few hours) between the notification of an inspection and the access of inspectors to the location in facility where surveillance equipment is installed. ABACC and the IAEA currently use the EURATOM Multiple Optical Surveillance System (EMOSS). This outdated system is no longer available or supported by the manufacturer. The current EMOSS system has met the project objective; however, the lack of available replacement parts and system support has made this system unsustainable and has increased the risk of an inoperable system. A new system that utilizes current technology and is maintainable is required to replace the aging EMOSS system. ABACC intends to replace one of the existing ABACC EMOSS systems by the Secure Video Surveillance System. SVSS utilizes commercial off-the shelf (COTS) technologies for all individual components. Sandia National Laboratories supported the system design for SVSS to meet Safeguards requirements, i.e. tamper indication, data authentication, etc. The SVSS consists of two video surveillance cameras linked securely to a data collection unit. The collection unit is capable of retaining historical surveillance data for at least three hours with picture intervals as short as 1sec. Images in .jpg format are available to inspectors using various software review tools. SNL has delivered two SVSS systems for test and evaluation at the ABACC Safeguards Laboratory. An additional 'proto-type' system remains

  14. Continuing Chemical Facilities Antiterrorism Security Act of 2011

    THOMAS, 112th Congress

    Sen. Collins, Susan M. [R-ME

    2011-03-03

    10/20/2011 By Senator Lieberman from Committee on Homeland Security and Governmental Affairs filed written report. Report No. 112-90. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  15. 41 CFR 102-81.20 - Are the security standards for new Federally owned and leased facilities the same as the...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Are the security standards for new Federally owned and leased facilities the same as the standards for existing Federally owned and leased facilities? 102-81.20 Section 102-81.20 Public Contracts and Property Management Federal Property Management Regulations System...

  16. 78 FR 48076 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... Information (75 FR 707; January 5, 2010), before derivatively classifying information and at least once every... standardize the frequency of required security education training for employees of NRC licensees possessing... uniformity in the frequency of licensee security education and training programs and enhances the...

  17. 78 FR 48037 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... National Security Information, which was published in the Federal Register on January 5, 2010 (75 FR 707... implementation of the Executive Order, issued a final rule (75 FR 37254; June 28, 2010) amending 32 CFR parts... Executive Order 13526, Classified National Security Information (75 FR 707; January 5, 2010) (the...

  18. Design tools for complex dynamic security systems.

    SciTech Connect

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III; Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  19. Security for decentralized health information systems.

    PubMed

    Bleumer, G

    1994-02-01

    Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit). PMID:8188407

  20. Selecting RMF Controls for National Security Systems

    SciTech Connect

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  1. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  2. A Highly Secure Mobile Agent System Architecture

    NASA Astrophysics Data System (ADS)

    Okataku, Yasukuni; Okutomi, Hidetoshi; Yoshioka, Nobukazu; Ohgishi, Nobuyuki; Honiden, Shinichi

    We propose a system architecture for mobile agents to improve their security in the environments of insecure networks and non-sophisticated terminals such as PDAs. As mobile agents freely migrate onto their favorite terminals through insecure networks or terminals, it is not appropriate for them to store some secret information for authentication and encryption/decryption. We introduce one and more secure nodes(OASIS NODE) for securely generating and verifying authentication codes. The each agent’s data are encrypted by a pseudo-chaos cipher mechanism which doesn’t need any floating processing co-processor. We’ve constructed a prototype system on a Java mobile agent framework, “Bee-gent" which implements the proposed authentication and cipher mechanisms, and evaluated their performances and their applicability to business fields such as an auction system by mobile agents.

  3. Simulation of the effectiveness evaluation process of security systems

    NASA Astrophysics Data System (ADS)

    Godovykh, A. V.; Stepanov, B. P.; Sheveleva, A. A.; Sharafieva, K. R.

    2016-06-01

    The paper is devoted to issues of creation of cross-functional analytical complex for simulation of the process of operation of the security system elements. Basic objectives, a design concept and an interrelation of main elements of the complex are described. The proposed conception of the analytical complex provides an opportunity to simulate processes for evaluating the effectiveness of physical protection system of a nuclear facility. The complex uses models, that take into account features of the object, parameters of technical means and tactics of adversaries. Recommendations were made for applying of this conception for training specialists in the field of physical protection of nuclear materials.

  4. Blue Rose perimeter defense and security system

    NASA Astrophysics Data System (ADS)

    Blackmon, F.; Pollock, J.

    2006-05-01

    An in-ground perimeter security system has been developed by the Naval Undersea Warfare Center Division Newport based upon fiber optic sensor technology. The system, called Blue Rose, exploits the physical phenomenon of Rayleigh optical scattering, which occurs naturally in optical fibers used traditionally for Optical Time Domain Reflectometry techniques to detect sound and vibration transmitted by intruders such as people walking or running and moving vehicles near the sensor. The actual sensor is a single-mode optical fiber with an elastomeric coating that is buried in the ground. A long coherence length laser is used to transmit encoded light down the fiber. Minute changes in the fiber in response to the intrusion produce phase changes to the returning backscattered light signal. The return light signal contains both the actual intrusion sound and the location information of where along the fiber the intrusion has occurred. A digital, in-ground, Blue Rose system has been built and is now operational at NUWC. Due to the low cost of the optical fiber sensor and unique benefits of the system, the Blue Rose system provides an advantage in long perimeter or border security applications and also reduces security manning requirements and therefore overall cost for security.

  5. A voice password system for access security

    SciTech Connect

    Birnbaum, M.; Cohen, L.A.; Welsh, F.X.

    1986-09-01

    A voice password system for access security using speaker verification technology has been designed for use over dial-up telephone lines. The voice password system (VPS) can provide secure access to telephone networks, computers, rooms, and buildings. It also has application in office automation systems, electric funds transfer, and ''smart cards'' (interactive computers embedded in credit-card-sized packages). As increasing attention is focused on access security in the public, private, and government sectors, the voice password system can provide a timely solution to the security dilemma. The VPS uses modes of communication available to almost everyone (the human voice and the telephone). A user calls the VPS, enters his or her identification number (ID) by touch-tone telephone, and then speaks a password. This is usually a phrase or a sentence of about seven syllables. On initial calls, the VPS creates a model of the user's voice, called a reference template, and labels it with the caller's unique user ID. To gain access later, the user calls the system, enters the proper user ID, and speaks the password phrase. The VPS compares the user's stored reference template with the spoken password and produces a distance score.

  6. Secure Control Systems for the Energy Sector

    SciTech Connect

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

  7. The Secure, Transportable, Autonomous Reactor System

    SciTech Connect

    Brown, N.W.; Hassberger, J.A.; Smith, C.; Carelli, M.; Greenspan, E.; Peddicord, K.L.; Stroh, K.; Wade, D.C.; Hill, R.N.

    1999-05-27

    The Secure, Transportable, Autonomous Reactor (STAR) system is a development architecture for implementing a small nuclear power system, specifically aimed at meeting the growing energy needs of much of the developing world. It simultaneously provides very high standards for safety, proliferation resistance, ease and economy of installation, operation, and ultimate disposition. The STAR system accomplishes these objectives through a combination of modular design, factory manufacture, long lifetime without refueling, autonomous control, and high reliability.

  8. Biosensor Systems for Homeland Security

    SciTech Connect

    Bruckner-Lea, Cindy J.

    2004-05-30

    The detection of biological agents is important to minimize the effects of pathogens that can harm people, livestock, or plants. In addition to pathogens distributed by man, there is a need to detect natural outbreaks. Recent outbreaks of SARS, mad cow disease, pathogenic E. coli and Salmonella, as well as the discovery of letters filled with anthrax spores have highlighted the need for biosensor systems to aid in prevention, early warning, response, and recovery. Rapid detection can be used to prevent exposure; and detection on a longer timescale can be used to minimize exposure, define treatment, and determine whether contaminated areas are clean enough for reuse. The common types of biological agents of concern include bacteria, spores, and viruses (Figure 1). From a chemist’s point of view, pathogens are essentially complex packages of chemicals that are assembled into organized packages with somewhat predictable physical characteristics such as size and shape. Pathogen detection methods can be divided into three general approaches: selective detection methods for specific identification such as nucleic acid analysis and structural recognition, semi-selective methods for broad-spectrum detection (e.g. physical properties, metabolites, lipids), and function-based methods (e.g. effect of the pathogen on organisms, tissues, or cells). The requirements for biodetection systems depend upon the application. While detect to warn sensors may require rapid detection on the order one minute, detection times of many minutes or hours may be suitable for determining appropriate treatments or for forensic analysis. Of course ideal sensor systems will meet the needs of many applications, and will be sensitive, selective, rapid, and simultaneously detect all agents of concern. They will also be reliable with essentially no false negatives or false positives, small, easy to use, and low cost with minimal consumables.

  9. Comparison of Routable Control System Security Approaches

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  10. Enhancing Multilateral Security in and by Reputation Systems

    NASA Astrophysics Data System (ADS)

    Steinbrecher, Sandra

    With the increasing possibilities for interaction between Internet users exceeding pure communication, in multilateral security the research question arises to rethink and extend classical security requirements. Reputation systems are a possible solution to assist new security requirements. But naturally also reputation systems have to be designed in a multilateral secure way. In this paper we discuss both multilateral security by and in reputation systems. An overview on the possibilities how such systems could be realised is given.

  11. Control Systems Cyber Security:Defense in Depth Strategies

    SciTech Connect

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  12. Geothermal heating retrofit at the Utah State Prison Minimum Security Facility. Final report, March 1979-January 1986

    SciTech Connect

    Not Available

    1986-01-01

    This report is a summary of progress and results of the Utah State Prison Geothermal Space Heating Project. Initiated in 1978 by the Utah State Energy Office and developed with assistance from DOE's Division of Geothermal and Hydropower Technologies PON program, final construction was completed in 1984. The completed system provides space and water heating for the State Prison's Minimum Security Facility. It consists of an artesian flowing geothermal well, plate heat exchangers, and underground distribution pipeline that connects to the existing hydronic heating system in the State Prison's Minimum Security Facility. Geothermal water disposal consists of a gravity drain line carrying spent geothermal water to a cooling pond which discharges into the Jordan River, approximately one mile from the well site. The system has been in operation for two years with mixed results. Continuing operation and maintenance problems have reduced the expected seasonal operation from 9 months per year to 3 months. Problems with the Minimum Security heating system have reduced the expected energy contribution by approximately 60%. To date the system has saved the prison approximately $18,060. The total expenditure including resource assessment and development, design, construction, performance verification, and reporting is approximately $827,558.

  13. Security Profile Inspector for UNIX Systems

    Energy Science and Technology Software Center (ESTSC)

    1995-04-01

    SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configurationmore » Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX system security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

  14. Catheter Securement Systems for Peripherally Inserted and Nontunneled Central Vascular Access Devices

    PubMed Central

    Krenik, Karen M.; Smith, Graham E.

    2016-01-01

    Sutureless catheter securement systems are intended to eliminate risks associated with sutures. The clinical acceptability of a novel system was investigated compared with the current method of securement for peripherally inserted central catheters (19 facilities using StatLock or sutures) or nontunneled central vascular access devices (3 facilities using StatLock or sutures or HubGuard + Sorbaview Shield). More than 94% of respondents rated the novel system as same, better, or much better than their current product. More than 82% of respondents were willing to replace their current system with the new one. PMID:27379679

  15. System and method for key generation in security tokens

    DOEpatents

    Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; Pooser, Raphael C.; Prowell, Stacy J.

    2015-10-27

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  16. 6 CFR 27.205 - Determination that a chemical facility “presents a high level of security risk.”

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Determination that a chemical facility âpresents a high level of security risk.â 27.205 Section 27.205 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility...

  17. Acceptance criteria for the evaluation of Category 1 fuel cycle facility physical security plans

    SciTech Connect

    Dwyer, P.A.

    1991-10-01

    This NUREG document presents criteria developed from US Nuclear Regulatory Commission regulations for the evaluation of physical security plans submitted by Category 1 fuel facility licensees. Category 1 refers to those licensees who use or possess a formula quantity of strategic special nuclear material.

  18. Risk and Resilience: Girls' Experiences Navigating Space and Relationships in a Secure Residential Facility

    ERIC Educational Resources Information Center

    Simonsen, Amy E.

    2010-01-01

    The purpose of this qualitative study was to examine how adolescent girls with diagnosed learning and emotional disabilities described themselves as they negotiated various environments and relationships within a secure residential facility. The goal was to explore how conditions and interactions in these environments promoted both risk and…

  19. Hacker tracking Security system for HMI

    NASA Astrophysics Data System (ADS)

    Chauhan, Rajeev Kumar

    2011-12-01

    Conventional Supervisory control and data Acquisition (SCADA) systems use PC, notebook, thin client, and PDA as a Client. Nowadays the Process Industries are following multi shift system that's why multi- client of different category have to work at a single human Machine Interface (HMI). They may hack the HMI Display and change setting of the other client. This paper introduces a Hacker tracking security (HTS) System for HMI. This is developed by using the conventional and Biometric authentication. HTS system is developed by using Numeric passwords, Smart card, biometric, blood flow and Finger temperature. This work is also able to identify the hackers.

  20. Security audit for embedded avionics systems

    NASA Astrophysics Data System (ADS)

    Rao, K. N.

    The design of security audit subsystems for real-time embedded avionics systems is described. The selection criteria of auditable events and the design of the audit functions are described. The data storage requirements and the data compression features of embedded avionics systems are analyzed. Two data compression algorithms applicable to avionics systems are described. Huffman encoding is optimal, but Fibonacci encoding is shown to be nearly optimal and better suited for airborne avionics systems. The memory capacity needed for audit data storage is computed for typical avionics missions.

  1. Strengthening the Security of ESA Ground Data Systems

    NASA Astrophysics Data System (ADS)

    Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

    2013-08-01

    A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

  2. Ultra Safe And Secure Blasting System

    SciTech Connect

    Hart, M M

    2009-07-27

    The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

  3. Optical Security System with Fourier Plane encoding

    NASA Astrophysics Data System (ADS)

    Javidi, Bahram; Ahouzi, Esmail

    1998-09-01

    We propose a new technique for security verification of personal documents and other forms of personal identifications such as ID cards, passports, or credit cards. In this technique a primary pattern that might be a phase-encoded image is convolved by a random code. The information is phase encoded on the personal document. Therefore the information cannot be reproduced by an intensity detector such as a CCD camera. An optical processor based on the nonlinear joint transform correlator is used to perform the verification and the validation of documents with this technique. By verification of the biometrics information and the random code simultaneously, the proposed optical system determines whether a card is authentic or is being used by an authorized person. We tested the performance of the optical system for security and validation in the presence of input noise and in the presence of distortion of the information on the card. The performance of the proposed method is evaluated by use of a number of metrics. Statistical analysis of the system is performed to investigate the noise tolerance and the discrimination against false inputs for security verification.

  4. Optical Security System with Fourier Plane encoding.

    PubMed

    Javidi, B; Ahouzi, E

    1998-09-10

    We propose a new technique for security verification of personal documents and other forms of personal identifications such as ID cards, passports, or credit cards. In this technique a primary pattern that might be a phase-encoded image is convolved by a random code. The information is phase encoded on the personal document. Therefore the information cannot be reproduced by an intensity detector such as a CCD camera. An optical processor based on the nonlinear joint transform correlator is used to perform the verification and the validation of documents with this technique. By verification of the biometrics information and the random code simultaneously, the proposed optical system determines whether a card is authentic or is being used by an authorized person. We tested the performance of the optical system for security and validation in the presence of input noise and in the presence of distortion of the information on the card. The performance of the proposed method is evaluated by use of a number of metrics. Statistical analysis of the system is performed to investigate the noise tolerance and the discrimination against false inputs for security verification. PMID:18286124

  5. Secure Data Network System (SDNS) network, transport, and message security protocols

    NASA Astrophysics Data System (ADS)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  6. Power Systems Development Facility progress report

    SciTech Connect

    Rush, R.E.; Hendrix, H.L.; Moore, D.L.; Pinkston, T.E.; Vimalchand, P.; Wheeldon, J.M.

    1995-11-01

    This is a report on the progress in design and construction of the Power Systems Development Facility. The topics of the report include background information, descriptions of the advanced gasifier, advanced PFBC, particulate control devices, and fuel cell. The major activities during the past year have been the final stages of design, procurement of major equipment and bulk items, construction of the facility, and the preparation for the operation of the Facility in late 1995.

  7. Vietnam: expanding the social security system.

    PubMed

    Pruzin, D

    1996-01-01

    Viet Nam's shift toward a market-oriented economy has been associated with annual gross domestic product growth of more than 8% over the past 5 years. At the same time, the emergence of private-sector enterprises and subsequent closure of many state-run enterprises have had profound implications for Viet Nam's social protection systems. At present, only 5.6 million of the country's 33 million workers are covered under the state-run social insurance system. In 1995, the government moved to include private enterprises with 10 or more employees in its state benefits system. The International Labor Organization (ILO) has been working with the Vietnamese Government to design and implement a social security system that would extend coverage progressively to excluded sectors and provide support to workers who have become unemployed as a result of the economic transition process. At its Eighth National Congress, the Vietnamese Communist Party approved a 5-year social and economic plan calling for such an expansion of the social insurance system as well as for a guaranteed standard of living for pensioners. To facilitate anticipated changes, activities that were previously divided between the Ministry of Labor, Invalids, and Social Affairs and the Vietnam General Confederation of Labor have been assigned to the newly formed Vietnam Social Insurance (VSI) Organization. Under consideration is a plan to combine some VSI activities with those of the Vietnam Health Insurance Organization. The ILO will assist with training, computerization, and social security fund investing. Noncompliance is a major obstacle to planned expansion of the social security system; about 90% of private firms are still not paying into the system. PMID:12320521

  8. NASA Electronic Library System (NELS): The system impact of security

    NASA Technical Reports Server (NTRS)

    Mcgregor, Terry L.

    1993-01-01

    This paper discusses security issues as they relate to the NASA Electronic Library System which is currently in use as the repository system for AdaNET System Version 3 (ASV3) being operated by MountainNET, Inc. NELS was originally designed to provide for public, development, and secure collections and objects. The secure feature for collections and objects was deferred in the initial system for implementation at a later date. The NELS system is now 9 months old and many lessons have been learned about the use and maintenance of library systems. MountainNET has 9 months of experience in operating the system and gathering feedback from the ASV3 user community. The user community has expressed an interest in seeing security features implemented in the current system. The time has come to take another look at the whole issue of security for the NELS system. Two requirements involving security have been put forth by MountainNET for the ASV3 system. The first is to incorporate at the collection level a security scheme to allow restricted access to collections. This should be invisible to end users and be controlled by librarians. The second is to allow inclusion of applications which can be executed only by a controlled group of users; for example, an application which can be executed by librarians only. The requirements provide a broad framework in which to work. These requirements raise more questions than answers. To explore the impact of these requirements a top down approach will be used.

  9. Systems test facilities existing capabilities compilation

    NASA Technical Reports Server (NTRS)

    Weaver, R.

    1981-01-01

    Systems test facilities (STFS) to test total photovoltaic systems and their interfaces are described. The systems development (SD) plan is compilation of existing and planned STFs, as well as subsystem and key component testing facilities. It is recommended that the existing capabilities compilation is annually updated to provide and assessment of the STF activity and to disseminate STF capabilities, status and availability to the photovoltaics program.

  10. Surveillance systems test and evaluation facilities

    NASA Technical Reports Server (NTRS)

    Matty, Jere J.; Dawbarn, Ronald

    1986-01-01

    In January of 1983, a team was formed to explore test methodologies and test facility concepts required to meet the needs of space-based surveillance systems. The output of this study was a road map of test methodologies and test facilities that will aid the development of this country's critical space-based sensor assets. A condensation of those results is given.

  11. 49 CFR 659.23 - System security plan: contents.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 7 2014-10-01 2014-10-01 false System security plan: contents. 659.23 Section 659.23 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL TRANSIT... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at...

  12. 49 CFR 659.23 - System security plan: contents.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: contents. 659.23 Section 659... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at a... equipment, including integration with the safety certification process; (c) Identify controls in place...

  13. 49 CFR 234.211 - Security of warning system apparatus.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 4 2010-10-01 2010-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry....

  14. 49 CFR 234.211 - Security of warning system apparatus.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 4 2011-10-01 2011-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry....

  15. Photovoltaic Systems Test Facilities: Existing capabilities compilation

    NASA Technical Reports Server (NTRS)

    Volkmer, K.

    1982-01-01

    A general description of photovoltaic systems test facilities (PV-STFs) operated under the U.S. Department of Energy's photovoltaics program is given. Descriptions of a number of privately operated facilities having test capabilities appropriate to photovoltaic hardware development are given. A summary of specific, representative test capabilities at the system and subsystem level is presented for each listed facility. The range of system and subsystem test capabilities available to serve the needs of both the photovoltaics program and the private sector photovoltaics industry is given.

  16. Photovoltaic Systems Test Facilities: Existing capabilities compilation

    NASA Astrophysics Data System (ADS)

    Volkmer, K.

    1982-03-01

    A general description of photovoltaic systems test facilities (PV-STFs) operated under the U.S. Department of Energy's photovoltaics program is given. Descriptions of a number of privately operated facilities having test capabilities appropriate to photovoltaic hardware development are given. A summary of specific, representative test capabilities at the system and subsystem level is presented for each listed facility. The range of system and subsystem test capabilities available to serve the needs of both the photovoltaics program and the private sector photovoltaics industry is given.

  17. Capacity Utilization Study for Aviation Security Cargo Inspection Queuing System

    SciTech Connect

    Allgood, Glenn O; Olama, Mohammed M; Lake, Joe E; Brumback, Daryl L

    2010-01-01

    In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The queuing model employed in our study is based on discrete-event simulation and processes various types of cargo simultaneously. Onsite measurements are collected in an airport facility to validate the queuing model. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, throughput, capacity utilization, subscribed capacity utilization, resources capacity utilization, subscribed resources capacity utilization, and number of cargo pieces (or pallets) in the different queues. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. We studied and analyzed different scenarios by changing various model parameters such as number of pieces per pallet, number of TSA inspectors and ATS personnel, number of forklifts, number of explosives trace detection (ETD) and explosives detection system (EDS) inspection machines, inspection modality distribution, alarm rate, and cargo closeout time. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures should reduce the overall cost and shipping delays associated with new inspection requirements.

  18. Capacity utilization study for aviation security cargo inspection queuing system

    NASA Astrophysics Data System (ADS)

    Allgood, Glenn O.; Olama, Mohammed M.; Lake, Joe E.; Brumback, Daryl

    2010-04-01

    In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The queuing model employed in our study is based on discrete-event simulation and processes various types of cargo simultaneously. Onsite measurements are collected in an airport facility to validate the queuing model. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, throughput, capacity utilization, subscribed capacity utilization, resources capacity utilization, subscribed resources capacity utilization, and number of cargo pieces (or pallets) in the different queues. These metrics are performance indicators of the system's ability to service current needs and response capacity to additional requests. We studied and analyzed different scenarios by changing various model parameters such as number of pieces per pallet, number of TSA inspectors and ATS personnel, number of forklifts, number of explosives trace detection (ETD) and explosives detection system (EDS) inspection machines, inspection modality distribution, alarm rate, and cargo closeout time. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures should reduce the overall cost and shipping delays associated with new inspection requirements.

  19. Cyber secure systems approach for NPP digital control systems

    SciTech Connect

    McCreary, T. J.; Hsu, A.

    2006-07-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

  20. Control Systems Security Test Center - FY 2004 Program Summary

    SciTech Connect

    Robert E. Polk; Alen M. Snyder

    2005-04-01

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  1. Intelligent Facial Recognition Systems: Technology advancements for security applications

    SciTech Connect

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  2. Secure electronic commerce communication system based on CA

    NASA Astrophysics Data System (ADS)

    Chen, Deyun; Zhang, Junfeng; Pei, Shujun

    2001-07-01

    In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

  3. Assessment on security system of radioactive sources used in hospitals of Thailand

    NASA Astrophysics Data System (ADS)

    Jitbanjong, Petchara; Wongsawaeng, Doonyapong

    2016-01-01

    Unsecured radioactive sources have caused deaths and serious injuries in many parts of the world. In Thailand, there are 17 hospitals that use teletherapy with cobalt-60 radioactive sources. They need to be secured in order to prevent unauthorized removal, sabotage and terrorists from using such materials in a radiological weapon. The security system of radioactive sources in Thailand is regulated by the Office of Atoms for Peace in compliance with Global Threat Reduction Initiative (GTRI), U.S. DOE, which has started to be implemented since 2010. This study aims to perform an assessment on the security system of radioactive sources used in hospitals in Thailand and the results can be used as a recommended baseline data for development or improvement of hospitals on the security system of a radioactive source at a national regulatory level and policy level. Results from questionnaires reveal that in 11 out of 17 hospitals (64.70%), there were a few differences in conditions of hospitals using radioactive sources with installation of the security system and those without installation of the security system. Also, personals working with radioactive sources did not clearly understand the nuclear security law. Thus, government organizations should be encouraged to arrange trainings on nuclear security to increase the level of understanding. In the future, it is recommended that the responsible government organization issues a minimum requirement of nuclear security for every medical facility using radioactive sources.

  4. Security Management in a Multimedia System

    ERIC Educational Resources Information Center

    Rednic, Emanuil; Toma, Andrei

    2009-01-01

    In database security, the issue of providing a level of security for multimedia information is getting more and more known. For the moment the security of multimedia information is done through the security of the database itself, in the same way, for all classic and multimedia records. So what is the reason for the creation of a security…

  5. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  6. Use of Multi-attribute Utility Functions in Evaluating Security Systems

    SciTech Connect

    Meyers, C; Lamont, A; Sicherman, A

    2008-06-13

    In analyzing security systems, we are concerned with protecting a building or facility from an attack by an adversary. Typically, we address the possibility that an adversary could enter a building and cause damage resulting in an immediate loss of life, or at least substantial disruption in the operations of the facility. In response to this setting, we implement security systems including devices, procedures, and facility upgrades designed to (a) prevent the adversary from entering, (b) detect and neutralize him if he does enter, and (c) harden the facility to minimize damage if an attack is carried out successfully. Although we have cast this in terms of physical protection of a building, the same general approach can be applied to non-physical attacks such as cyber attacks on a computer system. A rigorous analytic process is valuable for quantitatively evaluating an existing system, identifying its weaknesses, and proposing useful upgrades. As such, in this paper we describe an approach to assess the degree of overall protection provided by security measures. Our approach evaluates the effectiveness of the individual components of the system, describes how the components work together, and finally assesses the degree of overall protection achieved. This model can then be used to quantify the amount of protection provided by existing security measures, as well as to address proposed upgrades to the system and help identify a robust and cost effective set of improvements. Within the model, we use multiattribute utility functions to perform the overall evaluations of the system.

  7. A wireless electronic monitoring system for securing milk from farm to processor

    NASA Astrophysics Data System (ADS)

    Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

    2008-04-01

    The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results

  8. Using SysML to model complex systems for security.

    SciTech Connect

    Cano, Lester Arturo

    2010-08-01

    As security systems integrate more Information Technology the design of these systems has tended to become more complex. Some of the most difficult issues in designing Complex Security Systems (CSS) are: Capturing Requirements: Defining Hardware Interfaces: Defining Software Interfaces: Integrating Technologies: Radio Systems: Voice Over IP Systems: Situational Awareness Systems.

  9. Random digital encryption secure communication system

    NASA Technical Reports Server (NTRS)

    Doland, G. D. (Inventor)

    1982-01-01

    The design of a secure communication system is described. A product code, formed from two pseudorandom sequences of digital bits, is used to encipher or scramble data prior to transmission. The two pseudorandom sequences are periodically changed at intervals before they have had time to repeat. One of the two sequences is transmitted continuously with the scrambled data for synchronization. In the receiver portion of the system, the incoming signal is compared with one of two locally generated pseudorandom sequences until correspondence between the sequences is obtained. At this time, the two locally generated sequences are formed into a product code which deciphers the data from the incoming signal. Provision is made to ensure synchronization of the transmitting and receiving portions of the system.

  10. Security aspects of RFID communication systems

    NASA Astrophysics Data System (ADS)

    Bîndar, Valericǎ; Popescu, Mircea; Bǎrtuşicǎ, Rǎzvan; Craciunescu, Razvan; Halunga, Simona

    2015-02-01

    The objective of this study is to provide an overview of basic technical elements and security risks of RFID communication systems and to analyze the possible threats arising from the use of RFID systems. A number of measurements are performed on a communication system including RFID transponder and the tag reader, and it has been determined that the uplink signal level is 62 dB larger than the average value of the noise at the distance of 1m from the tag, therefore the shielding effectiveness has to exceed this threshold. Next, the card has been covered with several shielding materials and measurements were carried, under similar conditions to test the recovery of compromising signals. A very simple protection measure to prevent unauthorized reading of the data stored on the card has been proposed, and some electromagnetic shielding materials have been proposed and tested.

  11. Secured network sensor-based defense system

    NASA Astrophysics Data System (ADS)

    Wei, Sixiao; Shen, Dan; Ge, Linqiang; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

    2015-05-01

    Network sensor-based defense (NSD) systems have been widely used to defend against cyber threats. Nonetheless, if the adversary finds ways to identify the location of monitor sensors, the effectiveness of NSD systems can be reduced. In this paper, we propose both temporal and spatial perturbation based defense mechanisms to secure NSD systems and make the monitor sensor invisible to the adversary. The temporal-perturbation based defense manipulates the timing information of published data so that the probability of successfully recognizing monitor sensors can be reduced. The spatial-perturbation based defense dynamically redeploys monitor sensors in the network so that the adversary cannot obtain the complete information to recognize all of the monitor sensors. We carried out experiments using real-world traffic traces to evaluate the effectiveness of our proposed defense mechanisms. Our data shows that our proposed defense mechanisms can reduce the attack accuracy of recognizing detection sensors.

  12. Pegasus power system facility upgrades

    NASA Astrophysics Data System (ADS)

    Lewicki, B. T.; Kujak-Ford, B. A.; Winz, G. R.

    2008-11-01

    Two key Pegasus systems have been recently upgraded: the Ohmic-transformer IGCT bridge control system, and the plasma-gun injector power system. The Ohmic control system contains two new microprocessor controlled components to provide an interface between the PWM controller and the IGCT bridges. An interface board conditions the command signals from the PWM controller. A splitter/combiner board routes the conditioned PWM commands to an array of IGCT bridges and interprets IGCT bridge status. This system allows for any PWM controller to safely control IGCT bridges. Future developments will include a transition to a polyphasic bridge control. This will allow for 3 to 4 times the present pulse length and provide a much higher switching frequency. The plasma gun injector system now includes active current feedback control on gun bias current via PWM buck type power supplies. Near term goals include a doubling or tripling of the applied bias voltage. Future arc bias system power supplies may include a simpler boost type system which will allow access to even higher voltages using existing low voltage energy storage systems.

  13. Los Alamos National Laboratory Facilities, Security and Safeguards Division, Safeguards and Security Program Office, Protective Force Oversight Program

    SciTech Connect

    1995-11-30

    The purpose of this document is to identify and describe the duties and responsibilities of Facility Security and Safeguards (FSS) Safeguards and Security (SS) organizations (groups/offices) with oversight functions over the Protection Force (PF) subcontractor. Responsible organizations will continue their present PF oversight functions under the Cost Plus Award Fee (CPAF) assessment, but now will be required to also coordinate, integrate, and interface with other FSS S and S organizations and with the PF subcontractor to measure performance, assess Department of Energy (DOE) compliance, reduce costs, and minimize duplication of effort. The role of the PF subcontractor is to provide the Laboratory with effective and efficient protective force services. PF services include providing protection for the special nuclear material, government property and classified or sensitive information developed and/or consigned to the Laboratory, as well as protection for personnel who work or participate in laboratory activities. FSS S and S oversight of both performance and compliance standards/metrics is essential for these PF objectives to be met.

  14. A secure authentication scheme for telecare medicine information systems.

    PubMed

    Wu, Zhen-Yu; Lee, Yueh-Chun; Lai, Feipei; Lee, Hung-Chang; Chung, Yufang

    2012-06-01

    The telecare medicine information system enables or supports health-care delivery services. In recent years, the increased availability of lower-cost telecommunications systems and custom made physiological monitoring devices for patients have made it possible to bring the advantages of telemedicine directly into the patient's home. These systems are moving towards an environment where automated patient medical records and electronically interconnected telecare facilities are prevalent. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. Many schemes based on cryptography have been proposed for the goals. However, much of the schemes are vulnerable to various attacks, and are neither efficient, nor user friendly. Specially, in terms of efficiency, some schemes need the exponential computation resulting in high time cost. Therefore, we propose a novel authentication scheme that is added the pre-computing idea within the communication process to avoid the time-consuming exponential computations. Finally, it is shown to be more secure and practical for telecare medicine environments. PMID:20978928

  15. 30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to... facilities. (a) The fire suppression system required by § 75.1903 shall be an automatic multipurpose dry chemical type (ABC) fire suppression system listed or approved as an engineered dry chemical...

  16. 30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to... facilities. (a) The fire suppression system required by § 75.1903 shall be an automatic multipurpose dry chemical type (ABC) fire suppression system listed or approved as an engineered dry chemical...

  17. 30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to... facilities. (a) The fire suppression system required by § 75.1903 shall be an automatic multipurpose dry chemical type (ABC) fire suppression system listed or approved as an engineered dry chemical...

  18. 30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to... facilities. (a) The fire suppression system required by § 75.1903 shall be an automatic multipurpose dry chemical type (ABC) fire suppression system listed or approved as an engineered dry chemical...

  19. The electronic security partnership of safety/security and information systems departments.

    PubMed

    Yow, J Art

    2012-01-01

    The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems. PMID:22423530

  20. Radiation Safety Systems for Accelerator Facilities

    SciTech Connect

    Liu, James C

    2001-10-17

    The Radiation Safety System (RSS) of an accelerator facility is used to protect people from prompt radiation hazards associated with accelerator operation. The RSS is a fully interlocked, engineered system with a combination of passive and active elements that are reliable, redundant, and fail-safe. The RSS consists of the Access Control System (ACS) and the Radiation Containment System (RCS). The ACS is to keep people away from the dangerous radiation inside the shielding enclosure. The RCS limits and contains the beam/radiation conditions to protect people from the prompt radiation hazards outside the shielding enclosure in both normal and abnormal operations. The complexity of a RSS depends on the accelerator and its operation, as well as associated hazard conditions. The approaches of RSS among different facilities can be different. This report gives a review of the RSS for accelerator facilities.

  1. Radiation Safety Systems for Accelerator Facilities

    SciTech Connect

    James C. Liu; Jeffrey S. Bull; John Drozdoff; Robert May; Vaclav Vylet

    2001-10-01

    The Radiation Safety System (RSS) of an accelerator facility is used to protect people from prompt radiation hazards associated with accelerator operation. The RSS is a fully interlocked, engineered system with a combination of passive and active elements that are reliable, redundant, and fail-safe. The RSS consists of the Access Control System (ACS) and the Radiation Containment System (RCS). The ACS is to keep people away from the dangerous radiation inside the shielding enclosure. The RCS limits and contains the beam/radiation conditions to protect people from the prompt radiation hazards outside the shielding enclosure in both normal and abnormal operations. The complexity of a RSS depends on the accelerator and its operation, as well as associated hazard conditions. The approaches of RSS among different facilities can be different. This report gives a review of the RSS for accelerator facilities.

  2. Design of secure group key management system

    NASA Astrophysics Data System (ADS)

    Lee, Jeong-Min; Hwang, Kyo-Cheul; Lee, Kyoon-Ha

    2001-07-01

    Needs of Information Security in Multicast is increased. As clients join or leave a specific service group, Backward and Forward Secrecy problem occurred. Solving this problem, service group will make a re-key operation periodically. But because of this operation need translation frequently so it may have a bad influence to Real time property, which needs minimum bandwidth requirement. In this paper, we proposed a Group Key Management System, which is comprised of two levels, KD (Key Distributor) subsystem and subgroup, for managing encryption key. A KD (Key Distributor) subsystem is composed of SKDs (Subgroup Key Distributor) and TKD (Top-level Key Distributor). A SKD manages a encryption key of a subgroup. A TKD generates a KD group key that is a encryption key used in a KD group and transmits it to SKDs with safety. Subgroup consists of hosts in Multicast group. Hosts and a SKD share a encryption key, a subgroup key. This key is generated by a SKD and cannot be disclosed outside of the subgroup. As a result, a load of key management can be distributed into many KD so that the overhead of key translation can be decreased, which is needed at each stage of Multicast traffic. In joining and leaving a Multicast group frequently, a group key is distributed only in a specific subgroup. Therefore the overhead needed to redistribute a key can be decreased. By reducing overhead from security service, we expect to satisfy real time property.

  3. Materials and Security Consolidation Complex Facilities Radioactive Waste Management Basis and DOE Manual 435.1-1 Compliance Tables

    SciTech Connect

    Not Listed

    2011-09-01

    Department of Energy Order 435.1, 'Radioactive Waste Management,' along with its associated manual and guidance, requires development and maintenance of a radioactive waste management basis for each radioactive waste management facility, operation, and activity. This document presents a radioactive waste management basis for Idaho National Laboratory's Materials and Security Consolidation Center facilities that manage radioactive waste. The radioactive waste management basis for a facility comprises existing laboratory-wide and facility-specific documents. Department of Energy Manual 435.1-1, 'Radioactive Waste Management Manual,' facility compliance tables also are presented for the facilities. The tables serve as a tool for developing the radioactive waste management basis.

  4. Examining the Relationship between Organization Systems and Information Security Awareness

    ERIC Educational Resources Information Center

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  5. Security administration plan for HANDI 2000 business management system

    SciTech Connect

    Wilson, D.

    1998-09-29

    This document encompasses and standardizes the integrated approach for security within the PP and Ps applications, It also identifies the security tools and methods to be used. The Security Administration Plan becomes effective as of this document`s acceptance and will provide guidance through implementation efforts and, as a ``living document`` will support the operations and maintenance of the system.

  6. 77 FR 11385 - Security Considerations for Lavatory Oxygen Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-02-27

    ... (Amendment Nos. 21-94, 25-133, 121-354, 129-50; SFAR 111) on security considerations for lavatory oxygen systems (77 FR 12550). The interim final rule addresses a security vulnerability and is needed so the...-94, 25-133, 121-354, 129-50; SFAR 111] RIN 2120-AJ92 Security Considerations for Lavatory...

  7. Mitigations for Security Vulnerabilities Found in Control System Networks

    SciTech Connect

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  8. Clean Lead Facility (CLF) Inventory System

    Energy Science and Technology Software Center (ESTSC)

    1995-07-13

    The CLF Inventory System records shipments of clean or nonradioactive contaminated lead stored at the CLF. The Inventory System provides reports and inventory information to Facility operators. Annual, quarterly, monthly, and current inventory reports may be printed. Profile reports of each shipment of lead may also be printed for verification and documentation of lead transactions.

  9. The BNL Accelerator Test Facility control system

    SciTech Connect

    Malone, R.; Bottke, I.; Fernow, R.; Ben-Zvi, I.

    1993-01-01

    Described is the VAX/CAMAC-based control system for Brookhaven National Laboratory's Accelerator Test Facility, a laser/linac research complex. Details of hardware and software configurations are presented along with experiences of using Vsystem, a commercial control system package.

  10. Centrifuge facility conceptual system study. Volume 2: Facility systems and study summary

    NASA Technical Reports Server (NTRS)

    Synnestvedt, Robert (Editor); Blair, Patricia; Cartledge, Alan; Garces-Porcile, Jorge; Garin, Vladimir; Guerrero, Mike; Haddeland, Peter; Horkachuck, Mike; Kuebler, Ulrich; Nguyen, Frank

    1991-01-01

    The Centrifuge Facility is a major element of the biological research facility for the implementation of NASA's Life Science Research Program on Space Station Freedom using nonhuman species (small primates, rodents, plants, insects, cell tissues, etc.). The Centrifuge Facility consists of a variable gravity Centrifuge to provide artificial gravity up to 2 earth G's' a Holding System to maintain specimens at microgravity levels, a Glovebox, and a Service Unit for servicing specimen chambers. The following subject areas are covered: (1) Holding System; (2) Centrifuge System; (3) Glovebox System; (4) Service System; and (5) system study summary.

  11. Creating a Clinical Video-Conferencing Facility in a Security-Constrained Environment Using Open-Source AccessGrid Software and Consumer Hardware

    PubMed Central

    Terrazas, Enrique; Hamill, Timothy R.; Wang, Ye; Channing Rodgers, R. P.

    2007-01-01

    The Department of Laboratory Medicine at the University of California, San Francisco (UCSF) has been split into widely separated facilities, leading to much time being spent traveling between facilities for meetings. We installed an open-source AccessGrid multi-media-conferencing system using (largely) consumer-grade equipment, connecting 6 sites at 5 separate facilities. The system was accepted rapidly and enthusiastically, and was inexpensive compared to alternative approaches. Security was addressed by aspects of the AG software and by local network administrative practices. The chief obstacles to deployment arose from security restrictions imposed by multiple independent network administration regimes, requiring a drastically reduced list of network ports employed by AG components. PMID:18693930

  12. Interacting with a security system: The Argus user interface

    SciTech Connect

    Behrin, E.; Davis, G.E.

    1993-12-31

    In the mid-1980s the Lawrence Livermore National Laboratory (LLNL) developed the Argus Security System. Key requirements were to eliminate the telephone as a verification device for opening and closing alarm stations and to allow need-to-know access through local enrollment at alarm stations. Resulting from these requirements was an LLNL-designed user interface called the Remote Access Panel (RAP). The Argus RAP interacts with Argus field processors to allow secure station mode changes and local station enrollment, provides user direction and response, and assists station maintenance personnel. It consists of a tamper-detecting housing containing a badge reader, a keypad with sight screen, special-purpose push buttons and a liquid-crystal display. This paper discusses Argus system concepts, RAP design, functional characteristics and its physical configurations. The paper also describes the RAP`s use in access-control booths, it`s integration with biometrics and its operation for multi-person-rule stations and compartmented facilities.

  13. 33 CFR 146.103 - Safety and Security notice of arrival for U.S. floating facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... under 30 CFR 250.154 for identification, where the owner or operator of the floating facility plans to... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Safety and Security notice of..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OUTER CONTINENTAL SHELF ACTIVITIES OPERATIONS Manned...

  14. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  15. Security engineering: systems engineering of security through the adaptation and application of risk management

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  16. Process Control Systems in the Chemical Industry: Safety vs. Security

    SciTech Connect

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  17. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  18. Synchronization system for Gamma-4 electrophysical facility

    NASA Astrophysics Data System (ADS)

    Grishin, A. V.; Nazarenko, S. T.; Kozachek, A. V.; Kalashnikov, D. A.; Glushkov, S. L.; Mironychev, B. P.; Martynov, V. M.; Turutin, V. V.; Kul'dyushov, D. A.; Pavlov, V. S.; Demanov, V. A.; Shikhanova, T. F.; Esaeva, Yu. A.

    2015-01-01

    A synchronization system for the Gamma-4 four-module electrophysical facility has been developed. It has been shown that the synchronization system should provide triggering (with precision not worse than ±3 ns) of the high-voltage gas-filled trigatron-type switches of the facility modules (144 spark gaps with an operating voltage of 1 MV), the pre-pulse switches of the modules (24 spark gaps with an operating voltage of 3 MV) and eight Arkad'ev-Marx generators (40 spark gaps with an operating voltage of 100 kV).

  19. Control Systems Cyber Security: Defense-in-Depth Strategies

    SciTech Connect

    Mark Fabro

    2007-10-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  20. Power Systems Development Facility. Environmental Assessment

    SciTech Connect

    Not Available

    1993-06-01

    The objective of the PSDF would be to provide a modular facility which would support the development of advanced, pilot-scale, coal-based power systems and hot gas clean-up components. These pilot-scale components would be designed to be large enough so that the results can be related and projected to commercial systems. The facility would use a modular approach to enhance the flexibility and capability for testing; consequently, overall capital and operating costs when compared with stand-alone facilities would be reduced by sharing resources common to different modules. The facility would identify and resolve technical barrier, as well as-provide a structure for long-term testing and performance assessment. It is also intended that the facility would evaluate the operational and performance characteristics of the advanced power systems with both bituminous and subbituminous coals. Five technology-based experimental modules are proposed for the PSDF: (1) an advanced gasifier module, (2) a fuel cell test module, (3) a PFBC module, (4) a combustion gas turbine module, and (5) a module comprised of five hot gas cleanup particulate control devices. The final module, the PCD, would capture coal-derived ash and particles from both the PFBC and advanced gasifier gas streams to provide for overall particulate emission control, as well as to protect the combustion turbine and the fuel cell.

  1. Securing Operating Data From Passive Safety Tests at the Fast Flux Test Facility

    SciTech Connect

    Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah L.; Nelson, Joseph V.; Polzin, David L.

    2011-06-01

    The Fast Flux Test Facility (FFTF) is the most recent Liquid Metal Reactor (LMR) to operate in the United States, from 1982 to 1992. The technologies employed in designing and constructing this reactor, along with information obtained from tests conducted during its operation, are currently being secured and archived by the Department of Energy’s Office of Nuclear Energy Fuel Cycle Research and Development Program. This report is one in a series documenting the overall project efforts to retrieve and preserve critical information related to advanced reactors. A previous report summarized the initial efforts to review, retrieve and preserve the most salient documents related to Passive Safety Testing (PST) in the FFTF. Efforts continue to locate, secure, and retrieve record copies of original plant data tapes for the series of passive safety tests conducted between 1986 and 1991.

  2. Securing Operating Data From Passive Safety Tests at the Fast Flux Test Facility

    SciTech Connect

    Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah L.; Nelson, Joseph V.; Polzin, David L.

    2011-06-01

    The Fast Flux Test Facility (FFTF) is the most recent Liquid Metal Reactor (LMR) to operate in the United States, from 1982 to 1992. The technologies employed in designing and constructing this reactor, along with information obtained from tests conducted during its operation, are currently being secured and archived by the Department of Energy's Office of Nuclear Energy Fuel Cycle Research and Development Program. This report is one in a series documenting the overall project efforts to retrieve and preserve critical information related to advanced reactors. A previous report summarized the initial efforts to review, retrieve and preserve the most salient documents related to Passive Safety Testing (PST) in the FFTF. Efforts continue to locate, secure, and retrieve record copies of original plant data tapes for the series of passive safety tests conducted between 1986 and 1991.

  3. Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

    PubMed Central

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

  4. 31 CFR 306.23 - Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... TREASURY DIRECT Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury Regulations... Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System. (a) Eligible issues. The... conversion to the TREASURY DIRECT Book-entry Securities System. The notice shall specify the period...

  5. Production Facility System Reliability Analysis Report

    SciTech Connect

    Dale, Crystal Buchanan; Klein, Steven Karl

    2015-10-06

    This document describes the reliability, maintainability, and availability (RMA) modeling of the Los Alamos National Laboratory (LANL) design for the Closed Loop Helium Cooling System (CLHCS) planned for the NorthStar accelerator-based 99Mo production facility. The current analysis incorporates a conceptual helium recovery system, beam diagnostics, and prototype control system into the reliability analysis. The results from the 1000 hr blower test are addressed.

  6. Computer security plan development using an expert system

    SciTech Connect

    Hunteman, W.J. ); Evans, R.; Brownstein, M.; Chapman, L. )

    1990-01-01

    The Computer Security Plan Assistant (SPA) is an expert system for reviewing Department of Energy (DOE) Automated Data Processing (ADP) Security Plans. DOE computer security policies require ADP security plans to be periodically reviewed and updated by all DOE sites. SPA is written in XI-Plus, an expert system shell. SPA was developed by BDM International, Inc., under sponsorship by the DOE Center for Computer Security at Los Alamos National Laboratory. SPA runs on an IBM or compatible personal computer. It presents a series of questions about the ADP security plan being reviewed. The SPA user references the ADP Security Plan and answers the questions. The SPA user reviews each section of the security plan, in any order, until all sections have been reviewed. The SPA user can stop the review process after any section and restart later. A Security Plan Review Report is available after the review of each section of the Security Plan. The Security Plan Review Report gives the user a written assessment of the completeness of the ADP Security Plan. SPA is being tested at Los Alamos and will soon be available to the DOE community.

  7. 33 CFR 105.250 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... inspected, tested, calibrated, and maintained according to manufacturers' recommendations. (b) Security systems must be regularly tested in accordance with the manufacturers' recommendations; noted...

  8. Potential uses of a wireless network in physical security systems.

    SciTech Connect

    Witzke, Edward L.

    2010-07-01

    Many possible applications requiring or benefiting from a wireless network are available for bolstering physical security and awareness at high security installations or facilities. These enhancements are not always straightforward and may require careful analysis, selection, tuning, and implementation of wireless technologies. In this paper, an introduction to wireless networks and the task of enhancing physical security is first given. Next, numerous applications of a wireless network are brought forth. The technical issues that arise when using a wireless network to support these applications are then discussed. Finally, a summary is presented.

  9. Security plan for the Automated Transportation Management System

    SciTech Connect

    Not Available

    1994-04-01

    The Automated Transportation Management System (ATMS) is an unclassified non-sensitive system consisting of hardware and software designed to facilitate the shipment of goods for the US Department of Energy (DOE). The system is secured against waste, fraud, abuse, misuse, and programming errors through a series of security measures that are discussed in detail in this document.

  10. 12 CFR 792.67 - Security of systems of records.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 12 Banks and Banking 6 2011-01-01 2011-01-01 false Security of systems of records. 792.67 Section 792.67 Banks and Banking NATIONAL CREDIT UNION ADMINISTRATION REGULATIONS AFFECTING THE OPERATIONS OF....67 Security of systems of records. (a) Each system manager, with the approval of the head of...

  11. Security Systems Commissioning: An Old Trick for Your New Dog

    ERIC Educational Resources Information Center

    Black, James R.

    2009-01-01

    Sophisticated, software-based security systems can provide powerful tools to support campus security. By nature, such systems are flexible, with many capabilities that can help manage the process of physical protection. However, the full potential of these systems can be overlooked because of unfamiliarity with the products, weaknesses in security…

  12. Security warning system monitors up to fifteen remote areas simultaneously

    NASA Technical Reports Server (NTRS)

    Fusco, R. C.

    1966-01-01

    Security warning system consisting of 15 television cameras is capable of monitoring several remote or unoccupied areas simultaneously. The system uses a commutator and decommutator, allowing time-multiplexed video transmission. This security system could be used in industrial and retail establishments.

  13. 33 CFR 104.260 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... maintenance. 104.260 Section 104.260 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and... procedures for identifying and responding to security system and equipment failures or malfunctions....

  14. 75 FR 28042 - Privacy Act of 1974: System of Records; Department of Homeland Security Transportation Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-05-19

    ... Transportation Security Enforcement Record System (69 FR 71828, December 10, 2004.) TSA's mission is to protect... rule published on August 4, 2006 in 71 FR 44223. II. Privacy Act The Privacy Act embodies fair... records is also based on ``need to know.'' Electronic access is limited by computer security measures...

  15. A System Of Systems Ground Segment To Support SEcurity Applications

    NASA Astrophysics Data System (ADS)

    Gomez Cid, Celestino; Yague, Julia; Galilea, Javier Noguero; Pedrazzani, Donata; Martinez, Jorge Pacios

    2013-12-01

    The progress of Copernicus projects into initial operative services is showing the complexity and operational bottlenecks in satellite data supply: as end users put forward requests and activations for Earth Ovservation (EO) based services, providers face the thresholds of requirements such as responsiveness or spectral capabilities. To develop the “S” of security within GMES-COPERNICUS, ESA has (i) valued the EO needs roadmap, (ii) assessed data access infrastructure options, (iii) explored the concepts of operation and (iv) defined architectural system lay outs. GMV has undertaken an analysis of user requirements for security and presented a technical solution for a system of systems coordinated data access in the short, medium and long term up to 2025.

  16. 3S (Safeguards, Security, Safety) based pyroprocessing facility safety evaluation plan

    SciTech Connect

    Ku, J.H.; Choung, W.M.; You, G.S.; Moon, S.I.; Park, S.H.; Kim, H.D.

    2013-07-01

    The big advantage of pyroprocessing for the management of spent fuels against the conventional reprocessing technologies lies in its proliferation resistance since the pure plutonium cannot be separated from the spent fuel. The extracted materials can be directly used as metal fuel in a fast reactor, and pyroprocessing reduces drastically the volume and heat load of the spent fuel. KAERI has implemented the SBD (Safeguards-By-Design) concept in nuclear fuel cycle facilities. The goal of SBD is to integrate international safeguards into the entire facility design process since the very beginning of the design phase. This paper presents a safety evaluation plan using a conceptual design of a reference pyroprocessing facility, in which 3S (Safeguards, Security, Safety)-By-Design (3SBD) concept is integrated from early conceptual design phase. The purpose of this paper is to establish an advanced pyroprocessing hot cell facility design concept based on 3SBD for the successful realization of pyroprocessing technology with enhanced safety and proliferation resistance.

  17. A Sensor and Communications System for Containerized-Cargo Security

    SciTech Connect

    Leach Jr., R R

    2005-02-10

    A public/private collaboration between federal, state, provincial, and local U.S. and Canadian governmental organizations, called the Canada - United States Cargo Security Project has been formed, with the goal to improve security of containerized cargo moving from overseas locations into eastern Canadian provinces and the Northeastern United States. The current phase of this project has two technical objectives. These are: (1) to build and test a prototype in-container sensor system able to detect unauthorized entry into the container and the presence of radioactive material, to record geographical location and environmental data, and to transmit this information via satellite communications to a remote monitoring facility, and (2) to develop a secure website where data from the in-container sensors and other information will be displayed in real or near-real time and can be made available to law enforcement and emergency response organizations as appropriate. This paper will describe these activities, currently being undertaken by the Lawrence Livermore National Laboratory. An additional goal of the project's current phase is to integrate multi-jurisdictional training and first-responder exercises while monitoring and tracking container shipments from overseas to the US via Canadian ports-of-entry into North America. This activity is being undertaken by other project partners, which include the National Infrastructure Institute--Center for Infrastructure Expertise (NI2CIE), Transport Canada, Canadian Provinces of Quebec and Nova Scotia, Ports of Halifax and Montreal, U.S. Coast Guard (First Coast Guard District), States of New Hampshire, Maine, Vermont, and New York and the Port of Portland.

  18. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    SciTech Connect

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  19. System security in the space flight operations center

    NASA Technical Reports Server (NTRS)

    Wagner, David A.

    1988-01-01

    The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to risk assessment, security plan development, security implications of design requirements, automatic safeguards, and procedural safeguards.

  20. Perimeter security alarm system based on fiber Bragg grating

    NASA Astrophysics Data System (ADS)

    Zhang, Cui; Wang, Lixin

    2010-11-01

    With the development of the society and economy and the improvement of living standards, people need more and more pressing security. Perimeter security alarm system is widely regarded as the first line of defense. A highly sensitive Fiber Bragg grating (FBG) vibration sensor based on the theory of the string vibration, combined with neural network adaptive dynamic programming algorithm for the perimeter security alarm system make the detection intelligently. Intelligent information processing unit identify the true cause of the vibration of the invasion or the natural environment by analyzing the frequency of vibration signals, energy, amplitude and duration. Compared with traditional perimeter security alarm systems, such as infrared perimeter security system and electric fence system, FBG perimeter security alarm system takes outdoor passive structures, free of electromagnetic interference, transmission distance through optical fiber can be as long as 20 km It is able to detect the location of event within short period of time (high-speed response, less than 3 second).This system can locate the fiber cable's breaking sites and alarm automatically if the cable were be cut. And the system can prevent effectively the false alarm from small animals, birds, strong wind, scattering things, snowfalls and vibration of sensor line itself. It can also be integrated into other security systems. This system can be widely used in variety fields such as military bases, nuclear sites, airports, warehouses, prisons, residence community etc. It will be a new force of perimeter security technology.

  1. National Ignition Facility environmental protection systems

    SciTech Connect

    Mintz, J.M.; Reitz, T.C.; Tobin, M.T.

    1994-06-01

    The conceptual design of Environmental Protection Systems (EPS) for the National Ignition Facility (NIF) is described. These systems encompass tritium and activated debris handling, chamber, debris shield and general decontamination, neutron and gamma monitoring, and radioactive, hazardous and mixed waste handling. Key performance specifications met by EPS designs include limiting the tritium inventory to 300 Ci and total tritium release from NIF facilities to less than 10 Ci/yr. Total radiation doses attributable to NIF shall remain below 10 mrem/yr for any member of the general public and 500 mrem/yr for NIF staff. ALARA-based design features and operational procedures will, in most cases, result in much lower measured exposures. Waste minimization, improved cycle time and reduced exposures all result from the proposed CO2 robotic arm cleaning and decontamination system, while effective tritium control is achieved through a modern system design based on double containment and the proven detritiation technology.

  2. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  3. BNL ACCELERATOR TEST FACILITY CONTROL SYSTEM UPGRADE.

    SciTech Connect

    MALONE,R.; BEN-ZVI,I.; WANG,X.; YAKIMENKO,V.

    2001-06-18

    Brookhaven National Laboratory's Accelerator Test Facility (ATF) has embarked on a complete upgrade of its decade old computer system. The planned improvements affect every major component: processors (Intel Pentium replaces VAXes), operating system (Linux/Real-Time Linux supplants OpenVMS), and data acquisition equipment (fast Ethernet equipment replaces CAMAC serial highway.) This paper summarizes the strategies and progress of the upgrade along with plans for future expansion.

  4. Biotechnology System Facility: Risk Mitigation on Mir

    NASA Technical Reports Server (NTRS)

    Gonda, Steve R., III; Galloway, Steve R.

    2003-01-01

    NASA is working with its international partners to develop space vehicles and facilities that will give researchers the opportunity to conduct scientific investigations in space. As part of this activity, NASA's Biotechnology Cell Science Program (BCSP) at the Johnson Space Center (JSC) is developing a world-class biotechnology laboratory facility for the International Space Station (ISS). This report describes the BCSP, including the role of the BTS. We identify the purpose and objectives of the BTS and a detailed description of BTS facility design and operational concept, BTS facility and experiment-specific hardware, and scientific investigations conducted in the facility. We identify the objectives, methods, and results of risk mitigation investigations of the effects of microgravity and cosmic radiation on the BTS data acquisition and control system. These results may apply to many other space experiments that use commercial, terrestrial-based data acquisition technology. Another focal point is a description of the end-to-end process of integrating and operating biotechnology experiments on a variety of space vehicles. The identification of lessons learned that can be applied to future biotechnology experiments is an overall theme of the report. We include a brief summary of the science results, but this is not the focus of the report. The report provides some discussion on the successful 130-day tissue engineering experiment performed in BTS on Mir and describes a seminal gene array investigation that identified a set of unique genes that are activated in space.

  5. Secure control systems with application to cyber-physical systems

    SciTech Connect

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  6. Ideal Based Cyber Security Technical Metrics for Control Systems

    SciTech Connect

    W. F. Boyer; M. A. McQueen

    2007-10-01

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  7. Long Duration Exposure Facility (LDEF) Archive System

    NASA Technical Reports Server (NTRS)

    Wilson, Brenda K.

    1995-01-01

    The Long Duration Exposure Facility (LDEF) Archive System is designed to provide spacecraft designers and space environment researchers single point access to all available resources from LDEF. These include data, micrographs, photographs, technical reports, papers, hardware and test specimens, as well as technical expertise. Further, the LDEF Archive System is planned such that it could be the foundation for a NASA Space Environments and Effects (SEE) Archive System, with the addition of other spaceflight, laboratory and theoretical space environments and effects data and associated materials. This paper describes the current status and plans of the LDEF Archive System.

  8. Advanced Group Support Systems and Facilities

    NASA Technical Reports Server (NTRS)

    Noor, Ahmed K. (Compiler); Malone, John B. (Compiler)

    1999-01-01

    The document contains the proceedings of the Workshop on Advanced Group Support Systems and Facilities held at NASA Langley Research Center, Hampton, Virginia, July 19-20, 1999. The workshop was jointly sponsored by the University of Virginia Center for Advanced Computational Technology and NASA. Workshop attendees came from NASA, other government agencies, industry, and universities. The objectives of the workshop were to assess the status of advanced group support systems and to identify the potential of these systems for use in future collaborative distributed design and synthesis environments. The presentations covered the current status and effectiveness of different group support systems.

  9. Energy Systems Test Area (ESTA). Power Systems Test Facilities

    NASA Technical Reports Server (NTRS)

    Situ, Cindy H.

    2010-01-01

    This viewgraph presentation provides a detailed description of the Johnson Space Center's Power Systems Facility located in the Energy Systems Test Area (ESTA). Facilities and the resources used to support power and battery systems testing are also shown. The contents include: 1) Power Testing; 2) Power Test Equipment Capabilities Summary; 3) Source/Load; 4) Battery Facilities; 5) Battery Test Equipment Capabilities Summary; 6) Battery Testing; 7) Performance Test Equipment; 8) Battery Test Environments; 9) Battery Abuse Chambers; 10) Battery Abuse Capabilities; and 11) Battery Test Area Resources.

  10. Applications for cyber security - System and application monitoring

    SciTech Connect

    Marron, J. E.

    2006-07-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  11. RFID Based Context Information Security System Architecture for Securing Personal Information under Ubiquitous Environment

    NASA Astrophysics Data System (ADS)

    Song, Jae-Gu; Park, Gil-Cheol; Kim, Seoksoo

    2007-12-01

    In this study, framework for securing personal information among various contexts collected and utilized under ubiquitous environment is proposed. The proposed framework will analyze relativity among information used to determine the exposure of personal information according to circumstances where personal information is used. In addition, the study will define the definition of role-based structure and propose a structure applying password security system according to access level. Furthermore, the study will propose a method for building information security system using RFID tag information which generates context information.

  12. HPF HIGH PRESSURE FACILITY GAS ANALYSIS SYSTEM IN BASEMENT / HIGH TEMPERATURE GAS FACILITY IN THE E

    NASA Technical Reports Server (NTRS)

    1980-01-01

    HPF HIGH PRESSURE FACILITY GAS ANALYSIS SYSTEM IN BASEMENT / HIGH TEMPERATURE GAS FACILITY IN THE ENGINE RESEARCH BUILDING ERB TEST CELL CE-13 / AUTOMATIC SCAN VALUE SYSTEM ON THE SECOND FLOOR OF THE INSTRUMENT RESEARCH LABORATORY IRL

  13. DOE integrated safeguards and security (DISS) system a nation-wide distributed information system for personnel security

    SciTech Connect

    Block, B.

    1997-06-05

    DISS uses secure client-server and relational database technology across open networks to address the problems of security clearance request processing and tracking of security clearances for the Department of energy. The system supports the entire process from data entry by the prospective clearance holders through tracking of all DOE clearances, and use of standard DOE badges in automated access control systems throughout the DOE complex.

  14. Cost and performance analysis of physical security systems

    SciTech Connect

    Hicks, M.J.; Yates, D.; Jago, W.H.; Phillips, A.W.

    1998-04-01

    Analysis of cost and performance of physical security systems can be a complex, multi-dimensional problem. There are a number of point tools that address various aspects of cost and performance analysis. Increased interest in cost tradeoffs of physical security alternatives has motivated development of an architecture called Cost and Performance Analysis (CPA), which takes a top-down approach to aligning cost and performance metrics. CPA incorporates results generated by existing physical security system performance analysis tools, and utilizes an existing cost analysis tool. The objective of this architecture is to offer comprehensive visualization of complex data to security analysts and decision-makers.

  15. Catheter Securement Systems for Peripherally Inserted and Nontunneled Central Vascular Access Devices: Clinical Evaluation of a Novel Sutureless Device.

    PubMed

    Krenik, Karen M; Smith, Graham E; Bernatchez, Stéphanie F

    2016-01-01

    Sutureless catheter securement systems are intended to eliminate risks associated with sutures. The clinical acceptability of a novel system was investigated compared with the current method of securement for peripherally inserted central catheters (19 facilities using StatLock or sutures) or nontunneled central vascular access devices (3 facilities using StatLock or sutures or HubGuard + Sorbaview Shield). More than 94% of respondents rated the novel system as same, better, or much better than their current product. More than 82% of respondents were willing to replace their current system with the new one. PMID:27379679

  16. A novel wireless local positioning system for airport (indoor) security

    NASA Astrophysics Data System (ADS)

    Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

    2004-09-01

    A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

  17. A security scheme of SMS system

    NASA Astrophysics Data System (ADS)

    Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

  18. Evaluation of a Cyber Security System for Hospital Network.

    PubMed

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network. PMID:26262217

  19. System for Secure Integration of Aviation Data

    NASA Technical Reports Server (NTRS)

    Kulkarni, Deepak; Wang, Yao; Keller, Rich; Chidester, Tom; Statler, Irving; Lynch, Bob; Patel, Hemil; Windrem, May; Lawrence, Bob

    2007-01-01

    The Aviation Data Integration System (ADIS) of Ames Research Center has been established to promote analysis of aviation data by airlines and other interested users for purposes of enhancing the quality (especially safety) of flight operations. The ADIS is a system of computer hardware and software for collecting, integrating, and disseminating aviation data pertaining to flights and specified flight events that involve one or more airline(s). The ADIS is secure in the sense that care is taken to ensure the integrity of sources of collected data and to verify the authorizations of requesters to receive data. Most importantly, the ADIS removes a disincentive to collection and exchange of useful data by providing for automatic removal of information that could be used to identify specific flights and crewmembers. Such information, denoted sensitive information, includes flight data (here signifying data collected by sensors aboard an aircraft during flight), weather data for a specified route on a specified date, date and time, and any other information traceable to a specific flight. The removal of information that could be used to perform such tracing is called "deidentification." Airlines are often reluctant to keep flight data in identifiable form because of concerns about loss of anonymity. Hence, one of the things needed to promote retention and analysis of aviation data is an automated means of de-identification of archived flight data to enable integration of flight data with non-flight aviation data while preserving anonymity. Preferably, such an automated means would enable end users of the data to continue to use pre-existing data-analysis software to identify anomalies in flight data without identifying a specific anomalous flight. It would then also be possible to perform statistical analyses of integrated data. These needs are satisfied by the ADIS, which enables an end user to request aviation data associated with de-identified flight data. The ADIS

  20. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    SciTech Connect

    Not Available

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  1. Evaluation on Electronic Securities Settlements Systems by AHP Methods

    NASA Astrophysics Data System (ADS)

    Fukaya, Kiyoyuki; Komoda, Norihisa

    Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

  2. Saturn facility oil transfer automation system

    SciTech Connect

    Joseph, Nathan R.; Thomas, Rayburn Dean; Lewis, Barbara Ann; Malagon, Hector M.

    2014-02-01

    The Saturn accelerator, owned by Sandia National Laboratories, has been in operation since the early 1980s and still has many of the original systems. A critical legacy system is the oil transfer system which transfers 250,000 gallons of transformer oil from outside storage tanks to the Saturn facility. The oil transfer system was iden- ti ed for upgrade to current technology standards. Using the existing valves, pumps, and relay controls, the system was automated using the National Instruments cRIO FGPA platform. Engineered safety practices, including a failure mode e ects analysis, were used to develop error handling requirements. The uniqueness of the Saturn Oil Automated Transfer System (SOATS) is in the graphical user interface. The SOATS uses an HTML interface to communicate to the cRIO, creating a platform independent control system. The SOATS was commissioned in April 2013.

  3. Nike Facility Diagnostics and Data Acquisition System

    NASA Astrophysics Data System (ADS)

    Chan, Yung; Aglitskiy, Yefim; Karasik, Max; Kehne, David; Obenschain, Steve; Oh, Jaechul; Serlin, Victor; Weaver, Jim

    2013-10-01

    The Nike laser-target facility is a 56-beam krypton fluoride system that can deliver 2 to 3 kJ of laser energy at 248 nm onto targets inside a two meter diameter vacuum chamber. Nike is used to study physics and technology issues related to laser direct-drive ICF fusion, including hydrodynamic and laser-plasma instabilities, material behavior at extreme pressures, and optical and x-ray diagnostics for laser-heated targets. A suite of laser and target diagnostics are fielded on the Nike facility, including high-speed, high-resolution x-ray and visible imaging cameras, spectrometers and photo-detectors. A centrally-controlled, distributed computerized data acquisition system provides robust data management and near real-time analysis feedback capability during target shots. Work supported by DOE/NNSA.

  4. Information Security Management - Part Of The Integrated Management System

    NASA Astrophysics Data System (ADS)

    Manea, Constantin Adrian

    2015-07-01

    The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

  5. Staff management of security personnel at Martin Marietta Energy Systems, Inc. , Portsmouth Gaseous Diffusion Plant

    SciTech Connect

    Not Available

    1991-09-25

    The Portsmouth Gaseous Diffusion Plant Security and Police Operations Department is responsible for protecting the US Department of Energy interests at the Portsmouth Plant from theft, sabotage, and other hostile acts that may adversely affect national security, the public health and safety, or property at the Department of Energy facility. This audit's purpose was to evaluate Martin Marietta Energy Systems, Inc.'s staff management at the Portsmouth Plant Security Department. The Portsmouth Plant Security Department could reduce operating cost up to an estimated $4.4 million over 5 years by: (1) Eliminating up to 14 unnecessary staff positions, and (2) reducing the length of relief breaks. These economies could be realized through implementing written operating procedures and negotiating removal of certain labor union restrictions. 2 tabs.

  6. Assessing DOVID security: a system approach

    NASA Astrophysics Data System (ADS)

    Andrade, Ana A.; Rebordao, Jose M.

    2000-04-01

    Optical variable devices are usually characterized by their physical objective properties, which are key elements to distinguish originals form fakes, especially in the court of law context, however, at the selection, planning or pre- production stages, an evaluation of devices could and should be performed, in view of its classification in a security scale. The ranking in this scale would be indicative of the likelihood of counterfeiting and would have to take into account not only the physical aspects, but also subjective ones such as the security of the legal manufacture or of the technology itself. In this paper, we propose a methodology and elaborate on a model for DOVID security measurement, based on Multi criteria Decision Analysis. Critical evaluation factors, related to technology, design and quality, are proposed, its impacts quantified and grouped in order to allow an evaluation of DOVID samples. Using this methodology all the aspects that contribute to the DOVID security might be assessed and inter-related, leading to a final classification and, in the long term, to a standard of security.

  7. 75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-23

    ... Management System of Records (74 FR 3084, January 16, 2009) for the collection and maintenance of records... SECURITY Office of the Secretary Privacy Act of 1974; Department of Homeland Security/ALL--023 Personnel... to update and reissue Department of Homeland Security/ALL--023 Personnel Security Management...

  8. High Energy X-Ray System Specification for the Device Assembly Facility (DAF) at the NNSS

    SciTech Connect

    Fry, David A.

    2012-08-10

    This specification establishes requirements for an X-Ray System to be used at the Device Assembly Facility (DAF) at the Nevada National Security Site (NNSS) to support radiography of experimental assemblies for Laboratory (LANL, LLNL, SNL) programs conducting work at the NNSS.

  9. FACELOCK-Lock Control Security System Using Face Recognition-

    NASA Astrophysics Data System (ADS)

    Hirayama, Takatsugu; Iwai, Yoshio; Yachida, Masahiko

    A security system using biometric person authentication technologies is suited to various high-security situations. The technology based on face recognition has advantages such as lower user’s resistance and lower stress. However, facial appearances change according to facial pose, expression, lighting, and age. We have developed the FACELOCK security system based on our face recognition methods. Our methods are robust for various facial appearances except facial pose. Our system consists of clients and a server. The client communicates with the server through our protocol over a LAN. Users of our system do not need to be careful about their facial appearance.

  10. Support systems of the orbiting quarantine facility

    NASA Technical Reports Server (NTRS)

    1981-01-01

    The physical support systems, the personnel management structure, and the contingency systems necessary to permit the Orbiting Quarantine Facility (OQF) to function as an integrated system are described. The interactions between the subsystems within the preassembled modules are illustrated. The Power Module generates and distributes electrical power throughout each of the four modules, stabilizes the OQF's attitude, and dissipates heat generated throughout the system. The Habitation Module is a multifunctional structure designed to monitor and control all aspects of the system's activities. The Logistics Module stores the supplies needed for 30 days of operation and provides storage for waste materials generated during the mission. The Laboratory Module contains the equipment necessary for executing the protocol, as well as an independent life support system.

  11. Support systems of the orbiting quarantine facility

    NASA Astrophysics Data System (ADS)

    The physical support systems, the personnel management structure, and the contingency systems necessary to permit the Orbiting Quarantine Facility (OQF) to function as an integrated system are described. The interactions between the subsystems within the preassembled modules are illustrated. The Power Module generates and distributes electrical power throughout each of the four modules, stabilizes the OQF's attitude, and dissipates heat generated throughout the system. The Habitation Module is a multifunctional structure designed to monitor and control all aspects of the system's activities. The Logistics Module stores the supplies needed for 30 days of operation and provides storage for waste materials generated during the mission. The Laboratory Module contains the equipment necessary for executing the protocol, as well as an independent life support system.

  12. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    SciTech Connect

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  13. Collection Security.

    ERIC Educational Resources Information Center

    Boss, Richard W.

    1984-01-01

    Presents a systematic approach to the problem of security of library collections and facilities from theft and vandalism. Highlights include responses to losses, defining security needs, typical weaknesses of facilities, policies and procedures that weaken a library's security, conducting a security audit, cost of security, cost-effectiveness, and…

  14. Architectural issues in fault-tolerant, secure computing systems

    SciTech Connect

    Joseph, M.K.

    1988-01-01

    This dissertation explores several facets of the applicability of fault-tolerance techniques to secure computer design, these being: (1) how fault-tolerance techniques can be used on unsolved problems in computer security (e.g., computer viruses, and denial-of-service); (2) how fault-tolerance techniques can be used to support classical computer-security mechanisms in the presence of accidental and deliberate faults; and (3) the problems involved in designing a fault-tolerant, secure computer system (e.g., how computer security can degrade along with both the computational and fault-tolerance capabilities of a computer system). The approach taken in this research is almost as important as its results. It is different from current computer-security research in that a design paradigm for fault-tolerant computer design is used. This led to an extensive fault and error classification of many typical security threats. Throughout this work, a fault-tolerance perspective is taken. However, the author did not ignore basic computer-security technology. For some problems he investigated how to support and extend basic-security mechanism (e.g., trusted computing base), instead of trying to achieve the same result with purely fault-tolerance techniques.

  15. Analyzing the security of an existing computer system

    NASA Technical Reports Server (NTRS)

    Bishop, M.

    1986-01-01

    Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

  16. Process Control System Cyber Security Standards - An Overview

    SciTech Connect

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  17. Applying New Network Security Technologies to SCADA Systems.

    SciTech Connect

    Hurd, Steven A.; Stamp, Jason E.; Duggan, David P.; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure %22traditional%22 IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  18. Measurable Control System Security through Ideal Driven Technical Metrics

    SciTech Connect

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

  19. 49 CFR 193.2911 - Security lighting.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 3 2010-10-01 2010-10-01 false Security lighting. 193.2911 Section 193.2911...: FEDERAL SAFETY STANDARDS Security § 193.2911 Security lighting. Where security warning systems are not provided for security monitoring under § 193.2913, the area around the facilities listed under §...

  20. 49 CFR 193.2911 - Security lighting.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 3 2012-10-01 2012-10-01 false Security lighting. 193.2911 Section 193.2911...: FEDERAL SAFETY STANDARDS Security § 193.2911 Security lighting. Where security warning systems are not provided for security monitoring under § 193.2913, the area around the facilities listed under §...

  1. Comprehensive test ban treaty international monitoring system security threats and proposed security attributes

    SciTech Connect

    Draelos, T.J.; Craft, R.L.

    1996-03-01

    To monitor compliance with a Comprehensive Test Ban Treaty (CTBT), a sensing network, referred to as the International Monitoring System (IMS), is being deployed. Success of the IMS depends on both its ability to preform its function and the international community`s confidence in the system. To ensure these goals, steps must be taken to secure the system against attacks that would undermine it; however, it is not clear that consensus exists with respect to the security requirements that should be levied on the IMS design. In addition, CTBT has not clearly articulated what threats it wishes to address. This paper proposes four system-level threats that should drive IMS design considerations, identifies potential threat agents, and collects into one place the security requirements that have been suggested by various elements of the IMS community. For each such requirement, issues associated with the requirement are identified and rationale for the requirement is discussed.

  2. Lewis Research Center space station electric power system test facilities

    NASA Technical Reports Server (NTRS)

    Birchenough, Arthur G.; Martin, Donald F.

    1988-01-01

    NASA Lewis Research Center facilities were developed to support testing of the Space Station Electric Power System. The capabilities and plans for these facilities are described. The three facilities which are required in the Phase C/D testing, the Power Systems Facility, the Space Power Facility, and the EPS Simulation Lab, are described in detail. The responsibilities of NASA Lewis and outside groups in conducting tests are also discussed.

  3. A protocol for secure communication in large distributed systems

    NASA Astrophysics Data System (ADS)

    Anderson, D. P.; Ferrari, D.; Rangan, P. V.; Sartirana, B.

    1987-01-01

    A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption/decryption can be done in hardware.

  4. The Power Systems Development Facility -- Current status

    SciTech Connect

    Pinkston, T.E.; Maxwell, J.D.; Leonard, R.F.; Vimalchand, P.

    1995-11-01

    Southern Company Services, Inc. (SCS) has entered into a cooperative agreement with the US Department of Energy (DOE) to build and operate the Power Systems Development Facility (PSDF), currently under construction in Wilsonville, Alabama, 40 miles southeast of Birmingham. The objectives of the PSDF are to develop advanced coal-fired power generation technologies through testing and evaluation of hot gas cleanup systems and other major components at the pilot scale. The performance of components will be assessed and demonstrated in an integrated mode of operation and at a component size readily scaleable to commercial systems. The facility will initially contain five modules: (1) a transport reactor gasifier and combustor, (2) an advanced pressurized fluidized-bed combustion (APFBC) system, (3) a particulate control module, (4) an advanced burner-gas turbine module, and (5) a fuel cell. The five modules will initially be configured into two separate test trains, the transport reactor train (2 tons/hour of coal feed) and the APFBC train (3 tons/hour of coal feed). In addition to a project description, the project design and construction status, preparations for operations, and project test plans are reported in this paper.

  5. Secure ADS-B authentication system and method

    NASA Technical Reports Server (NTRS)

    Viggiano, Marc J (Inventor); Valovage, Edward M (Inventor); Samuelson, Kenneth B (Inventor); Hall, Dana L (Inventor)

    2010-01-01

    A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

  6. Vitrification Facility integrated system performance testing report

    SciTech Connect

    Elliott, D.

    1997-05-01

    This report provides a summary of component and system performance testing associated with the Vitrification Facility (VF) following construction turnover. The VF at the West Valley Demonstration Project (WVDP) was designed to convert stored radioactive waste into a stable glass form for eventual disposal in a federal repository. Following an initial Functional and Checkout Testing of Systems (FACTS) Program and subsequent conversion of test stand equipment into the final VF, a testing program was executed to demonstrate successful performance of the components, subsystems, and systems that make up the vitrification process. Systems were started up and brought on line as construction was completed, until integrated system operation could be demonstrated to produce borosilicate glass using nonradioactive waste simulant. Integrated system testing and operation culminated with a successful Operational Readiness Review (ORR) and Department of Energy (DOE) approval to initiate vitrification of high-level waste (HLW) on June 19, 1996. Performance and integrated operational test runs conducted during the test program provided a means for critical examination, observation, and evaluation of the vitrification system. Test data taken for each Test Instruction Procedure (TIP) was used to evaluate component performance against system design and acceptance criteria, while test observations were used to correct, modify, or improve system operation. This process was critical in establishing operating conditions for the entire vitrification process.

  7. Thermionic system evaluated test (TSET) facility description

    NASA Astrophysics Data System (ADS)

    Fairchild, Jerry F.; Koonmen, James P.; Thome, Frank V.

    1992-01-01

    A consortium of US agencies are involved in the Thermionic System Evaluation Test (TSET) which is being supported by the Strategic Defense Initiative Organization (SDIO). The project is a ground test of an unfueled Soviet TOPAZ-II in-core thermionic space reactor powered by electrical heat. It is part of the United States' national thermionic space nuclear power program. It will be tested in Albuquerque, New Mexico at the New Mexico Engineering Research Institute complex by the Phillips Laboratoty, Sandia National Laboratories, Los Alamos National Laboratory, and the University of New Mexico. One of TSET's many objectives is to demonstrate that the US can operate and test a complete space nuclear power system, in the electrical heater configuration, at a low cost. Great efforts have been made to help reduce facility costs during the first phase of this project. These costs include structural, mechanical, and electrical modifications to the existing facility as well as the installation of additional emergency systems to mitigate the effects of utility power losses and alkali metal fires.

  8. Reliable, efficient systems for biomedical research facility

    SciTech Connect

    Basso, P.

    1997-05-01

    Medical Sciences Research Building III (MSRB III) is a 10-story, 207,000 ft{sup 2} (19,230 m{sup 2}) biomedical research facility on the campus of the University of Michigan. The design of MSRB III required a variety of technological solutions to complex design issues. The systems also had to accommodate future modifications. Closely integrated, modular systems with a high degree of flexibility were designed to respond to this requirement. Additionally, designs were kept as simple as possible for operation and maintenance personnel. Integrated electronic controls were used to provide vital data during troubleshooting and maintenance procedures. Equipment was also specified that provides reliability and minimizes maintenance. Other features include 100% redundancy of all central equipment servicing the animal housing area; redundant temperature controls for each individual animal housing room for fail-safe operation to protect the animals against overheating; and accessibility to all items requiring maintenance through an above-ceiling coordination process. It is critical that the engineering systems for MSRB III provide a safe, comfortable, energy efficient environment. The achievement of this design intent was noted by the University`s Commissioning Review Committee which stated: The Commissioning Process performed during both the design phase and construction phase of MSRB III was a significant success, providing an efficiently functioning facility that has been built in accordance with its design intent.

  9. Engineering Challenges for Closed Ecological System facilities

    NASA Astrophysics Data System (ADS)

    Dempster, William; Nelson, Mark; Allen, John P.

    2012-07-01

    Engineering challenges for closed ecological systems include methods of achieving closure for structures of different materials, and developing methods of allowing energy (for heating and cooling) and information transfer through the materially closed structure. Methods of calculating degree of closure include measuring degradation rates of inert trace gases introduced into the system. An allied problem is developing means of locating where leaks are located so that they may be repaired and degree of closure maintained. Once closure is achieved, methods of dealing with the pressure differentials between inside and outside are needed: from inflatable structures which might adjust to the pressure difference to variable volume chambers attached to the life systems component. These issues are illustrated through the engineering employed at Biosphere 2, the Biosphere 2 Test Module and the Laboratory Biosphere and a discussion of methods used by other closed ecological system facility engineers. Ecological challenges include being able to handle faster cycling rates and accentuated daily and seasonal fluxes of critical life elements such as carbon dioxide, oxygen, water, macro- and mico-nutrients. The problems of achieving sustainability in closed systems for life support include how to handle atmospheric dynamics including trace gases, producing a complete human diet and recycling nutrients and maintaining soil fertility, healthy air and water and preventing the loss of crucial elements from active circulation. In biospheric facilities the challenge is also to produce analogue to natural biomes and ecosystems, studying processes of self-organization and adaptation in systems that allow specification or determination of state variables and cycles which may be followed through all interactions from atmosphere to soils.

  10. Proposal of Secure VoIP System Using Attribute Certificate

    NASA Astrophysics Data System (ADS)

    Kim, Jin-Mook; Jeong, Young-Ae; Hong, Seong-Sik

    VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

  11. The National Criticality Experiments Research Center at the Device Assembly Facility, Nevada National Security Site: Status and Capabilities, Summary Report

    SciTech Connect

    S. Bragg-Sitton; J. Bess; J. Werner

    2011-09-01

    The National Criticality Experiments Research Center (NCERC) was officially opened on August 29, 2011. Located within the Device Assembly Facility (DAF) at the Nevada National Security Site (NNSS), the NCERC has become a consolidation facility within the United States for critical configuration testing, particularly those involving highly enriched uranium (HEU). The DAF is a Department of Energy (DOE) owned facility that is operated by the National Nuclear Security Agency/Nevada Site Office (NNSA/NSO). User laboratories include the Lawrence Livermore National Laboratory (LLNL) and Los Alamos National Laboratory (LANL). Personnel bring their home lab qualifications and procedures with them to the DAF, such that non-site specific training need not be repeated to conduct work at DAF. The NNSS Management and Operating contractor is National Security Technologies, LLC (NSTec) and the NNSS Safeguards and Security contractor is Wackenhut Services. The complete report provides an overview and status of the available laboratories and test bays at NCERC, available test materials and test support configurations, and test requirements and limitations for performing sub-critical and critical tests. The current summary provides a brief summary of the facility status and the method by which experiments may be introduced to NCERC.

  12. REPORT ON THE HOMELAND SECURITY WORKSHOP ON TRANSPORT AND DISPOSAL OF WASTES FROM FACILITIES CONTAMINATED WITH CHEMICAL AND BIOLOGICAL AGENTS

    EPA Science Inventory

    This report summarizes discussions from the "Homeland Security Workshop on Transport and Disposal of Wastes From Facilities Contaminated With Chemical or Biological Agents." The workshop was held on May 28-30, 2003, in Cincinnati, Ohio, and its objectives were to:

    .Documen...

  13. Communication Security for Control Systems in Smart Grid

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    As an example of Control System, Supervisory Control and Data Acquisition systems can be relatively simple, such as one that monitors environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system. SCADA systems are basically Process Control Systems, designed to automate systems such as traffic control, power grid management, waste processing etc. Connecting SCADA to the Internet can provide a lot of advantages in terms of control, data viewing and generation. SCADA infrastructures like electricity can also be a part of a Smart Grid. Connecting SCADA to a public network can bring a lot of security issues. To answer the security issues, a SCADA communication security solution is proposed.

  14. AIDS and international security in the United Nations System.

    PubMed

    Rushton, Simon

    2010-11-01

    Two assumptions underpin much of the literature that has examined the links between HIV/AIDS and security: (1) that HIV/AIDS is now firmly established as an international security issue; and (2) that Resolution 1308, adopted by the UN Security Council in July 2000, was the decisive moment in the securitization process. This article questions both of those assumptions. It argues that even within the Security Council, HIV/AIDS' status as a bona fide threat to international peace and security is not entirely secure. Despite the fact that the Resolution was adopted unanimously, there is considerable doubt over the extent to which the Council members were persuaded that HIV/AIDS is genuinely a threat to international peace and security. Furthermore, the Council's subsequent actions suggest a retreat from the issue. The article moves on to examine statements made in and by some of the other key UN System bodies grappling with HIV/AIDS. Focusing in particular on the General Assembly, the Economic and Social Council and UNAIDS, it is argued that the international security framing of HIV/AIDS has not generally achieved a great deal of traction within these bodies. Alternative framings, in particular international development and human rights, occur far more frequently. This raises issues for our understanding of both securitization theory and the global governance of HIV/AIDS. PMID:20961950

  15. Pressurized security barrier and alarm system

    DOEpatents

    Carver, D.W.

    1995-04-11

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed. 7 figures.

  16. Pressurized security barrier and alarm system

    DOEpatents

    Carver, Don W.

    1995-01-01

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder's making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

  17. Marine asset security and tracking (MAST) system

    DOEpatents

    Hanson, Gregory Richard; Smith, Stephen Fulton; Moore, Michael Roy; Dobson, Eric Lesley; Blair, Jeffrey Scott; Duncan, Christopher Allen; Lenarduzzi, Roberto

    2008-07-01

    Methods and apparatus are described for marine asset security and tracking (MAST). A method includes transmitting identification data, location data and environmental state sensor data from a radio frequency tag. An apparatus includes a radio frequency tag that transmits identification data, location data and environmental state sensor data. Another method includes transmitting identification data and location data from a radio frequency tag using hybrid spread-spectrum modulation. Another apparatus includes a radio frequency tag that transmits both identification data and location data using hybrid spread-spectrum modulation.

  18. A Review of the Security of Insulin Pump Infusion Systems

    SciTech Connect

    Klonoff, David C.; Paul, Nathanael R; Kohno, Tadayoshi

    2011-01-01

    Insulin therapy has enabled diabetic patients to maintain blood glucose control to lead healthier lives. Today, rather than manually injecting insulin using syringes, a patient can use a device, such as an insulin pump, to programmatically deliver insulin. This allows for more granular insulin delivery while attaining blood glucose control. The insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this paper we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components including the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but we also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues both for now and in the future.

  19. Controls system developments for the ERL facility

    SciTech Connect

    Jamilkowski, J.; Altinbas, Z.; Gassner, D.; Hoff, L.; Kankiya, P.; Kayran, D.; Miller, T.; Olsen, R.; Sheehy, B.; Xu, W.

    2011-10-07

    The BNL Energy Recovery LINAC (ERL) is a high beam current, superconducting RF electron accelerator that is being commissioned to serve as a research and development prototype for a RHIC facility upgrade for electron-ion collision (eRHIC). Key components of the machine include a laser, photocathode, and 5-cell superconducting RF cavity operating at a frequency of 703 MHz. Starting with a foundation based on existing ADO software running on Linux servers and on the VME/VxWorks platforms developed for RHIC, we are developing a controls system that incorporates a wide range of hardware I/O interfaces that are needed for machine R&D. Details of the system layout, specifications, and user interfaces are provided.

  20. Key ecological challenges for closed systems facilities

    NASA Astrophysics Data System (ADS)

    Nelson, Mark; Dempster, William F.; Allen, John P.

    2013-07-01

    Closed ecological systems are desirable for a number of purposes. In space life support systems, material closure allows precious life-supporting resources to be kept inside and recycled. Closure in small biospheric systems facilitates detailed measurement of global ecological processes and biogeochemical cycles. Closed testbeds facilitate research topics which require isolation from the outside (e.g. genetically modified organisms; radioisotopes) so their ecological interactions and fluxes can be studied separate from interactions with the outside environment. But to achieve and maintain closure entails solving complex ecological challenges. These challenges include being able to handle faster cycling rates and accentuated daily and seasonal fluxes of critical life elements such as carbon dioxide, oxygen, water, macro- and mico-nutrients. The problems of achieving sustainability in closed systems for life support include how to handle atmospheric dynamics including trace gases, producing a complete human diet, recycling nutrients and maintaining soil fertility, the maintenance of healthy air and water and preventing the loss of critical elements from active circulation. In biospheric facilities, the challenge is also to produce analogues to natural biomes and ecosystems, studying processes of self-organization and adaptation in systems that allow specification or determination of state variables and cycles which may be followed through all interactions from atmosphere to soils. Other challenges include the dynamics and genetics of small populations, the psychological challenges for small isolated human groups and backup technologies and strategic options which may be necessary to ensure long-term operation of closed ecological systems.

  1. An information management system for a spent nuclear fuel interim storage facility.

    SciTech Connect

    Finch, Robert J.; Chiu, Hsien-Lang; Giles, Todd; Horak, Karl Emanuel; Jow, Hong-Nian

    2010-12-01

    We describe an integrated information management system for an independent spent fuel dry-storage installation (ISFSI) that can provide for (1) secure and authenticated data collection, (2) data analysis, (3) dissemination of information to appropriate stakeholders via a secure network, and (4) increased public confidence and support of the facility licensing and operation through increased transparency. This information management system is part of a collaborative project between Sandia National Laboratories, Taiwan Power Co., and the Fuel Cycle Materials Administration of Taiwan's Atomic Energy Council, which is investigating how to implement this concept.

  2. New technology for food systems and security.

    PubMed

    Yau, N J Newton

    2009-01-01

    In addition to product trade, technology trade has become one of the alternatives for globalization action around the world. Although not all technologies employed on the technology trade platform are innovative technologies, the data base of international technology trade still is a good indicator for observing innovative technologies around world. The technology trade data base from Sinew Consulting Group (SCG) Ltd. was employed as an example to lead the discussion on security or safety issues that may be caused by these innovative technologies. More technologies related to processing, functional ingredients and quality control technology of food were found in the data base of international technology trade platform. The review was conducted by categorizing technologies into the following subcategories in terms of safety and security issues: (1) agricultural materials/ingredients, (2) processing/engineering, (3) additives, (4) packaging/logistics, (5) functional ingredients, (6) miscellaneous (include detection technology). The author discusses examples listed for each subcategory, including GMO technology, nanotechnology, Chinese medicine based functional ingredients, as well as several innovative technologies. Currently, generation of innovative technology advance at a greater pace due to cross-area research and development activities. At the same time, more attention needs to be placed on the employment of these innovative technologies. PMID:19965346

  3. Air support facilities. [interface between air and surface transportation systems

    NASA Technical Reports Server (NTRS)

    1975-01-01

    Airports are discussed in terms of the interface between the ground and air for transportation systems. The classification systems, design, facilities, administration, and operations of airports are described.

  4. 40 CFR 160.45 - Test system supply facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 40 Protection of Environment 24 2011-07-01 2011-07-01 false Test system supply facilities. 160.45 Section 160.45 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) PESTICIDE PROGRAMS GOOD LABORATORY PRACTICE STANDARDS Facilities § 160.45 Test system supply facilities. (a) There shall be storage areas, as needed, for...

  5. 40 CFR 792.45 - Test system supply facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 40 Protection of Environment 32 2011-07-01 2011-07-01 false Test system supply facilities. 792.45 Section 792.45 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT (CONTINUED) GOOD LABORATORY PRACTICE STANDARDS Facilities § 792.45 Test system supply facilities. (a) There shall be storage areas,...

  6. 40 CFR 792.45 - Test system supply facilities.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 40 Protection of Environment 33 2012-07-01 2012-07-01 false Test system supply facilities. 792.45 Section 792.45 Protection of Environment ENVIRONMENTAL PROTECTION AGENCY (CONTINUED) TOXIC SUBSTANCES CONTROL ACT (CONTINUED) GOOD LABORATORY PRACTICE STANDARDS Facilities § 792.45 Test system supply facilities. (a) There shall be storage areas,...

  7. System simulation and verification facility (SSVF)

    NASA Astrophysics Data System (ADS)

    Irvine, M. M.; Bégin, M.-E.; Eickhoff, J.; de Kruyf, J.

    2002-07-01

    Systems engineering tools can be used in conjunction with concurrent engineering techniques to significantly reduce the cost, schedule and risk of space mission design, development and operation. This paper describes the System Simulation and Verification Facility (SSVF) project performed by the VEGA Group PLC and ASTRIUM GmbH (formerly Dornier Satellitesysteme GmbH) for the European Space Agency's European Space Technology Centre (ESTEC). The SSVF concept integrates a high fidelity hard real-time simulator, a checkout system and control system and a common mission information-base. These components are highly configurable to enable them to support different parts of the mission lifecycle. An SSVF simulator incorporates environment, dynamics and equipment models, and interfaces to hardware, onboard software algorithms, the onboard software itself and onboard processors. SSVF is able to support what-if analyses during design and development activities, and allows the overall system hardware and software design to be validated much earlier in the mission development lifecycle than is currently the case. SSVF also supports hybrid simulations: part software models and part real hardware (breadboard, engineering or flight models). As they become available, these can be tested and validated in a high-fidelity simulated environment. The SSVF project has been performed in two phases.

  8. Security of healthcare information systems based on the CORBA middleware.

    PubMed

    Blobel, B; Holena, M

    1997-01-01

    The development of healthcare systems in accordance to the "Shared Care" paradigm results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems demand a high level of data protection and data security, both with respect to patient information and with respect to users. The security concepts and measures available and additionally needed in health information systems based on CORBA architecture are described in this paper. The proposed security solution is also open to other middleware approaches, such as DHE or HL7. PMID:10179515

  9. Securely and Flexibly Sharing a Biomedical Data Management System

    PubMed Central

    Wang, Fusheng; Hussels, Phillip; Liu, Peiya

    2011-01-01

    Biomedical database systems need not only to address the issues of managing complex data, but also to provide data security and access control to the system. These include not only system level security, but also instance level access control such as access of documents, schemas, or aggregation of information. The latter is becoming more important as multiple users can share a single scientific data management system to conduct their research, while data have to be protected before they are published or IP-protected. This problem is challenging as users’ needs for data security vary dramatically from one application to another, in terms of who to share with, what resources to be shared, and at what access level. We develop a comprehensive data access framework for a biomedical data management system SciPort. SciPort provides fine-grained multi-level space based access control of resources at not only object level (documents and schemas), but also space level (resources set aggregated in a hierarchy way). Furthermore, to simplify the management of users and privileges, customizable role-based user model is developed. The access control is implemented efficiently by integrating access privileges into the backend XML database, thus efficient queries are supported. The secure access approach we take makes it possible for multiple users to share the same biomedical data management system with flexible access management and high data security. PMID:21625285

  10. Improving Security in the ATLAS PanDA System

    NASA Astrophysics Data System (ADS)

    Caballero, J.; Maeno, T.; Nilsson, P.; Stewart, G.; Potekhin, M.; Wenaus, T.

    2011-12-01

    The security challenges faced by users of the grid are considerably different to those faced in previous environments. The adoption of pilot jobs systems by LHC experiments has mitigated many of the problems associated with the inhomogeneities found on the grid and has greatly improved job reliability; however, pilot jobs systems themselves must then address many security issues, including the execution of multiple users' code under a common 'grid' identity. In this paper we describe the improvements and evolution of the security model in the ATLAS PanDA (Production and Distributed Analysis) system. We describe the security in the PanDA server which is in place to ensure that only authorized members of the VO are allowed to submit work into the system and that jobs are properly audited and monitored. We discuss the security in place between the pilot code itself and the PanDA server, ensuring that only properly authenticated workload is delivered to the pilot for execution. When the code to be executed is from a 'normal' ATLAS user, as opposed to the production system or other privileged actor, then the pilot may use an EGEE developed identity switching tool called gLExec. This changes the grid proxy available to the job and also switches the UNIX user identity to protect the privileges of the pilot code proxy. We describe the problems in using this system and how they are overcome. Finally, we discuss security drills which have been run using PanDA and show how these improved our operational security procedures.

  11. Pilot Implementation and Preliminary Evaluation of START:AV Assessments in Secure Juvenile Correctional Facilities.

    PubMed

    Desmarais, Sarah L; Sellers, Brian G; Viljoen, Jodi L; Cruise, Keith R; Nicholls, Tonia L; Dvoskin, Joel A

    2012-01-01

    The Short-Term Assessment of Risk and Treatability: Adolescent Version (START:AV) is a new structured professional judgment guide for assessing short-term risks in adolescents. The scheme may be distinguished from other youth risk assessment and treatment planning instruments by its inclusion of 23 dynamic factors that are each rated for both vulnerability and strength. In addition, START:AV is also unique in that it focuses on multiple adverse outcomes-namely, violence, self-harm, suicide, unauthorized leave, substance abuse, self-neglect, victimization, and general offending-over the short-term (i.e., weeks to months) rather than long-term (i.e., years). This paper describes a pilot implementation and preliminary evaluation of START:AV in three secure juvenile correctional facilities in the southern United States. Specifically, we examined the descriptive characteristics and psychometric properties of START:AV assessments completed by 21 case managers on 291 adolescent offenders (250 boys and 41 girls) at the time of admission. Results provide preliminary support for the feasibility of completing START:AV assessments as part of routine practice. Findings also highlight differences in the characteristics of START:AV assessments for boys and girls and differential associations between the eight START:AV risk domains. Though results are promising, further research is needed to establish the reliability and validity of START:AV assessments completed in the field. PMID:23316116

  12. Security framework for networked storage system based on artificial immune system

    NASA Astrophysics Data System (ADS)

    Huang, Jianzhong; Xie, Changsheng; Zhang, Chengfeng; Zhan, Ling

    2007-11-01

    This paper proposed a theoretical framework for the networked storage system addressing the storage security. The immune system is an adaptive learning system, which can recognize, classify and eliminate 'non-self' such as foreign pathogens. Thus, we introduced the artificial immune technique to the storage security research, and proposed a full theoretical framework for storage security system. Under this framework, it is possible to carry out the quantitative evaluation for the storage security system using modeling language of artificial immune system (AIS), and the evaluation can offer security consideration for the deployment of networked storage system. Meanwhile, it is potential to obtain the active defense technique suitable for networked storage system via exploring the principle of AIS and achieve a highly secure storage system with immune characteristic.

  13. System overview of the NASA Dryden Integrated Test Facility

    NASA Technical Reports Server (NTRS)

    Binkley, Robert L.; Mackall, Dale

    1992-01-01

    The Integrated Test Facility, built at the NASA Dryden Flight Research Facility, provides new real-time test capabilities for emerging research aircraft. An overview of the test facility and the real-time systems developed to operate this unique facility is presented. The facility will reduce flight test risk by minimizing the difference between the flight and ground test environments. This ground test environment is provided by combining real-time flight simulation with the actual aircraft. A brief introduction to the facility is followed by a discussion of the generic capabilities of its real-time systems. The simulation system with flight hardware and the remotely augmented vehicle system is described. An overview of many hardware systems developed for the facility follows. The benefits of applying simulation to hardware-in-the-loop testing on the X-31 Flight Research Program are presented.

  14. New security infrastructure model for distributed computing systems

    NASA Astrophysics Data System (ADS)

    Dubenskaya, J.; Kryukov, A.; Demichev, A.; Prikhodko, N.

    2016-02-01

    At the paper we propose a new approach to setting up a user-friendly and yet secure authentication and authorization procedure in a distributed computing system. The security concept of the most heterogeneous distributed computing systems is based on the public key infrastructure along with proxy certificates which are used for rights delegation. In practice a contradiction between the limited lifetime of the proxy certificates and the unpredictable time of the request processing is a big issue for the end users of the system. We propose to use unlimited in time hashes which are individual for each request instead of proxy certificate. Our approach allows to avoid using of the proxy certificates. Thus the security infrastructure of distributed computing system becomes easier for development, support and use.

  15. A Multifactor Secure Authentication System for Wireless Payment

    NASA Astrophysics Data System (ADS)

    Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

    Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

  16. Secure portal.

    SciTech Connect

    Nelson, Cynthia Lee

    2007-09-01

    There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allow special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal

  17. Using Multiple Unmanned Systems for a Site Security Task

    SciTech Connect

    Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

    2009-04-01

    Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

  18. Facilities management system (FMS). Final report

    SciTech Connect

    1992-04-01

    This report provides a detailed, final status of Andersen Consulting`s participation in the Facilities Management System (FMS) implementation project under contract with Los Alamos National Laboratory (LANL) and offers suggestions for continued FMS improvements. The report presents the following topics of discussion: (1) summary and status of work (2) recommendations for continued success (3) contract deliverables and client satisfaction. The Summary and Status of Work section presents a detailed, final status of the FMS project at the termination of Andersen`s full-time participation. This section discusses the status of each FMS sub-system and of the Andersen major project deliverables. The Recommendations section offers suggestions for continued FMS success. The topics discussed include recommendations for each of the following areas: (1) End User and Business Operations; (2) AISD; Development and Computer Operations; (3) Software; (4) Technical Platform; and (5) Control Procedures The Contract Deliverables and Client Satisfaction section discusses feedback received from Johnson Controls management and FMS system users. The report also addresses Andersen`s observations from the feedback.

  19. OpenID connect as a security service in Cloud-based diagnostic imaging systems

    NASA Astrophysics Data System (ADS)

    Ma, Weina; Sartipi, Kamran; Sharghi, Hassan; Koff, David; Bak, Peter

    2015-03-01

    The evolution of cloud computing is driving the next generation of diagnostic imaging (DI) systems. Cloud-based DI systems are able to deliver better services to patients without constraining to their own physical facilities. However, privacy and security concerns have been consistently regarded as the major obstacle for adoption of cloud computing by healthcare domains. Furthermore, traditional computing models and interfaces employed by DI systems are not ready for accessing diagnostic images through mobile devices. RESTful is an ideal technology for provisioning both mobile services and cloud computing. OpenID Connect, combining OpenID and OAuth together, is an emerging REST-based federated identity solution. It is one of the most perspective open standards to potentially become the de-facto standard for securing cloud computing and mobile applications, which has ever been regarded as "Kerberos of Cloud". We introduce OpenID Connect as an identity and authentication service in cloud-based DI systems and propose enhancements that allow for incorporating this technology within distributed enterprise environment. The objective of this study is to offer solutions for secure radiology image sharing among DI-r (Diagnostic Imaging Repository) and heterogeneous PACS (Picture Archiving and Communication Systems) as well as mobile clients in the cloud ecosystem. Through using OpenID Connect as an open-source identity and authentication service, deploying DI-r and PACS to private or community clouds should obtain equivalent security level to traditional computing model.

  20. SecureCPS: Defending a nanosatellite cyber-physical system

    NASA Astrophysics Data System (ADS)

    Forbes, Lance; Vu, Huy; Udrea, Bogdan; Hagar, Hamilton; Koutsoukos, Xenofon D.; Yampolskiy, Mark

    2014-06-01

    Recent inexpensive nanosatellite designs employ maneuvering thrusters, much as large satellites have done for decades. However, because a maneuvering nanosatellite can threaten HVAs on-­orbit, it must provide a level of security typically reserved for HVAs. Securing nanosatellites with maneuvering capability is challenging due to extreme cost, size, and power constraints. While still in the design process, our low-­cost SecureCPS architecture promises to dramatically improve security, to include preempting unknown binaries and detecting abnormal behavior. SecureCPS also applies to a broad class of cyber-­physical systems (CPS), such as aircraft, cars, and trains. This paper focuses on Embry-­Riddle's ARAPAIMA nanosatellite architecture, where we assume any off-­the-­shelf component could be compromised by a supply chain attack.1 Based on these assumptions, we have used Vanderbilt's Cyber Physical -­ Attack Description Language (CP-­ADL) to represent realistic attacks, analyze how these attacks propagate in the ARAPAIMA architecture, and how to defeat them using the combination of a low-­cost Root of Trust (RoT) Module, Global InfoTek's Advanced Malware Analysis System (GAMAS), and Anomaly Detection by Machine Learning (ADML).2 Our most recent efforts focus on refining and validating the design of SecureCPS.

  1. IT Security Support for Spaceport Command and Control System

    NASA Technical Reports Server (NTRS)

    McLain, Jeffrey

    2013-01-01

    During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

  2. How a system backfires: dynamics of redundancy problems in security.

    PubMed

    Ghaffarzadegan, Navid

    2008-12-01

    Increasing attention is being paid to reliability, safety, and security issues in social systems. Scott Sagan examined why more security forces (a redundancy solution) may lead to less security. He discussed how such a solution can backfire due to three major issues (i.e., "common-mode error,"social shirking," and "overcompensation"). In this article, using Sagan's hypotheses, we simulate and analyze a simple and generic security system as more guards are added to the system. Simulation results support two of Sagan's hypotheses. More specifically, the results show that "common-mode error" causes the system to backfire, and "social shirking" leads to an inefficient system while exacerbating the common-mode error's effect. Simulation results show that "overcompensation" has no effect of backfiring, but it leads the system to a critical state in which it can easily be affected by the common-mode error. Furthermore, the simulation results make us question the importance of the initial power of adversaries (e.g., terrorists) as the results show that, for any exogenous level of adversary power, the system endogenously overcompensates to a level that makes the system more susceptible to being attacked. PMID:18826416

  3. Cost-Effective School Alarm Systems. Security Topics Series.

    ERIC Educational Resources Information Center

    Kaufer, Steve

    This document outlines considerations in the selection of a cost-effective school-alarm system. Steps in the planning process include: conducting a district needs assessment; gathering input from all staff levels; consulting technical expertise; and selecting a security system that can be integrated with other site needs. It further describes the…

  4. Security of Personal Computer Systems: A Management Guide.

    ERIC Educational Resources Information Center

    Steinauer, Dennis D.

    This report describes management and technical security considerations associated with the use of personal computer systems as well as other microprocessor-based systems designed for use in a general office environment. Its primary objective is to identify and discuss several areas of potential vulnerability and associated protective measures. The…

  5. IT Security Support for the Spaceport Command Control System Development

    NASA Technical Reports Server (NTRS)

    Varise, Brian

    2014-01-01

    My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

  6. Safeguards and security considerations for a modular treatment system for plutonium residue stabilization

    SciTech Connect

    Wilkey, D.D.; Zack, N.R.; Zygmunt, S.J. Jr.

    1998-12-31

    Five sites in the Department of Energy (DOE) nuclear complex have significant amounts of plutonium residues. The DOE has begun programs for stabilization of these materials, but the existing facilities, infrastructure, and technical capacity are inadequate for the task. Additionally, sufficient funding is not available to enable all the facilities to meet current standards that are required for the facilities to be able to treat the residues. At the request of the DOE Office of Environmental Management, a team was assembled to study the feasibility of using modular systems to stabilize plutonium-bearing residues. This feasibility team prepared a basis document using typical residue profiles and fact sheets that documented treatment activities and operational programs that were required. From this basis document, a design team prepared a preconceptual design and a cost and schedule estimate for a stand-alone modular system to treat the residues. The modular treatment system was designed to be broken into functional units (modules) that are individually packaged and portable. These modules were designed to consider all operational phases including safeguards and security. This discussion will present the safeguards and security considerations and techniques that were identified for the modular treatment system.

  7. Integrated homeland security system with passive thermal imaging and advanced video analytics

    NASA Astrophysics Data System (ADS)

    Francisco, Glen; Tillman, Jennifer; Hanna, Keith; Heubusch, Jeff; Ayers, Robert

    2007-04-01

    A complete detection, management, and control security system is absolutely essential to preempting criminal and terrorist assaults on key assets and critical infrastructure. According to Tom Ridge, former Secretary of the US Department of Homeland Security, "Voluntary efforts alone are not sufficient to provide the level of assurance Americans deserve and they must take steps to improve security." Further, it is expected that Congress will mandate private sector investment of over $20 billion in infrastructure protection between 2007 and 2015, which is incremental to funds currently being allocated to key sites by the department of Homeland Security. Nearly 500,000 individual sites have been identified by the US Department of Homeland Security as critical infrastructure sites that would suffer severe and extensive damage if a security breach should occur. In fact, one major breach in any of 7,000 critical infrastructure facilities threatens more than 10,000 people. And one major breach in any of 123 facilities-identified as "most critical" among the 500,000-threatens more than 1,000,000 people. Current visible, nightvision or near infrared imaging technology alone has limited foul-weather viewing capability, poor nighttime performance, and limited nighttime range. And many systems today yield excessive false alarms, are managed by fatigued operators, are unable to manage the voluminous data captured, or lack the ability to pinpoint where an intrusion occurred. In our 2006 paper, "Critical Infrastructure Security Confidence Through Automated Thermal Imaging", we showed how a highly effective security solution can be developed by integrating what are now available "next-generation technologies" which include: Thermal imaging for the highly effective detection of intruders in the dark of night and in challenging weather conditions at the sensor imaging level - we refer to this as the passive thermal sensor level detection building block Automated software detection

  8. DOE LeRC photovoltaic systems test facility

    NASA Technical Reports Server (NTRS)

    Cull, R. C.; Forestieri, A. F.

    1978-01-01

    The facility was designed and built and is being operated as a national facility to serve the needs of the entire DOE National Photovoltaic Program. The object of the facility is to provide a place where photovoltaic systems may be assembled and electrically configured, without specific physical configuration, for operation and testing to evaluate their performance and characteristics. The facility as a breadboard system allows investigation of operational characteristics and checkout of components, subsystems and systems before they are mounted in field experiments or demonstrations. The facility as currently configured consist of 10 kW of solar arrays built from modules, two inverter test stations, a battery storage system, interface with local load and the utility grid, and instrumentation and control necessary to make a flexible operating facility. Expansion to 30 kW is planned for 1978. Test results and operating experience are summaried to show the variety of work that can be done with this facility.

  9. Verification of Security Policy Enforcement in Enterprise Systems

    NASA Astrophysics Data System (ADS)

    Gupta, Puneet; Stoller, Scott D.

    Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request’s path through the system; and its enforcement point and enforcement mechanism may be unspecified. Enforcement of a high-level policy may depend on the system architecture and the configurations of a variety of security mechanisms, such as firewalls, host login permissions, file permissions, DBMS access control, and application-specific security mechanisms. This paper presents a framework in which all of these can be conveniently and formally expressed, a method to verify that a high-level policy is enforced, and an algorithm to determine a trusted computing base for each resource.

  10. Health maintenance facility system effectiveness testing

    NASA Technical Reports Server (NTRS)

    Lloyd, Charles W.; Gosbee, John; Bueker, Richard; Kupra, Debra; Ruta, Mary

    1993-01-01

    The Medical Simulations Working Group conducted a series of medical simulations to evaluate the proposed Health Maintenance Facility (HMF) Preliminary Design Review (PDR) configuration. The goal of these simulations was to test the system effectiveness of the HMF PDR configurations. The objectives of the medical simulations are to (1) ensure fulfillment of requirements with this HMF design, (2) demonstrate the conformance of the system to human engineering design criteria, and (3) determine whether undesirable design or procedural features were introduced into the design. The simulations consisted of performing 6 different medical scenarios with the HMF mockup in the KRUG laboratory. The scenarios included representative medical procedures and used a broad spectrum of HMF equipment and supplies. Scripts were written and simulations performed by medical simulations working group members under observation from others. Data were collected by means of questionnaires, debriefings, and videotapes. Results were extracted and listed in the individual reports. Specific issues and recommendations from each simulation were compiled into the individual reports. General issues regarding the PDR design of the HMF are outlined in the summary report.

  11. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    SciTech Connect

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  12. Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS).

    SciTech Connect

    Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

    2008-08-01

    The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework.

  13. Training programs for the systems approach to nuclear security.

    SciTech Connect

    Ellis, Doris E.

    2005-07-01

    In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

  14. Integrating security in a group oriented distributed system

    NASA Technical Reports Server (NTRS)

    Reiter, Michael; Birman, Kenneth; Gong, LI

    1992-01-01

    A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

  15. Process Control System Cyber Security Standards - An Overview

    SciTech Connect

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  16. 75 FR 64389 - Proposed Recommendation to the Social Security Administration for Occupational Information System...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-10-19

    ... From the Federal Register Online via the Government Publishing Office ] SOCIAL SECURITY ADMINISTRATION Proposed Recommendation to the Social Security Administration for Occupational Information System (OIS) Development Planning; Request for Comment AGENCY: Social Security Administration. ACTION:...

  17. State Regulatory Authority (SRA) Coordination of Safety, Security, and Safeguards of Nuclear Facilities: A Framework for Analysis

    SciTech Connect

    Mladineo, Stephen V.; Frazar, Sarah L.; Kurzrok, Andrew J.; Martikka, Elina; Hack, Tapani; Wiander, Timo

    2013-05-30

    This paper will explore the development of a framework for conducting an assessment of safety-security-safeguards integration within a State. The goal is to examine State regulatory structures to identify conflicts and gaps that hinder management of the three disciplines at nuclear facilities. Such an analysis could be performed by a State Regulatory Authority (SRA) to provide a self-assessment or as part of technical cooperation with either a newcomer State, or to a State with a fully developed SRA.

  18. Facilities and capabilities catalog for landing and escape systems

    NASA Technical Reports Server (NTRS)

    Meyerson, Robert E. (Editor)

    1992-01-01

    This catalog serves as a single source reference for designers of landing and escape systems for spacecraft, aircraft, weapons, and airdrop system. It includes those facilities which may be required by a system designer in planning a development test program for many applications. The primary objective of this catalog is to provide a means for identifying critical facilities with the U.S. which can be used for the development of landing and escape systems. A secondary objective is to provide a useful tool to the system designer for picking and choosing facilities and capabilities. The six chapters in this volume include wind tunnels, drop zones, test aircraft, fabrication facilities, design tools, and other miscellaneous facilities. A different data sheet format is used for each of the chapters which provides information on performance, location, special capabilities, and a local point of contact. All inputs were solicited from the individual facilities and have not been independently verified for accuracy.

  19. Derived virtual devices: a secure distributed file system mechanism

    NASA Technical Reports Server (NTRS)

    VanMeter, Rodney; Hotz, Steve; Finn, Gregory

    1996-01-01

    This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

  20. Towards one PC for systems with different security levels

    NASA Astrophysics Data System (ADS)

    Kleidermacher, David N.; Zimmer, Joerg

    Companies and organisations caring about the protection of critical data or critical systems have long struggled with the burden of maintaining separate computers. Commercial grade operating systems and virtualization solutions such as Windows, Linux, and VMware are unsuitable for security assurance to the high levels required for this kind of application sharing on a single PC platform. Custom solutions have failed to gain acceptance as cost containment pressures favour commercial, off-the-shelf (COTS) platforms. In addition, common PC hardware has had serious security limitations that prevent even a high assurance software solution from achieving the required domain separation. The hope for a truly high assurance, multi-level secure PC is coming closer to reality by virtue of recent innovations, both in software and hardware.

  1. A Layered Decision Model for Cost-Effective System Security

    SciTech Connect

    Wei, Huaqiang; Alves-Foss, James; Soule, Terry; Pforsich, Hugh; Zhang, Du; Frincke, Deborah A.

    2008-10-01

    System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use in deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.

  2. The Study on Flood Reduction and Securing Instreamflow by applying Decentralized Rainwater Retention Facilities for Chunggyechun in Seoul of Korea

    NASA Astrophysics Data System (ADS)

    Park, J. H.; Jun, S. M.; Park, C. G.

    2014-12-01

    Recently abnormal climate phenomena and urbanization recently causes the changes of the hydrological environment. To restore the hydrological cycle in urban area some fundamental solutions such as decentralized rainwater management system and Low Impact Development (LID) techniques may be choosed. In this study, SWMM 5 was used to analyze the effects of decentralized stormwater retention for preventing the urban flood and securing the instreamflow. The Chunggyechun stream watershed(21.29㎢) which is located in Seoul city(Korea) and fully developed as urban area was selected as the study watershed, and the runoff characteristics of urban stream with various methods of LID techniques (Permeable pavement, small rainwater storage tank, large rainwater storage tank) were analyzed. By the simulation results, the permeability of pavement materials and detention storage at the surface soil layer make high effect to the flood discharge, and the initial rainfall retention at the rainwater storage tank effected to reduce the flood peak. The peak discharge was decreased as 22% for the design precipitation. Moreover the instreamflow was increased as 55% by using adequate LID techniques These kind of data could be used as the basis data for designing urban flood prevention facilities, urban regeneration planning in the view of the integrated watershed management.

  3. 33 CFR 106.265 - Security measures for restricted areas.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.265 Security measures for restricted areas. (a)...

  4. 33 CFR 106.265 - Security measures for restricted areas.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.265 Security measures for restricted areas. (a)...

  5. 33 CFR 106.265 - Security measures for restricted areas.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.265 Security measures for restricted areas. (a)...

  6. 33 CFR 106.265 - Security measures for restricted areas.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.265 Security measures for restricted areas. (a)...

  7. 33 CFR 106.265 - Security measures for restricted areas.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.265 Security measures for restricted areas. (a)...

  8. REPOSITORY SURFACE FACILITIES PRIMARY SYSTEM CRANE DATA

    SciTech Connect

    K. Schwartztrauber

    2005-03-14

    The purpose of this calculation is to compile crane design data for the mechanical primary structures, systems, and components (SSCs) required for the repository Waste Handling Building (WHB) and Carrier Preparation Building (CPB). The work presented in this document has been prepared in accordance with Office of Civilian Radioactive Waste Management approved program document AP-3.12Q, Calculations. This calculation has been developed to supplement information previously prepared using the development plan for ''WHB/WTB Space Program Analysis for Site Recommendation'' (Reference 5), which concentrates on the primary, primary support, facility support, and miscellaneous building support areas located in the WHB and Waste Treatment Building (WTB). The development plan was completed in accordance with AP-2.13Q, ''Technical Product Development Planning''. The work in this calculation is a continuance of the work described in the previous development plan; therefore, in accordance with AP-2.21Q, ''Quality Determinations and Planning for Scientific, Engineering, and Regulatory Compliance Activities'', a new Technical Work Plan is not required.

  9. Container Security - part of the CORE system

    Energy Science and Technology Software Center (ESTSC)

    2009-10-02

    A data integration system to support the US Customs and Border Protection Officers to supervise and make decisions for container inspections. CORE is designed to act as a framework to bridge the gaps between disparate data integration and delivery of disparate information visualization.

  10. neu-VISION: an explosives detection system for transportation security

    NASA Astrophysics Data System (ADS)

    Warman, Kieffer; Penn, David

    2008-04-01

    Terrorists were targeting commercial airliners long before the 9/11 attacks on the World Trade Center and the Pentagon. Despite heightened security measures, commercial airliners remain an attractive target for terrorists, as evidenced by the August 2006 terrorist plot to destroy as many as ten aircraft in mid-flight from the United Kingdom to the United States. As a response to the security threat air carriers are now required to screen 100-percent of all checked baggage for explosives. The scale of this task is enormous and the Transportation Security Administration has deployed thousands of detection systems. Although this has resulted in improved security, the performance of the installed systems is not ideal. Further improvements are needed and can only be made with new technologies that ensure a flexible Concept of Operations and provide superior detection along with low false alarm rates and excellent dependability. To address security needs Applied Signal Technology, Inc. is developing an innovative and practical solution to meet the performance demands of aviation security. The neu-VISION TM system is expected to provide explosives detection performance for checked baggage that both complements and surpasses currently deployed performance. The neu-VISION TM system leverages a 5 year R&D program developing the Associated Particle Imaging (API) technique; a neutron based non-intrusive material identification and imaging technique. The superior performance afforded by this neutron interrogation technique delivers false alarm rates much lower than deployed technologies and "sees through" dense, heavy materials. Small quantities of explosive material are identified even in the cluttered environments.

  11. Emerging Security Mechanisms for Medical Cyber Physical Systems.

    PubMed

    Kocabas, Ovunc; Soyata, Tolga; Aktas, Mehmet K

    2016-01-01

    The following decade will witness a surge in remote health-monitoring systems that are based on body-worn monitoring devices. These Medical Cyber Physical Systems (MCPS) will be capable of transmitting the acquired data to a private or public cloud for storage and processing. Machine learning algorithms running in the cloud and processing this data can provide decision support to healthcare professionals. There is no doubt that the security and privacy of the medical data is one of the most important concerns in designing an MCPS. In this paper, we depict the general architecture of an MCPS consisting of four layers: data acquisition, data aggregation, cloud processing, and action. Due to the differences in hardware and communication capabilities of each layer, different encryption schemes must be used to guarantee data privacy within that layer. We survey conventional and emerging encryption schemes based on their ability to provide secure storage, data sharing, and secure computation. Our detailed experimental evaluation of each scheme shows that while the emerging encryption schemes enable exciting new features such as secure sharing and secure computation, they introduce several orders-of-magnitude computational and storage overhead. We conclude our paper by outlining future research directions to improve the usability of the emerging encryption schemes in an MCPS. PMID:26812732

  12. The National Ignition Facility neutron imaging system.

    PubMed

    Wilke, Mark D; Batha, Steven H; Bradley, Paul A; Day, Robert D; Clark, David D; Fatherley, Valerie E; Finch, Joshua P; Gallegos, Robert A; Garcia, Felix P; Grim, Gary P; Jaramillo, Steven A; Montoya, Andrew J; Moran, Michael J; Morgan, George L; Oertel, John A; Ortiz, Thomas A; Payton, Jeremy R; Pazuchanics, Peter; Schmidt, Derek W; Valdez, Adelaida C; Wilde, Carl H; Wilson, Doug C

    2008-10-01

    The National Ignition Facility (NIF) is scheduled to begin deuterium-tritium (DT) shots possibly in the next several years. One of the important diagnostics in understanding capsule behavior and to guide changes in Hohlraum illumination, capsule design, and geometry will be neutron imaging of both the primary 14 MeV neutrons and the lower-energy downscattered neutrons in the 6-13 MeV range. The neutron imaging system (NIS) described here, which we are currently building for use on NIF, uses a precisely aligned set of apertures near the target to form the neutron images on a segmented scintillator. The images are recorded on a gated, intensified charge coupled device. Although the aperture set may be as close as 20 cm to the target, the imaging camera system will be located at a distance of 28 m from the target. At 28 m the camera system is outside the NIF building. Because of the distance and shielding, the imager will be able to obtain images with little background noise. The imager will be capable of imaging downscattered neutrons from failed capsules with yields Y(n)>10(14) neutrons. The shielding will also permit the NIS to function at neutron yields >10(18), which is in contrast to most other diagnostics that may not work at high neutron yields. The following describes the current NIF NIS design and compares the predicted performance with the NIF specifications that must be satisfied to generate images that can be interpreted to understand results of a particular shot. The current design, including the aperture, scintillator, camera system, and reconstruction methods, is briefly described. System modeling of the existing Omega NIS and comparison with the Omega data that guided the NIF design based on our Omega results is described. We will show NIS model calculations of the expected NIF images based on component evaluations at Omega. We will also compare the calculated NIF input images with those unfolded from the NIS images generated from our NIS numerical

  13. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  14. The deep space network, volume 18. [Deep Space Instrumentation Facility, Ground Communication Facility, and Network Control System

    NASA Technical Reports Server (NTRS)

    1973-01-01

    The objectives, functions, and organization of the Deep Space Network are summarized. The Deep Space Instrumentation Facility, the Ground Communications Facility, and the Network Control System are described.

  15. Security Design of Remote Maintenance Systems for Nuclear Power Plants Based on ISO/IEC 15408

    NASA Astrophysics Data System (ADS)

    Watabe, Ryosuke; Oi, Tadashi; Endo, Yoshio

    This paper presents a security design of remote maintenance systems for nuclear power plants. Based on ISO/IEC 15408, we list assets to be protected, threats to the assets, security objectives against the threats, and security functional requirements that achieve the security objectives. Also, we show relations between the threats and the security objectives, and relations between the security objectives and the security functional requirements. As a result, we concretize a necessary and sufficient security design of remote maintenance systems for nuclear power plants that can protect the instrumentation and control system against intrusion, impersonation, tapping, obstruction and destruction.

  16. Secure authentication system that generates seed from biometric information.

    PubMed

    Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

    2005-02-10

    As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics. PMID:15751854

  17. Critical issues in process control system security : DHS spares project.

    SciTech Connect

    Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

    2010-10-01

    The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

  18. Secure Control Systems for the Energy Sector

    SciTech Connect

    Smith, Rhett; Stewart, John; Chavez, Adrian

    2014-10-22

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  19. Security in Wiki-Style Authoring Systems

    NASA Astrophysics Data System (ADS)

    Jensen, Christian Damsgaard

    During the past decade, online collaboration has grown from a practice primarily associated with the workplace to a social phenomenon, where ordinary people share information about their life, hobbies, interests, politics etc. In particular, social software, such as open collaborative authoring systems like wikis, has become increasingly popular. This is probably best illustrated through the immense popularity of the Wikipedia, which is a free encyclopedia collaboratively edited by thousands of Internet users with a minimum of administration.

  20. Centrifuge Facility Conceptual System Study. Volume 1: Facility overview and habitats

    NASA Technical Reports Server (NTRS)

    Synnestvedt, Robert (Editor)

    1990-01-01

    The results are presented for a NASA Phase 1 study conducted from mid 1987 through mid 1989 at Ames Research Center. The Centrifuge Facility is the major element of the biological research facility for the implementation of NASA's Life Science Research Program on Space Station Freedom using non-human specimens (such as small primates, rodents, plants, insects, cell tissues). Five systems are described which comprise the Facility: habitats, holding units, centrifuge, glovebox, and service unit. Volume 1 presents a facility overview and describes the habitats - modular units which house living specimens.

  1. Secure Video Surveillance System Acquisition Software

    SciTech Connect

    2009-12-04

    The SVSS Acquisition Software collects and displays video images from two cameras through a VPN, and store the images onto a collection controller. The software is configured to allow a user to enter a time window to display up to 2 1/2, hours of video review. The software collects images from the cameras at a rate of 1 image per second and automatically deletes images older than 3 hours. The software code operates in a linux environment and can be run in a virtual machine on Windows XP. The Sandia software integrates the different COTS software together to build the video review system.

  2. Secure Video Surveillance System Acquisition Software

    Energy Science and Technology Software Center (ESTSC)

    2009-12-04

    The SVSS Acquisition Software collects and displays video images from two cameras through a VPN, and store the images onto a collection controller. The software is configured to allow a user to enter a time window to display up to 2 1/2, hours of video review. The software collects images from the cameras at a rate of 1 image per second and automatically deletes images older than 3 hours. The software code operates in amore » linux environment and can be run in a virtual machine on Windows XP. The Sandia software integrates the different COTS software together to build the video review system.« less

  3. Security of information in IT systems

    NASA Astrophysics Data System (ADS)

    Kaliczynska, Malgorzata

    2005-02-01

    The aim of the paper is to increase human awareness of the dangers connected with social engineering methods of obtaining information. The article demonstrates psychological and sociological methods of influencing people used in the attacks on IT systems. Little known techniques are presented about one of the greater threats that is electromagnetic emission or corona effect. Moreover, the work shows methods of protecting against this type of dangers. Also, in the paper one can find information on devices made according to the TEMPEST technology. The article not only discusses the methods of gathering information, but also instructs how to protect against its out-of-control loss.

  4. 47 CFR 80.277 - Ship Security Alert System (SSAS).

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Convention or 33 CFR 101.310 may utilize: (1) Equipment that complies with RTCM Paper 110-2004/SC110-STD...) and 1 CFR part 51. Copies of these standards can be inspected at the Federal Communications Commission... 47 Telecommunication 5 2011-10-01 2011-10-01 false Ship Security Alert System (SSAS)....

  5. 47 CFR 80.277 - Ship Security Alert System (SSAS).

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Convention or 33 CFR 101.310 may utilize: (1) Equipment that complies with RTCM 11020.1 (incorporated by... 47 Telecommunication 5 2012-10-01 2012-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277...

  6. 47 CFR 80.277 - Ship Security Alert System (SSAS).

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... Convention or 33 CFR 101.310 may utilize: (1) Equipment that complies with RTCM 11020.1 (incorporated by... 47 Telecommunication 5 2014-10-01 2014-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277...

  7. 47 CFR 80.277 - Ship Security Alert System (SSAS).

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Convention or 33 CFR 101.310 may utilize: (1) Equipment that complies with RTCM Paper 110-2004/SC110-STD...) and 1 CFR part 51. Copies of these standards can be inspected at the Federal Communications Commission... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS)....

  8. 47 CFR 80.277 - Ship Security Alert System (SSAS).

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... Convention or 33 CFR 101.310 may utilize: (1) Equipment that complies with RTCM 11020.1 (incorporated by... 47 Telecommunication 5 2013-10-01 2013-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277...

  9. 49 CFR 659.23 - System security plan: contents.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the... endorsed by the agency's chief executive. (b) Document the rail transit agency's process for managing... address the personal security of passengers and employees; (d) Document the rail transit agency's...

  10. 49 CFR 659.23 - System security plan: contents.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the... endorsed by the agency's chief executive. (b) Document the rail transit agency's process for managing... address the personal security of passengers and employees; (d) Document the rail transit agency's...

  11. 49 CFR 659.23 - System security plan: contents.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the... endorsed by the agency's chief executive. (b) Document the rail transit agency's process for managing... address the personal security of passengers and employees; (d) Document the rail transit agency's...

  12. Bidirectional Quantum Secure Direct Communication in Trapped Ion Systems

    NASA Astrophysics Data System (ADS)

    Cui, Yeqin; Gao, Jianguo

    2016-03-01

    We propose a feasible scheme for implementing quantum secure direct communication in trapped ion systems. According to the results measured by the sender, the receiver can obtain different secret messages in a deterministic way. Our scheme is insensitive to both the initial vibrational state and heating. The probability of the success in our scheme is 1.0.

  13. A method to ensure energy security of satellite communication systems

    NASA Astrophysics Data System (ADS)

    Chipiga, A. F.; Senokosova, A. V.

    2009-10-01

    A method is substantiated to ensure energy security for the satellite communication systems (SCS) at a close position of the radio interception receiver. This is done by lowering the carrier frequency down to f 0 = 60…80 MHz and by applying spaced measurements with n ≥ 4 receiving antennas.

  14. 28 CFR 16.51 - Security of systems of records.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 28 Judicial Administration 1 2013-07-01 2013-07-01 false Security of systems of records. 16.51 Section 16.51 Judicial Administration DEPARTMENT OF JUSTICE PRODUCTION OR DISCLOSURE OF MATERIAL OR INFORMATION Protection of Privacy and Access to Individual Records Under the Privacy Act of 1974 §...

  15. 32 CFR 637.20 - Security surveillance systems.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 32 National Defense 4 2013-07-01 2013-07-01 false Security surveillance systems. 637.20 Section 637.20 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY (CONTINUED) LAW ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20...

  16. 32 CFR 637.20 - Security surveillance systems.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 32 National Defense 4 2012-07-01 2011-07-01 true Security surveillance systems. 637.20 Section 637.20 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY (CONTINUED) LAW ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20...

  17. 32 CFR 637.20 - Security surveillance systems.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 32 National Defense 4 2010-07-01 2010-07-01 true Security surveillance systems. 637.20 Section 637.20 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY (CONTINUED) LAW ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20...

  18. 32 CFR 637.20 - Security surveillance systems.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 32 National Defense 4 2014-07-01 2013-07-01 true Security surveillance systems. 637.20 Section 637.20 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY (CONTINUED) LAW ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20...

  19. 32 CFR 637.20 - Security surveillance systems.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 32 National Defense 4 2011-07-01 2011-07-01 false Security surveillance systems. 637.20 Section 637.20 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY (CONTINUED) LAW ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20...

  20. 6 CFR 5.31 - Security of systems of records.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... AND INFORMATION Privacy Act § 5.31 Security of systems of records. (a) In general. Each component... during business hours to prevent unauthorized persons from having access to them; (3) Records are inaccessible to unauthorized persons outside of business hours; and (4) Records are not disclosed...

  1. Security proof for quantum key distribution using qudit systems

    SciTech Connect

    Sheridan, Lana; Scarani, Valerio

    2010-09-15

    We provide security bounds against coherent attacks for two families of quantum key distribution protocols that use d-dimensional quantum systems. In the asymptotic regime, both the secret key rate for fixed noise and the robustness to noise increase with d. The finite key corrections are found to be almost insensitive to d < or approx. 20.

  2. RCRA COVER SYSTEMS FOR WASTE MANAGEMENT FACILITIES

    EPA Science Inventory

    The closure of waste management facilities, whether Subtitle C, Subtitle D or CERCLA, requires consideration of site-specific information, the Federal regulations and applicability of state regulations and the liquids management strategy. This paper will present the current EPA ...

  3. Instrument Systems Analysis and Verification Facility (ISAVF) users guide

    NASA Technical Reports Server (NTRS)

    Davis, J. F.; Thomason, J. O.; Wolfgang, J. L.

    1985-01-01

    The ISAVF facility is primarily an interconnected system of computers, special purpose real time hardware, and associated generalized software systems, which will permit the Instrument System Analysts, Design Engineers and Instrument Scientists, to perform trade off studies, specification development, instrument modeling, and verification of the instrument, hardware performance. It is not the intent of the ISAVF to duplicate or replace existing special purpose facilities such as the Code 710 Optical Laboratories or the Code 750 Test and Evaluation facilities. The ISAVF will provide data acquisition and control services for these facilities, as needed, using remote computer stations attached to the main ISAVF computers via dedicated communication lines.

  4. Closure Report for Corrective Action Unit 116: Area 25 Test Cell C Facility, Nevada National Security Site, Nevada

    SciTech Connect

    NSTec Environmental Restoration

    2011-09-29

    This Closure Report (CR) presents information supporting closure of Corrective Action Unit (CAU) 116, Area 25 Test Cell C Facility. This CR complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; the U.S. Department of Energy (DOE), Environmental Management; the U.S. Department of Defense; and DOE, Legacy Management (FFACO, 1996 [as amended March 2010]). CAU 116 consists of the following two Corrective Action Sites (CASs), located in Area 25 of the Nevada National Security Site: (1) CAS 25-23-20, Nuclear Furnace Piping and (2) CAS 25-41-05, Test Cell C Facility. CAS 25-41-05 consisted of Building 3210 and the attached concrete shield wall. CAS 25-23-20 consisted of the nuclear furnace piping and tanks. Closure activities began in January 2007 and were completed in August 2011. Activities were conducted according to Revision 1 of the Streamlined Approach for Environmental Restoration Plan for CAU 116 (U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office [NNSA/NSO], 2008). This CR provides documentation supporting the completed corrective actions and provides data confirming that closure objectives for CAU 116 were met. Site characterization data and process knowledge indicated that surface areas were radiologically contaminated above release limits and that regulated and/or hazardous wastes were present in the facility.

  5. T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security

    SciTech Connect

    Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

    2009-07-20

    Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

  6. 49 CFR 1549.111 - Security threat assessments for personnel of certified cargo screening facilities.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... cargo screening facility, an indirect air carrier under 49 CFR part 1548 for transport on a passenger...) Each certified screening facility must complete the requirements in 49 CFR part 1540, subpart C. ... certified cargo screening facilities. 1549.111 Section 1549.111 Transportation Other Regulations Relating...

  7. 49 CFR 1549.111 - Security threat assessments for personnel of certified cargo screening facilities.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... cargo screening facility, an indirect air carrier under 49 CFR part 1548 for transport on a passenger...) Each certified screening facility must complete the requirements in 49 CFR part 1540, subpart C. ... certified cargo screening facilities. 1549.111 Section 1549.111 Transportation Other Regulations Relating...

  8. SECURE personnel screening system: field trials and new developments

    NASA Astrophysics Data System (ADS)

    Smith, Steven W.

    1997-01-01

    Many different techniques have been investigated for detecting weapons, explosives, and contraband concealed under a person's clothing. Most of these are based on imaging the concealed object by using some sort of penetrating radiation, such as microwaves, ultrasound or electromagnetic fields.In spite of this effort by dozens of research groups, the only technique that has resulted in a commercially viable product is back-scatter x-ray imaging, as embodied in the SECURE 1000 personnel screening systems. The SECURE technology uses radiation levels that are insignificant compared to natural background values, being viewed as 'trivial' and 'completely insignificant' under established radiation safety standards. In the five years since the SECURE 1000 was developed, more than a dozen field trials and initial placements have been completed. This paper describes both the capabilities and limitations of the technology in these real-world applications.

  9. The Zwicky transient facility observing system

    NASA Astrophysics Data System (ADS)

    Smith, Roger M.; Dekany, Richard G.; Bebek, Christopher; Bellm, Eric; Bui, Khanh; Cromer, John; Gardner, Paul; Hoff, Matthew; Kaye, Stephen; Kulkarni, Shrinivas; Lambert, Andrew; Levi, Michael; Reiley, Dan

    2014-07-01

    The Zwicky Transient Facility (ZTF) is a synoptic optical survey for high-cadence time-domain astronomy. Building upon the experience and infrastructure of the highly successful Palomar Transient Factory (PTF) team, ZTF will survey more than an order of magnitude faster than PTF in sky area and volume in order to identify rare, rapidly varying optical sources. These sources will include a trove of supernovae, exotic explosive transients, unusual stellar variables, compact binaries, active galactic nuclei, and asteroids. The single-visit depth of 20.4 mag is well matched to spectroscopic follow-up observations, while the co-added images will provide wide sky coverage 1.5 - 2 mag deeper than SDSS. The ZTF survey will cover the entire Northern Sky and revisit fields on timescales of a few hours, providing hundreds of visits per field each year, an unprecedented cadence, as required to detect fast transients and variability. This high-cadence survey is enabled by an observing system based on a new camera having 47 deg2 field of view - a factor of 6.5 greater than the existing PTF camera - equipped with fast readout electronics, a large, fast exposure shutter, faster telescope and dome drives, and various measures to optimize delivered image quality. Our project has already received an initial procurement of e2v wafer-scale CCDs and we are currently fabricating the camera cryostat. International partners and the NSF committed funds in June 2014 so construction can proceed as planned to commence engineering commissioning in 2016 and begin operations in 2017. Public release will allow broad utilization of these data by the US astronomical community. ZTF will also promote the development of transient and variable science methods in preparation for the seminal first light of LSST.

  10. Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

    PubMed

    Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2014-11-01

    Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS. PMID:25298362

  11. Security core to the edge: securing critical information through enhanced Cross Domain Systems (CDS) to the tactical edge

    NASA Astrophysics Data System (ADS)

    Farroha, Bassam S.; Farroha, Deborah L.; Whitfield, Melinda M.

    2010-04-01

    This paper analyzes secure data sharing outside its security domain with services, agencies, coalition partners and state/local authorities. There is a high demand for multiple levels of secure data at the tactical edge; however the threat level at that point is elevated compared to the enterprise environment. This paper investigates the requirements, technologies and risk mitigation techniques for securely sharing information with the tactical warfighter while protecting the data and the information systems from intruders and malware. The new CD Systems need to eliminate the stovepipe architectures and open the doors to share information across traditional and non-traditional domain boundaries.

  12. Characteristics of and Services Provided to Youth in Secure Care Facilities

    ERIC Educational Resources Information Center

    Gagnon, Joseph C.; Barber, Brian

    2010-01-01

    Youth who are incarcerated in secure detention and commitment settings display a complex array of educational, behavioral, and mental health issues that affect the services they require, as well as their responsiveness to interventions. Yet, seldom are these needs understood or taken into account when providing services in secure care settings. In…

  13. 33 CFR 146.104 - Safety and Security notice of arrival for foreign floating facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... number, assigned under 30 CFR 250.154 for identification, where the owner or operator of the foreign... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Safety and Security notice of... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OUTER CONTINENTAL SHELF ACTIVITIES OPERATIONS...

  14. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... appropriate: (a) Knowledge of current and anticipated security threats and patterns. (b) Recognition and detection of dangerous substances and devices; (c) Recognition of characteristics and behavioral patterns of persons who are likely to threaten security; (d) Recognition of techniques used to circumvent...

  15. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... a TWIC, and must have knowledge, through training or equivalent job experience, in the following, as appropriate: (a) Knowledge of current and anticipated security threats and patterns. (b) Recognition and... measures; (e) Security related communications; (f) Knowledge of emergency procedures and contingency...

  16. CLASSIFICATION OF THE MGR SAFEGUARDS AND SECURITY SYSTEM

    SciTech Connect

    J.A. Ziegler

    1999-08-31

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) safeguards and security system structures, systems and components (SSCs) performed by the MGR Safety Assurance Department. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 1998). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description'' (QARD) (DOE 1998).

  17. IT and SLT characterizations of secured biometric authentication systems

    NASA Astrophysics Data System (ADS)

    Schmid, Natalia A.; Wechsler, Harry

    2010-01-01

    This paper provides an information theoretical description of biometric systems at the system level. A number of basic models to characterize performance of biometric systems are presented. All models compare performance of an automatic biometric recognition system against performance of an ideal biometric system that knows correct decisions. The correct decision can be visualized as an input to a new decision system, and the decision by an automatic recognition system is the output of this decision system. The problem of performance evaluation for a biometric recognition system is formulated as (1) the problem of finding the maximum information that the output of the system has about the input, and (2) the problem of finding the maximum distortion that the output can experience with respect to the input of the system to guarantee a bounded average probability of recognition error. The first formulation brings us to evaluation of capacity of a binary asymmetric and M-ary channels. The second formulation falls under the scope of rate-distortion theory. We further describe the problem of physical signature authentication used to authenticate a biometric acquisition device and state the problem of secured biometric authentication as the problem of joint biometric and physical signature authentication. One novelty of this work is in restating the problem of secured biometric authentication as the problem of finding capacity and rate-distortion curve for a secured biometric authentication system. Another novelty is in application of transductive methods from statistical learning theory to estimate the conditional error probabilities of the system. This set of parameters is used to optimize the system performance.

  18. Analysis of LNG peakshaving-facility release-prevention systems

    SciTech Connect

    Pelto, P.J.; Baker, E.G.; Powers, T.B.; Schreiber, A.M.; Hobbs, J.M.; Daling, P.M.

    1982-05-01

    The purpose of this study is to provide an analysis of release prevention systems for a reference LNG peakshaving facility. An overview assessment of the reference peakshaving facility, which preceeded this effort, identified 14 release scenarios which are typical of the potential hazards involved in the operation of LNG peakshaving facilities. These scenarios formed the basis for this more detailed study. Failure modes and effects analysis and fault tree analysis were used to estimate the expected frequency of each release scenario for the reference peakshaving facility. In addition, the effectiveness of release prevention, release detection, and release control systems were evaluated.

  19. Game theory and decision support system for use in security reviews of nuclear material tracking and accountancy systems

    SciTech Connect

    Goutal, P.; Werkoff, F.; Le Manchec, K.; Preston, N.; Roche, F.

    1995-12-31

    Tracking and accountancy arrangements help guarantee the security of nuclear materials. Verifications consisting of comparisons between physical identifications or measurements on one hand and material accountancy on the other hand are carried out, in order to detect any unexpected absence of nuclear material. This paper studies two different aspects of the problem of the efficiency of these verifications. First, a decision support system for use in security reviews of nuclear material accountancy systems is presented. Its purpose is firstly to represent a facility and the associated verifications, tracking and accountancy operations and secondly, to calculate the detection delay in the case of an absence of nuclear material. Next, in order to minimize the detection delay for a limited, fixed number of physical identifications, a two-person, zero-sum game with incomplete information is described. The first results obtained from this analysis indicate shorter detection times than those given by games with complete information.

  20. The impact of changes in DOE computer security on safeguards systems

    SciTech Connect

    Hunteman, W.J.; Caldwell, R.J.

    1994-08-01

    Recent changes in the Department of Energy regulations on classified computer security have introduced a number of significant requirements for automated information systems land networks. These changes are necessary because of changes in computer technology, a reduced level of clearances, and increased personnel access, such as DOE ``L`` clearances and international inspections, in the facilities. These changes will affect all computer-based systems that process, or are connected to computers that process, classified data. The additional and modified requirements are identified and described. The impact of the requirements on safeguards computer-based systems, such as instruments, database systems, and networks, is reviewed. Some simple examples of typical safeguards systems are discussed with suggestions on how the systems can comply with the requirements.