Note: This page contains sample records for the topic secure distributed applications from Science.gov.
While these samples are representative of the content of Science.gov,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of Science.gov
to obtain the most current and comprehensive results.
Last update: August 15, 2014.
1

Security in Distributed Applications  

Microsoft Academic Search

The security requirements on an IT system ultimately depend on the applications that make use of it. To put today’s challenges\\u000a into perspective we map the evolution of distributed systems security over the past 40 years. We then focus on web applications\\u000a as an important current paradigm for deploying distributed applications. We discuss the security policies relevant for the\\u000a current

Dieter Gollmann

2007-01-01

2

Shared and Distributed Memory Parallel Security Analysis of Large-Scale Source Code and Binary Applications  

SciTech Connect

Many forms of security analysis on large scale applications can be substantially automated but the size and complexity can exceed the time and memory available on conventional desktop computers. Most commercial tools are understandably focused on such conventional desktop resources. This paper presents research work on the parallelization of security analysis of both source code and binaries within our Compass tool, which is implemented using the ROSE source-to-source open compiler infrastructure. We have focused on both shared and distributed memory parallelization of the evaluation of rules implemented as checkers for a wide range of secure programming rules, applicable to desktop machines, networks of workstations and dedicated clusters. While Compass as a tool focuses on source code analysis and reports violations of an extensible set of rules, the binary analysis work uses the exact same infrastructure but is less well developed into an equivalent final tool.

Quinlan, D; Barany, G; Panas, T

2007-08-30

3

The Software Infrastructure of a Java Card Based Security Platform for Distributed Applications  

Microsoft Academic Search

The work presented in this paper is part of the Java CardTM1 Grid project2 carried out at LaBRI, Laboratoire Bordelais de Recherche en Informatique. The aim of this project is to build a hardware platform and the associated software components to experiment on the security features of distributed applications. To achieve this goal we use the hardware components that offer

Serge Chaumette; Achraf Karray; Damien Sauveron

2006-01-01

4

Web application security engineering  

Microsoft Academic Search

Integrating security throughout the life cycle can improve overall Web application security. With a detailed review of the steps involved in applying security-specific activities throughout the software development life cycle, the author walks practitioners through effective, efficient application design, development, and testing. With this article, the author shares a way to improve Web application security by integrating security throughout the

J. D. Meier

2006-01-01

5

Secure software distribution system  

SciTech Connect

Authenticating and upgrading system software plays a critical role in information security, yet practical tools for assessing and installing software are lacking in today`s marketplace. The Secure Software Distribution System (SSDS) will provide automated analysis, notification, distribution, and installation of security patches and related software to network-based computer systems in a vendor-independent fashion. SSDS will assist with the authentication of software by comparing the system`s objects with the patch`s objects. SSDS will monitor vendor`s patch sites to determine when new patches are released and will upgrade system software on target systems automatically. This paper describes the design of SSDS. Motivations behind the project, the advantages of SSDS over existing tools as well as the current status of the project are also discussed. 2 figs.

Bartoletti, T.; Dobbs, L.A.; Kelley, M.

1997-02-01

6

Factors Affecting Distributed System Security.  

National Technical Information Service (NTIS)

Recent work examining distributed system security requirements is critiqued. A notion of trust based on distributed system topology and distributed system node evaluation levels proposed in that work is shown to be deficient. The notion fails to make allo...

D. M. Nessett

1985-01-01

7

On Key Distribution in Secure Multicasting  

Microsoft Academic Search

Multicasting has been widely utilized for delivering messages from one sender to multiple recipients. Nowadays in some applications such as pay per view or video-conferencing systems, the messages delivered via multicasting should be available to authorized recipients only. Therefore, secure multicasting becomes an important design issue in a distributed environment. To achieve secure multicasting, all authorized recipients form a group

Kuen-pin Wu; Shanq-jang Ruan; Feipei Lai; Chih-kuang Tseng

2000-01-01

8

End-to-end Web Application Security  

Microsoft Academic Search

Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross- domain Web applications referred to as Web 2.0. In order to support end-to-end

Ulfar Erlingsson; Benjamin Livshits; Yinglian Xie

9

End-to-End Web Application Security  

Microsoft Academic Search

Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross- domain Web applications referred to as Web 2.0. In order to support end-to-end

Úlfar Erlingsson; V. Benjamin Livshits; Yinglian Xie

2007-01-01

10

Application Security Automation  

ERIC Educational Resources Information Center

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Malaika, Majid A.

2011-01-01

11

Securing Web applications  

Microsoft Academic Search

Web application vulnerabilities have become a major concern in software security. We will present major attack patterns, i.e. SQL injection, cross-site scripting, cross-site request forgery, JavaScript hijacking, and DNS rebinding, together with a survey and assessment of the countermeasures available to web application developers.

Dieter Gollmann

2008-01-01

12

Mobile agent-based security model for distributed system  

Microsoft Academic Search

Mobile computers and devices may operate in a variety of environments with different security schemes. In this paper, we present a mobile agent based security model. The model supports the flexible and extensible application specific security measures required by mobile computers and devices in distributed system. First, we gave a full description of mobile agent and its migration modes. After

Lin Qi; Lu Yu

2001-01-01

13

Web application security assessment tools  

Microsoft Academic Search

Security testing a Web application or Web site requires careful thought and planning due to both tool and industry immaturity. Finding the right tools involves several steps, including analyzing the development environment and process, business needs, and the Web application's complexity. Here, we describe the different technology types for analyzing Web applications and Web services for security vulnerabilities, along with

Mark Curphey; Rudolph Arawo

2006-01-01

14

Security Data Warehouse Application  

NASA Technical Reports Server (NTRS)

The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

2012-01-01

15

Perfectly-Secure Key Distribution for Dynamic Conferences  

Microsoft Academic Search

A key distribution scheme for dynamic conferences is a method by which initiallyan (off-line) trusted server distributes private individual pieces of informationto a set of users. Later, each member of any group of users of a given size (a dynamicconference) can compute a common secure group key. In this paper westudy the theory and applications of such perfectly secure systems.

Carlo Blundo; Alfredo De Santis; Amir Herzberg Shay Kutten; Ugo Vaccaro

1993-01-01

16

Evaluation of web application security risks and secure design patterns  

Microsoft Academic Search

The application of security in web application is of profound importance due to the extended use of web for business. Most of the attacks, are either because the developers are not considering security as a concern or due to the security flaws in designing and developing the applications. The enforcement of security in the software development life cycle of the

Asish Kumar Dalai; Sanjay Kumar Jena

2011-01-01

17

Security Enhancements for Distributed Control Systems  

Microsoft Academic Search

Security enhancements for distributed control systems (DCSs) must be sensitive to operational issues, especially availability.\\u000a This paper presents three security enhancements for DCSs that satisfy this requirement: end-to-end security for DCS protocol\\u000a communications, role-based authorization to control access to devices and prevent unauthorized changes to operational parameters,\\u000a and reduced operating system kernels for enhanced device security. The security enhancements have

Jeffrey L. Hieb; James H. Graham; Sandip C. Patel

2007-01-01

18

The Digital Distributed System Security Architecture  

Microsoft Academic Search

The Digital Distributed System Security Architecture is a comprehensive specification for security in a distributed system that employs state-of-the-art concepts to address the needs of both commercial and government environments. The architecture covers user and system authentication, mandatory and discretionary security, secure initialization and loading, and delegation in a general-purpose computing environment of heterogeneous systems where there are no central

Andy Goldstein; Butler Lampson; Charlie Kaufman; Morrie Gasser

1989-01-01

19

Security principles for web applications  

Microsoft Academic Search

In the recent time we have witnessed an expansion of web applications, which are offering a wide range of public and business services. The web applications are efficient and convenient, however, increasing number of new security threats is a risk for both users of web applications and the companies which are offering their services through web applications. In order to

Tamara M. Tanaskovic; Miodrag Z. Zivkovic

2011-01-01

20

A secure communications infrastructure for high-performance distributed computing  

SciTech Connect

Applications that use high-speed networks to connect geographically distributed supercomputers, databases, and scientific instruments may operate over open networks and access valuable resources. Hence, they can require mechanisms for ensuring integrity and confidentially of communications and for authenticating both users and resources. Security solutions developed for traditional client-server applications do not provide direct support for the program structures, programming tools, and performance requirements encountered in these applications. The authors address these requirements via a security-enhanced version of the Nexus communication library; which they use to provide secure versions of parallel libraries and languages, including the Message Passing Interface. These tools permit a fine degree of control over what, where, and when security mechanisms are applied. In particular, a single application can mix secure and nonsecure communication, allowing the programmer to make fine-grained security/performance tradeoffs. The authors present performance results that quantify the performance of their infrastructure.

Foster, I.; Koenig, G.; Tuecke, S. [and others

1997-08-01

21

THz quasioptics applications in security  

Microsoft Academic Search

Recent developments in active millimeter\\/THz waves high-quality 3D real-time imaging for security applications are discussed. Such type of imaging systems affords a compact, simple, fast and relatively low-cost system.

Igor V. Minin; Oleg V. Minin

2006-01-01

22

Security Criteria for Distributed Systems: Functional Requirements.  

National Technical Information Service (NTIS)

The focus of the security requirements presented in this report is on the design, implementation, and operation of trusted distributed operating systems. The view represented in this report is that any trusted distributed system consists of a set of Trust...

J. A. Cugini J. M. Boone R. W. Dobry T. Mayfield V. D. Gligor

1995-01-01

23

Security seal. [Patent application  

DOEpatents

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to fingerprints are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, G.W.

1981-11-17

24

Communication security in a distributed network  

Microsoft Academic Search

In order for a distributed network to function securely, the integrity of the data transmitted over the communication links must be maintained. The use of either link encryption or end-to-end encryption will help to maintain the integrity of transmitted data, although there are differences in the level of security which they provide. This paper begins with an analysis of link

Marie A. Wright

1990-01-01

25

Mobile Security for Internet Applications  

Microsoft Academic Search

The WebSIM is a technology for interfacing GSM SIMs with the Internet, by implementing a Web server inside a SIM. This paper discusses how this technology can be used for securing services over the Internet and describes several concrete application scenarios.

Roger Kehr; Joachim Posegga; Roland Schmitz; Peter Windirsch

2001-01-01

26

Towards secure dataflow processing in open distributed systems  

Microsoft Academic Search

Open distributed systems such as service oriented architecture and cloud computing have emerged as promising platforms to deliver software as a service to users. However, for many security sen- sitive applications such as critical data processing, trus t manage- ment poses significant challenges for migrating those criti cal ap- plications into open distributed systems. In this paper, we present the

Juan Du; Wei Wei; Xiaohui Gu; Ting Yu

2009-01-01

27

Perfectly-Secure Key Distribution for Dynamic Conferences  

Microsoft Academic Search

A key distribution scheme for dynamic conferences is a method by which initially an (off-line) trusted server distributes private individ- ual pieces of information to a set of users. Later any group of users of a given size (a dynamic conference) is able to compute a common secure key. In this paper we study the theory and applications of such

Carlo Blundo; Alfredo De Santis; Amir Herzberg; Shay Kutten; Ugo Vaccaro; Moti Yung

1992-01-01

28

Integrating security in a group oriented distributed system  

NASA Technical Reports Server (NTRS)

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

Reiter, Michael; Birman, Kenneth; Gong, LI

1992-01-01

29

Experiences Building Security Applications on DHTs  

Microsoft Academic Search

In the recent past we introduced two new security applications built on peer-to-peer systems and distributed hashtables (DHTs). First, we designed Adeona (18), which leverages DHTs to provide a privacy-preserving laptop tracking solution. Second, we designed the Vanish (10) self- destructing data system, which uses DHTs to protect against retroactive attacks on archived data in the cloud. Both systems exploit

Tadayoshi Kohno; Arvind Krishnamurthy; Henry M. Levy

2009-01-01

30

ASIDE: IDE support for web application security  

Microsoft Academic Search

Many of today's application security vulnerabilities are introduced by software developers writing insecure code. This may be due to either a lack of understanding of secure programming practices, and\\/or developers' lapses of attention on security. Much work on software security has focused on detecting software vulnerabilities through automated analysis techniques. While they are effective, we believe they are not sufficient.

Jing Xie; Bill Chu; Heather Richter Lipford; John T. Melton

2011-01-01

31

Privacy and Security Research Group workshop on network and distributed system security: Proceedings  

SciTech Connect

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

Not Available

1993-05-01

32

Probabilistic security analysis of shipboard DC zonal electrical distribution systems  

Microsoft Academic Search

Due to significant gains in terms of survivability, weight, manning, and cost obtained from DC zonal electrical distribution systems (DC ZEDS), various practical applications of DC ZEDS to shipboard electric power systems are expected in the foreseeing future. How to ensure whether shipboard DC ZEDS under different power outage events is secure becomes important for real-time operation and planning of

Chun-Lien Su; Chun-Teng Yeh

2008-01-01

33

Multimedia Security System for Security and Medical Applications  

ERIC Educational Resources Information Center

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Zhou, Yicong

2010-01-01

34

Network and Application Security in Mobile e-Health Applications  

Microsoft Academic Search

\\u000a Different IT applications require different network and application security services. We have been working in the area of\\u000a e-health applications in mobile environments, and we have needed to integrate security services therein. This paper presents\\u000a a specification of such network and application security services for mobile e-health applications and how we have implemented\\u000a them. First, various security threats specific of e-health

Ramon Martí; Jaime Delgado; Xavier Perramon

2004-01-01

35

Integrating security in a large distributed system  

Microsoft Academic Search

Andrew is a distributed computing environment that is a synthesis of the personal computing and timesharing paradigms. When mature, it is expected to encompass over 5,000 workstations spanning the Carnegie Mellon University campus. This paper examines the security issues that arise in such an environment and describes the mechanisms that have been developed to address them. These mechanisms include the

Mahadev Satyanarayanan

1989-01-01

36

Intelligent Video for Homeland Security Applications  

Microsoft Academic Search

This paper considers the problem of protecting critical infrastructure and other homeland security initiatives with the application of an intelligent video (IV) system. A systems engineering approach is followed to decompose top level requirements into system functions based on the Department of Homeland Security (DHS) Strategic Plan, The National Strategy for Homeland Security, and the National Infrastructure Protection Plan (NIPP).

A. Nusimow

2007-01-01

37

Securing Distributed Systems with Information Flow Control  

Microsoft Academic Search

Recent operating systems (12, 21, 26) have shown that decentralized information flow control (DIFC) can se- cure applications built from mostly untrusted code. This paper extends DIFC to the network. We present DStar, a system that enforces the security requirements of mu- tually distrustful components through cryptography on the network and local OS protection mechanisms on each host. DStar does

Nickolai Zeldovich; Silas Boyd-wickizer; David Mazières

2008-01-01

38

Megabits secure key rate quantum key distribution  

NASA Astrophysics Data System (ADS)

Quantum cryptography can provide unconditional secure communication between two authorized parties based on the basic principles of quantum mechanics. However, imperfect practical conditions limit its transmission distance and communication speed. Here, we implemented the differential phase shift (DPS) quantum key distribution (QKD) with an up-conversion-assisted hybrid photon detector (HPD) and achieved a 1.3 Mbits per second secure key rate over a 10 km fiber, which is tolerant against photon number splitting (PNS) attack, general collective attacks on individual photons and any other known sequential unambiguous state discrimination (USD) attacks.

Zhang, Q.; Takesue, H.; Honjo, T.; Wen, K.; Hirohata, T.; Suyama, M.; Takiguchi, Y.; Kamada, H.; Tokura, Y.; Tadanaga, O.; Nishida, Y.; Asobe, M.; Yamamoto, Y.

2009-04-01

39

TRUST MODELING FOR SECURE WEB APPLICATION DEVELOPMENT  

Microsoft Academic Search

Trust is the main concern in securing web applications and it has to be implemented in every layer of application at the time of development. Building trust based on a proper model is an important step in designing a secure web-based system. Such model should address users' sociological, economical, and personal expectations of trust in every layer of web applications.

Mahmood Doroodchi; Mohammad B. Sharifnia

2008-01-01

40

Security constraint processing in a multilevel secure distributed database management system  

Microsoft Academic Search

In a multilevel secure distributed database management system, users cleared at different security levels access and share a distributed database consisting of data at different sensitivity levels. An approach to assigning sensitivity levels, also called security levels, to data is one which utilizes constraints or classification rules. Security constraints provide an effective classification policy. They can be used to assign

Bhavani Thuraisingham; William Ford

1995-01-01

41

Agile development of secure web applications  

Microsoft Academic Search

A secure system is one that is protected against specific undesired outcomes.Delivering a secure system, and particularly a secure web application, is not easy.Integrating general-purpose information systems development methods withsecurity development activities could be a useful means to surmount thesedifficulties Agile processes, such as Extreme Programming, are of increasing interest insoftware development. Most significantly for web applications, agile processesencourage and

Xiaocheng Ge; Richard F. Paige; Fiona A. C. Polack; Howard Chivers; Phillip J. Brooke

2006-01-01

42

Non-Detrimental Web Application Security Scanning  

Microsoft Academic Search

The World Wide Web has become a sophisticated platform capable of delivering a broad range of applications. However, its rapid growth has resulted in numerous security problems that current technologies cannot address. Researchers from both academic and private sector are devoting a considerable amount of resources to the development of Web application security scanners (i.e., automated software testing platforms for

Yao-wen Huang; Chung-hung Tsai; D. T. Lee; Sy-yen Kuo

2004-01-01

43

Derived virtual devices: a secure distributed file system mechanism  

NASA Technical Reports Server (NTRS)

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

VanMeter, Rodney; Hotz, Steve; Finn, Gregory

1996-01-01

44

Secure coprocessing applications and research issues  

SciTech Connect

The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

Smith, S.W.

1996-08-01

45

Video performance for high security applications.  

SciTech Connect

The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

Connell, Jack C.; Norman, Bradley C.

2010-06-01

46

Towards agile security in web applications  

Microsoft Academic Search

In this paper, we present an approach that we have used to address security when running projects according to agile principles. Misuse stories have been added to user stories to capture malicious use of the application. Furthermore, misuse stories have been implemented as automated tests (unit tests, acceptance tests) in order to perform security regression testing. Penetration testing, system hardening

Vidar Kongsli

2006-01-01

47

Secure and Robust Overlay Content Distribution  

ERIC Educational Resources Information Center

With the success of applications spurring the tremendous increase in the volume of data transfer, efficient and reliable content distribution has become a key issue. Peer-to-peer (P2P) technology has gained popularity as a promising approach to large-scale content distribution due to its benefits including self-organizing, load-balancing, and…

Kang, Hun Jeong

2010-01-01

48

WALSG: A Solution to Web Application Level Security  

Microsoft Academic Search

This paper analyzes the most common security problems of web application level. A model WALSG (Web Application Level Security Gateway) is presen ted to pr ovide web application level security. WALSG employs XML Schema to specify access control policies and security policies for HTML pages and cookies. WALSG can also be used as a secure tool to define access control

Teng Lv; Ping Yan; Zhenxing Wang

2005-01-01

49

Secure voice for mobile satellite applications  

NASA Astrophysics Data System (ADS)

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

Vaisnys, Arvydas; Berner, Jeff

50

Secure voice for mobile satellite applications  

NASA Technical Reports Server (NTRS)

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

Vaisnys, Arvydas; Berner, Jeff

1990-01-01

51

Secure Middleware for Defence Applications.  

National Technical Information Service (NTIS)

Achieving robust and secure system interoperability over Mobile Wireless Networks poses a number of daunting challenges: (1) Ensuring robustness and survivability in the presence of network jamming, transient faults, frequent node failures (e.g., due to t...

M. Born R. Bharadwaj R. Schreiner

2006-01-01

52

Addressing Security Challenges in Pervasive Computing Applications.  

National Technical Information Service (NTIS)

Pervasive computing provides services that use knowledge about the operating environment. The very knowledge that enables an application to provide better services may, however, be misused, causing security and privacy breaches. Uncontrolled disclosure of...

I. Ray I. Ray

2010-01-01

53

Development and Use of Distribution System Models for Improving the Security of Drinking Water System.  

National Technical Information Service (NTIS)

Guidance was developed for water system distribution software application to security related uses. This guidance was broken into four uses: model development, pre-scenario analysis, post-scenario analysis, and detector placement analysis. This guidance a...

J. S. Frazey

2004-01-01

54

Secure Mobile Agent System for E-Business Applications  

Microsoft Academic Search

Mobile agent systems provide a great flexibility and customizability to distributed applications like ebusiness and information retrieval in the current scenario. Security is a crucial concern for such systems, especially when they are to be used to deal with money transaction. Mobile agents moving around the network are not safe as the remote hosts that accommodate the agents can initiate

A. Kannammal; V. Ramachandran; N. Ch. S. N. Iyengar

2006-01-01

55

WEB APPLICATION SECURITY INSTRUCTIONAL PARADIGMS AND THE IS CURRICULUM  

Microsoft Academic Search

This document provides an overview of the growing importance of web application security threats and its role in the IS security curriculum. Two alternative instructional paradigms designed to present web application security were reviewed. Secure Programming curricula have been used to present detailed coverage from a software coding perspective. However, the Secure Programming Paradigm may present challenges in the choice

J. Packy Laverty; John J. Scarpino

2009-01-01

56

Efficient decoy-state quantum key distribution with quantified security.  

PubMed

We analyse the finite-size security of the efficient Bennett-Brassard 1984 protocol implemented with decoy states and apply the results to a gigahertz-clocked quantum key distribution system. Despite the enhanced security level, the obtained secure key rates are the highest reported so far at all fibre distances. PMID:24150299

Lucamarini, M; Patel, K A; Dynes, J F; Fröhlich, B; Sharpe, A W; Dixon, A R; Yuan, Z L; Penty, R V; Shields, A J

2013-10-21

57

A new model of security for distributed systems  

Microsoft Academic Search

With the rapid growth of the information age, electronic activities of many kinds are becoming more common. The need for protection and security in this environment has never been greater . The conventional approach to security has been to enforce a system-wide policy , but this approach will not work for large distributed systems where entirely new security issues and

Wm A. Wulf; Chenxi Wang; Darrell Kienzle

1996-01-01

58

Distributed Secure Systems: Then and Now  

Microsoft Academic Search

The early 1980s saw the development of some rather sophisticated distributed systems. These were not merely networked file systems: rather, using remote procedure calls, hierarchical naming, and what would now be called middleware, they allowed a collection of systems to operate as a coherent whole. One such system in particular was developed at Newcastle that allowed pre-existing applications and (Unix)

Brian Randell

2007-01-01

59

Secure Distributed Multiplication of Two Polynomially Shared Values: Enhancing the Efficiency of the Protocol  

Microsoft Academic Search

In view of practical applications, it is a high priority to optimize the efficiency of methods for secure multiparty computations. These techniques enable, for instance, truly practical double auctions and distributed signatures. The multiplication protocol for the secure multiparty multiplication of two polynomially shared values over Z_q with a public prime number q is an important module in these computations.

Peter Lory

2009-01-01

60

Securing Timeout Instructions in Web Applications  

Microsoft Academic Search

Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulner- able to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs no access to a clock. In the context of client-side web application security,

Alejandro Russo; Andrei Sabelfeld

2009-01-01

61

A contamination source identification model for water distribution system security  

NASA Astrophysics Data System (ADS)

This article presents and demonstrates a simple, straightforward genetic algorithm (GA) scheme for contamination source identification to enhance the security of water distribution systems. Related previous work on this subject has concentrated on developing analytical water quality inverse models with two major restrictions: the ability to disclose unique solutions and to handle water distribution systems of large size. These two limitations are addressed in this study by coupling a GA with EPANET. The objective function is minimization of the least-squares of the differences between simulated and measured contaminant concentrations, with the decision variables being the contaminant event characteristics of intrusion location, starting time, duration and mass rate. The developed methodology is demonstrated through base runs and sensitivity analysis of three water distribution system example applications of increasing complexity.

Preis, A.; Ostfeld, A.

2007-12-01

62

MEMS and MOEMS for national security applications  

NASA Astrophysics Data System (ADS)

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

Scott, Marion W.

2003-01-01

63

On Enabling Secure Applications Through Off-Line Biometric Identification  

Microsoft Academic Search

In developing secure applications and systems, designers must often incorporate secure user identification in the design specification. In this paper, we study secure off-line authenticated user identification schemes based on a biometric system that can measure a user's biometrics accurately (up to some Hamming distance). The presented schemes enhance identification and authorization in secure applications by binding a biometric template

George I. Davida; Yair Frankel; Brian J. Matt

1998-01-01

64

Monitoring image quality for security applications  

NASA Astrophysics Data System (ADS)

This work is focusing on the definition of a procedure for the qualification of coding schemes for video surveillance applications. It consists in developing and benchmarking tools that learn from the expertise of police and security department. This expertise is intended to be modeled thanks to a campaign of subjective measurement allowing to analyze the way they are using in performing the security tasks like face or license plate recognition, event detection and so on. The results of the previous test are used will be used to tune and to construct a hybrid metric based on basic artifacts detection due to compression and transmission.

Larabi, Mohamed-Chaker; Nicholson, Didier

2011-01-01

65

Photonic sensor applications in transportation security  

NASA Astrophysics Data System (ADS)

There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically address transportation security, photonic sensors fall into two categories: fixed point monitoring and mobile tracking. In fixed point monitoring, the sensors monitor bridge and tunnel structural health and environment problems such as toxic gases in a tunnel. Mobile tracking sensors are being designed to track cargo such as shipboard cargo containers and trucks. Mobile tracking sensor systems have multifunctional sensor requirements including intrusion (tampering), biochemical, radiation and explosives detection. This paper will review the state of the art of photonic sensor technologies and their ability to meet the challenges of transportation security.

Krohn, David A.

2007-10-01

66

Distributed Generation: towards an effective contribution to power system security  

Microsoft Academic Search

With a continuously increasing penetration in power system, the impact of dispersed generation is getting higher and higher. This paper deals with the contribution of DG to power system security. It focuses more precisely on its behavior in case of severe frequency disturbances and shows how distributed generation can provide an active contribution to power system security. The UCTE represents

B. Meyer

2007-01-01

67

Blue versus Red: Towards a Model of Distributed Security Attacks  

Microsoft Academic Search

Abstract. This paper analyzes the threat of distributed attacks by de- veloping a two-sided multiplayer model of security in which attackers aim to deny service and defenders strategize to secure their assets. Attack- ers benet from the successful compromise of target systems, however, may suer,penalties for increased attack activity. Defenders weigh the likelihood of an attack against the cost of

Neal Fultz; Jens Grossklags

2009-01-01

68

Early Detection of Security Misconfiguration Vulnerabilities in Web Applications  

Microsoft Academic Search

This paper presents a web-based tool to supple- ment defense against security misconfiguration vulnerabilities in web applications. The tool automatically audits security con- figuration settings of server environments in web application development and deployment. It also offers features to automat- ically adjust security configuration settings and quantitatively rates level of safety for server environments before deploying web applications. Using the

Birhanu Eshete; Adolfo Villafiorita; Komminist Weldemariam

2011-01-01

69

Part III: AFS - A Secure Distributed File System.  

National Technical Information Service (NTIS)

AFS is a secure distributed global file system providing location independence, scalability and transparent migration capabilities for data. AFS works across a multitude of Unix and non-Unix operating systems and is used at many large sites in production ...

A. Wachsmann

2005-01-01

70

Security for Multimedia Space Data Distribution over the Internet  

NASA Technical Reports Server (NTRS)

Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

1995-01-01

71

A protocol for secure communication in large distributed systems  

NASA Astrophysics Data System (ADS)

A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption/decryption can be done in hardware.

Anderson, D. P.; Ferrari, D.; Rangan, P. V.; Sartirana, B.

1987-01-01

72

The application of image processing techniques and technology for security and surveillance applications  

NASA Astrophysics Data System (ADS)

The range and scope of EO/IR sensor systems within security and surveillance applications is growing, and this places a corresponding demand on the image processing functionality required to meet the end-users' needs and requirements. Within this paper, the application of different image processing architectures and techniques is reviewed in terms of situational awareness criteria and is illustrated through specific system applications. The concepts and benefits of multimodal and distributed sensor systems are also considered together with the attendant data registration and fusion techniques. Finally, the exploitation of a priori information within the integrated security and surveillance picture is considered from both a processing technology and image display perspective.

Smith, Moira I.; Hickman, Duncan

2007-05-01

73

17 CFR 230.139a - Publications by brokers or dealers distributing asset-backed securities.  

Code of Federal Regulations, 2013 CFR

17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01...brokers or dealers distributing asset-backed securities. 230.139a Section 230.139a Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

2013-04-01

74

17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.  

Code of Federal Regulations, 2013 CFR

17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01... Activities by issuers and selling security holders during a distribution. ...Section 242.102 Commodity and Securities Exchanges SECURITIES AND...

2013-04-01

75

COCA: A secure distributed online certification authority  

Microsoft Academic Search

COCA is a fault-tolerant and secure online certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA's protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only intermittent reliability; and with 3 may be

Lidong Zhou; Fred B. Schneider; Robbert Van Renesse

2002-01-01

76

Future for security applications of optical holography  

NASA Astrophysics Data System (ADS)

The use of holograms for security and authentication accounts for around half of all optical holograms produced. This sector is crucial to the hologram industry. Yet it is under threat, as holograms become the target of criminals around the world who wish to counterfeit the documents and products the holograms protect. It is possible to produce holograms using techniques and security procedures which raise the barriers to the counterfeiters, but the hologram industry appears to be complacent and inadequately prepared to deal with this threat to its future. This requires the production of appropriate holograms for each application, awareness, education, and policing. A suitable vehicle for the implementation of these tasks now exists in the International Hologram Manufacturers Association and its Hologram Image Register.

Lancaster, Ian M.

1995-07-01

77

Design and Implementation of Security Camera Control Application for Mobile Phones  

Microsoft Academic Search

In recent years, due to the rise in crime, growing numbers of governments, companies, and schools are equipping their facilities with security cameras to deter crime and to investigate crimes that have happened. In this study, we investigate a distributed application that provides an efficient access method for security cameras placed in various areas. Peer-to-peer is a suitable technology for

Takeshi Kato; Tomoyuki Osano; Norihiro Ishikawa

2009-01-01

78

Scalable, Secure, and Highly Available Distributed File Access  

Microsoft Academic Search

A summary of and historical perspective on work done to implement easy-to-share distributed file systems based on the Unix model are presented. Andrew and Coda are distributed Unix file systems that embody many of the recent advances in solving the problem of data sharing in large, physically dispersed workstation environments. The Andrew architecture is presented, the scalability and security of

Mahadev Satyanarayanan

1990-01-01

79

Restricted access processor - An application of computer security technology  

NASA Technical Reports Server (NTRS)

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Mcmahon, E. M.

1985-01-01

80

Mitigating the authentication vulnerabilities in Web applications through security requirements  

Microsoft Academic Search

To design and implement secure web applications an analysis must start with an understanding of the risks to which application will be exposed. Business-centric Web applications need complex authentication policies to securely implement business processes. Threats against the confidentiality, availability and integrity of the data stored, processed and transmitted by application need to be matched against the policies, technologies and

R. Kumar

2011-01-01

81

Applications of superconducting bolometers in security imaging  

NASA Astrophysics Data System (ADS)

Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ~ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

Luukanen, A.; Leivo, M. M.; Rautiainen, A.; Grönholm, M.; Toivanen, H.; Grönberg, L.; Helistö, P.; Mäyrä, A.; Aikio, M.; Grossman, E. N.

2012-12-01

82

Web-Application Security: From Reactive to Proactive  

Microsoft Academic Search

Here's a sobering thought for all managers responsible for Web applications: Without proactive consideration for an application's security, attackers can bypass nearly all lower-layer security controls simply by using the application in a way its developers didn't envision. Learn how to address vulnerabilities proactively and early on to avoid the devastating consequences of a successful attack.

John R. Maguire; H. Gilbert Miller

2010-01-01

83

A Metrics Framework to Drive Application Security Improvement  

Microsoft Academic Search

Web applications' functionality and user base have evolved along with the threat landscape. Although controls such as network firewalls are essential, they're wholly insufficient for providing overall Web application security. They provide security for underlying hosts and a means of communication, but do little to aid the application resist attack against its software implementation or design. Enterprises must therefore focus

Elizabeth A. Nichols; Gunnar Peterson

2007-01-01

84

Information theory for key distribution systems secured by mesoscopic coherent states  

SciTech Connect

This work analyzes a key distribution system presented earlier [Phys. Rev. A 68, 052307 (2003)] using elements of information theory. Mutual information functions describing the information content shared by Alice and Bob, the legitimate users, and between Alice and Eve, the attacker, are obtained. These results support the original claims that the overall security level to be obtained with the M-ry key distribution system can be made arbitrarily high and thus secure for any practical application. Effects of losses and amplifiers in the optical channel are also analyzed.

Barbosa, Geraldo A. [Northwestern University, Electrical and Computer Engineering Department, 2145 N. Sheridan Road, Evanston, Illinois 60208-3118 (United States)

2005-06-15

85

26 CFR 1.731-2 - Partnership distributions of marketable securities.  

Code of Federal Regulations, 2010 CFR

...2010-04-01 false Partnership distributions of marketable securities. 1.731-2...TAX (CONTINUED) INCOME TAXES Distributions by A Partnership § 1.731-2 Partnership distributions of marketable securities....

2010-04-01

86

26 CFR 1.731-2 - Partnership distributions of marketable securities.  

Code of Federal Regulations, 2010 CFR

...2009-04-01 false Partnership distributions of marketable securities. 1.731-2...TAX (CONTINUED) INCOME TAXES Distributions by A Partnership § 1.731-2 Partnership distributions of marketable securities....

2009-04-01

87

SMART Sensors for Homeland Security Applications  

SciTech Connect

New SMART approaches to fast, high sensitivity, high selectivity, low false indication, self communicating, distributed sensor networks for detection of chemical, biological and radiation threats are being developed at PNNL. These new sensors have their roots in clever combinations of high affinity ligands, self assembled monolayers, shape-specific receptor surfaces, mesoporous superstructures, rapidly fabricated single-chain antibodies, stabilized enzyme reactors and manipulated micro-beads for optical, mass, and direct electronic transduction. Assemblies of these SMART materials and structures are able to efficiently reject the bulk of highly cluttered physical environmental backgrounds, collect the product of interest with extremely high selectivity, concentrate it and present it for efficient and sensitive detection. The general construction methodology for these structures and examples of new sensor systems for detecting chemical, biological and nuclear materials of concern in the Homeland Security context is presented.

Lind, Michael A.; Wright, Bob W.

2004-02-27

88

SMART sensors for homeland security applications  

NASA Astrophysics Data System (ADS)

New SMART approaches to fast, high sensitivity, high selectivity, low false indication, self communicating, distributed sensor networks for detection of chemical, biological and radiation threats are being developed at PNNL. These new sensors have their roots in clever combinations of high affinity ligands, self assembled monolayers, shape-specific receptor surfaces, mesoporous superstructures, rapidly fabricated single-chain antibodies, stabilized enzyme reactors and manipulated micro-beads for optical, mass, and direct electronic transduction. Assemblies of these SMART materials and structures are able to efficiently reject the bulk of highly cluttered physical environmental backgrounds, collect the product of interest with extremely high selectivity, concentrate it and present it for efficient and sensitive detection. The general construction methodology for these structures and examples of new sensor systems for detecting chemical, biological and nuclear materials of concern in the Homeland Security context is presented.

Lind, Michael A.; Wright, Bob W.

2004-07-01

89

Verifiable distributed oblivious transfer and mobile agent security  

Microsoft Academic Search

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivious transfer (OT) from a trusted party can be used to protect the agent's privacy and the hosts' privacy. In this paper, we introduce a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party

Sheng Zhong; Yang Richard Yang

2003-01-01

90

Income distribution within families and the reform of social security  

Microsoft Academic Search

This article discusses the policy implications of a study of the distribution of income within families receiving social security. Analysis of the perceptions and use of different sources of household income revealed gendered patterns. It confirmed that benefits for children are more likely to be spent on the children if paid to the mother, raising questions about the impact of

Ruth Lister; Jackie Goode; Claire Callender

1999-01-01

91

Distributed Energy System Improving Security for City Energy Supply  

Microsoft Academic Search

This paper introduce the possibility of the city energy shortage in the summer and dealing with the emergency cases with the gas-electricity peak shaving method to ensure security energy supply of city in accordance with distributed energy system (DES), such as the gas turbine power generation central heating and cooling technologies. Simultaneously, this paper explain the feasibility of gas fired

Fang Wang; Jian Yang; Zhimin Wu; Xi Chen; Jianzhong Yu

2009-01-01

92

Essential elements lacking in security proofs for quantum key distribution  

NASA Astrophysics Data System (ADS)

All the currently available unconditional security proofs on quantum key distribution, in particular for the BB84 protocol and its variants including continuous-variable ones, are invalid or incomplete at many points. In this paper we discuss some of the main known problems, particularly those on operational security guarantee and error correction. Most basic are the points that there is no security parameter in such protocols and it is not the case the generated key is perfect with probability >= 1 - ? under the trace distance criterion d <= ?, which is widely claimed in the technical and popular literature. The many serious security consequences of this error about the QKD generated key would be explained, including practical ramification on achievable security levels. It will be shown how the error correction problem alone may already defy rigorous quantitative analysis. Various other problems would be touched upon. It is pointed out that rigorous security guarantee of much more efficient quantum cryptosystems may be obtained by abandoning the disturbance-information tradeoff principle and utilizing instead the known KCQ (keyed communication in quantum noise) principle in conjunction with a new DBM (decoy bits method) principle that will be detailed elsewhere.

Yuen, Horace P.

2013-10-01

93

Network and data security design for telemedicine applications.  

PubMed

The maturing of telecommunication technologies has ushered in a whole new era of applications and services in the health care environment. Teleworking, teleconsultation, mutlimedia conferencing and medical data distribution are rapidly becoming commonplace in clinical practice. As a result, a set of problems arises, concerning data confidentiality and integrity. Public computer networks, such as the emerging ISDN technology, are vulnerable to eavesdropping. Therefore it is important for telemedicine applications to employ end-to-end encryption mechanisms securing the data channel from unauthorized access of modification. We propose a network access and encryption system that is both economical and easily implemented for integration in developing or existing applications, using well-known and thoroughly tested encryption algorithms. Public-key cryptography is used for session-key exchange, while symmetric algorithms are used for bulk encryption. Mechanisms for session-key generation and exchange are also provided. PMID:9304559

Makris, L; Argiriou, N; Strintzis, M G

1997-01-01

94

Machine intelligence applications to securities production  

SciTech Connect

The production of security documents provides a cache of interesting problems ranging across a broad spectrum. Some of the problems do not have rigorous scientific solutions available at this time and provide opportunities for less structured approaches such as AI. AI methods can be used in conjunction with traditional scientific and computational methods. The most productive applications of AI occur when this marriage of methods can be carried out without motivation to prove that one method is better than the other. Fields such as ink chemistry and technology, and machine inspection of graphic arts printing offer interesting challenges which will continue to intrigue current and future generations of researchers into the 21st century.

Johnson, C.K.

1987-01-01

95

A robust machine code proof framework for highly secure applications  

Microsoft Academic Search

Security-critical applications at the highest Evaluation Assurance Levels (EAL) require formal proofs of correctness in order to achieve certification. To support secure application development at the highest EALs, we have developed techniques to largely automate the process of producing proofs of correctness of machine code. As part of the Secure, High-Assurance Development Environment program, we have produced in ACL2 an

David S. Hardin; Eric W. Smith; William D. Young

2006-01-01

96

The physical underpinning of security proofs for quantum key distribution  

NASA Astrophysics Data System (ADS)

The dawn of quantum technology unveils a plethora of new possibilities and challenges in the world of information technology, one of which is the quest for secure information transmission. A breakthrough in classical algorithm or the development of a quantum computer could threaten the security of messages encoded using public key cryptosystems based on one-way function such as RSA. Quantum key distribution (QKD) offers an unconditionally secure alternative to such schemes, even in the advent of a quantum computer, as it does not rely on mathematical or technological assumptions, but rather on the universality of the laws of quantum mechanics. Physical concepts associated with quantum mechanics, like the uncertainty principle or entanglement, paved the way to the first successful security proof for QKD. Ever since, further development in security proofs for QKD has been remarkable. But the connection between entanglement distillation and the uncertainty principle has remained hidden under a pile of mathematical burden. Our main goal is to dig the physics out of the new advances in security proofs for QKD. By introducing an alternative definition of private state, which elaborates the ideas of Mayers and Koashi, we explain how the security of all QKD protocols follows from an entropic uncertainty principle. We show explicitly how privacy amplification protocol can be reduced to a private state distillation protocol constructed from our observations about the uncertainty principle. We also derive a generic security proof for one-way permutation-invariant QKD protocols. Considering collective attack, we achieve the same secret key generation rate as the Devetak-Winter's bound. Generalizing an observation from Kraus, Branciard and Renner, we have provided an improved version of the secret key generation rates by considering a different symmetrization. In certain situations, we argue that Azuma's inequality can simplify the security proof considerably, and we explain the implication, on the security level, of reducing a QKD protocol to an entanglement or a more general private state distillation protocol. In a different direction, we introduce a QKD protocol with multiple-photon encoding that can be implemented without a shared reference frame. We prove the unconditional security of this protocol, and discuss some features of the efficiency of multiple-photon QKD schemes in general.

Boileau, Jean Christian

97

Security-aware Resource Optimization in Distributed Service Computing  

Microsoft Academic Search

This chapter considers a set of computer resources used by a service provider to host enterprise applications for customer services subject to a service level agreement (SLA). The SLA defines three QoS metrics, namely, trustworthiness, percentile response time and availability. We first give an overview of current approaches, solutions and challenges in the security-aware resource optimization problem. Then, we present

Kaiqi Xiong; Harry Perros

98

Intra-file Security for a Distributed File System  

Microsoft Academic Search

Cryptographic file systems typically provide security by encrypting entire files or directo- ries. This has the advantage of simplicity, but does not allow for fine-grained protection of data within very large files. This is not an issue in most general-purpose systems, but can be very important in scientific applications where some but not all of the output data is sensitive

Scott A. Banachowski; Zachary N. J. Peterson; Ethan L. Miller; Scott A. Brandt

2002-01-01

99

Unconditional security of relativistic quantum key distribution protocol  

NASA Astrophysics Data System (ADS)

Relativistic quantum key distribution (QKD) protocol is a kind of modified BB84 QKD protocol based on the principles of not only quantum mechanics but also special relativity. Its advantage compared with BB84 protocol is that all of the qubits could be used for key generation, and Alice and Bob are able to select any measuring bases. We prove its unconditional security against coherent attack via the method based on CSS codes: begin with a modified EPR based protocol which can be proved unconditionally secure, then reduce the protocol to a CSS codes based protocol. Finally, the CSS codes based protocol is demonstrated equivalent to the relativistic QKD protocol, and we arrived at the conclusion of the unconditional security of the final key.

Zhuang, Sushuai; Yang, Li

2010-11-01

100

On enabling secure applications through off-line biometric identification  

SciTech Connect

In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

1998-04-01

101

Verifiable Distributed Oblivious Transfer and Mobile Agent Security  

Microsoft Academic Search

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivious transfer\\u000a (OT) from a trusted party can be used to protect the agent’s privacy and the hosts’ privacy. In this paper, we introduce a\\u000a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party

Sheng Zhong; Yang Richard Yang

2006-01-01

102

From Bell's Theorem to Secure Quantum Key Distribution  

NASA Astrophysics Data System (ADS)

The first step in any quantum key distribution (QKD) protocol consists of sequences of measurements that produce correlated classical data. We show that these correlation data must violate some Bell inequality in order to contain distillable secrecy, if not they could be produced by quantum measurements performed on a separable state of larger dimension. We introduce a new QKD protocol and prove its security against any individual attack by an adversary only limited by the no-signaling condition.

Acín, Antonio; Gisin, Nicolas; Masanes, Lluis

2006-09-01

103

DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework  

Microsoft Academic Search

Distributed Network Protocol Version 3 (DNP3) is an open and optimized protocol developed for the Supervisory Control and\\u000a Data Acquisition (SCADA) Systems supporting the utilities industries. The DNP3 enables the Master Station to request data\\u000a from Substations using pre-defined control function commands and Substations to respond by transmitting the requested data.\\u000a DNP3 was never designed with security mechanisms in mind

Munir Majdalawieh; Francesco Parisi-Presicce; Duminda Wijesekera

104

A secure and efficient conference key distribution system  

Microsoft Academic Search

We present practical conference key distribution systems based on public keys, which authenticate the users and which are\\u000a ‘proven’ secure provided the Diffie-Hellman problem is intractable. A certain number of interactions is needed but the overall\\u000a cost is low. There is a complexity tradeoff. Depending on the network used, we either have a constant (in the number of conference\\u000a participants)

Mike Burmester; Yvo Desmedt

105

Case for avoiding security-enhanced HTTP tools to improve security for Web-based applications.  

National Technical Information Service (NTIS)

This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show ...

B. Wood

1996-01-01

106

Imaging terahertz radar for security applications  

NASA Astrophysics Data System (ADS)

Detection of concealed threats is a key issue in public security. In short range applications, passive imagers operating at millimeter wavelengths fulfill this task. However, for larger distances, they will suffer from limited spatial resolution. We will describe the design and performance of 0.8-THz imaging radar that is capable to detect concealed objects at a distance of more than 20 meter. The radar highlights the target with the built-in cw transmitter and analyses the returned signal making use of a heterodyne receiver with a single superconducting hot-electron bolometric mixer. With an integration time of 0.3 sec, the receiver distinguishes a temperature difference of 2 K at the 20 m distance. Both the transmitter and the receiver use the same modified Gregorian telescope consisting from two offset elliptic mirrors. The primary mirror defines limits the lateral resolution of the radar to 2 cm at 20 m distance. At this distance, the field of view of the radar has the diameter 0.5 m. It is sampled with a high-speed conical scanner that allows for a frame time less than 5 sec. The transmitter delivers to the target power with a density less than ten microwatt per squared centimeter, which is harmless for human beings. The radar implements a sensor fusion technique that greatly improves the ability to identify concealed objects.

Semenov, Alexei; Richter, Heiko; Böttger, Ute; Hübers, Heinz-Wilhelm

2008-05-01

107

High average current betatrons for industrial and security applications  

Microsoft Academic Search

The fixed-field alternating-gradient (FFAG) betatron has emerged as a viable alternative to RF linacs as a source of high-energy radiation for industrial and security applications. For industrial applications, high average currents at modest relativistic electron beam energies, typically in the 5 to 10 MeV range, are desired for medical product sterilization, food irradiation and materials processing. For security applications, high

S. Boucher; R. Agustsson; P. Frigola; A. Murokh; M. Ruelas; F. O'Shea; J. Rosenzweig; G. Travish

2007-01-01

108

Web application security assessment by fault injection and behavior monitoring  

Microsoft Academic Search

As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that

Yao-Wen Huang; Shih-Kun Huang; Tsung-Po Lin; Chung-Hung Tsai

2003-01-01

109

The security system analyzer: An application of the Prolog language  

Microsoft Academic Search

The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner

B. D. Zimmerman; S. E. Seeman

1986-01-01

110

Conditional Access in Mobile Systems: Securing the Application  

Microsoft Academic Search

This paper describes two protocols for the secure download of content protection software to mobile devices. The protocols apply concepts from trusted computing to demonstrate that a platform is in a sufficiently trustworthy state before any application or associated keys are securely downloaded. The protocols are designed to allow mobile devices to receive broadcast content protected by proprietary conditional access

Eimear Gallery; Allan Tomlinson

2005-01-01

111

Secure applications of RSA system in the electronic commerce  

Microsoft Academic Search

RSA is one of the best secure algorithms till now. This paper describes the encryption decryption as well as digital signature using the RSA system, discusses the secure applications of RSA in the E-Commerce as well as the rapid realization and the improvement of RSA.

Liu Dong-liang; Chen Yan-ping; Zhang Huai-ping

2010-01-01

112

Implementing a secure client/server application.  

National Technical Information Service (NTIS)

There is an increasing rise in attacks and security breaches on computer systems. Particularly vulnerable are systems that exchange user names and passwords directly across a network without encryption. These kinds of systems include many commercial-off-t...

B. A. Kissinger

1994-01-01

113

Application of models in information security management  

Microsoft Academic Search

The impact of information technology on business operations is widely recognized and its role in the emergence of new business models is well-known. In order to leverage the benefits of IT-supported business processes the security of the underlying information systems must be managed. Various so- called best-practice models and information security standards have positioned themselves as generic solutions for a

Danijel Milicevic; Matthias Goeken

2011-01-01

114

Lilith: A scalable secure tool for massively parallel distributed computing  

SciTech Connect

Changes in high performance computing have necessitated the ability to utilize and interrogate potentially many thousands of processors. The ASCI (Advanced Strategic Computing Initiative) program conducted by the United States Department of Energy, for example, envisions thousands of distinct operating systems connected by low-latency gigabit-per-second networks. In addition multiple systems of this kind will be linked via high-capacity networks with latencies as low as the speed of light will allow. Code which spans systems of this sort must be scalable; yet constructing such code whether for applications, debugging, or maintenance is an unsolved problem. Lilith is a research software platform that attempts to answer these questions with an end toward meeting these needs. Presently, Lilith exists as a test-bed, written in Java, for various spanning algorithms and security schemes. The test-bed software has, and enforces, hooks allowing implementation and testing of various security schemes.

Armstrong, R.C.; Camp, L.J.; Evensky, D.A.; Gentile, A.C.

1997-06-01

115

Neutron Detection Alternatives to 3He for National Security Applications  

SciTech Connect

One of the main uses for 3He is in gas proportional counters for neutron detection. Large radiation detection systems deployed for homeland security and proliferation detection applications use such systems. Due to the large increase in use of 3He for homeland security and basic research, the supply has dwindled, and can no longer meet the demand. This has led to the search for an alternative technology to replace the use of 3He-based neutron detectors. In this paper, we review the testing of currently commercially available alternative technologies for neutron detection in large systems used in various national security applications.

Kouzes, Richard T.; Ely, James H.; Erikson, Luke E.; Kernan, Warnick J.; Lintereur, Azaree T.; Siciliano, Edward R.; Stephens, Daniel L.; Stromswold, David C.; Van Ginhoven, Renee M.; Woodring, Mitchell L.

2010-11-21

116

75 FR 47320 - Millington Securities, Inc., et al.; Notice of Application  

Federal Register 2010, 2011, 2012, 2013

...Secretary, Securities and Exchange...o Millington Securities, Inc., 222...summary of the application. The complete application may be obtained...Commission's Web site by searching...registered under the Securities Exchange...

2010-08-05

117

SIGMA: Security For Distributed Object Interoperability Between Trusted And Untrusted Systems  

Microsoft Academic Search

The SIGMA project is researching the integration and interoperation of security technologies into distributed computing environments based on CORBA, the Common Object Request Broker Architecture. The architectural results described in the paper are focused on security technologies that allow controlled, selective exchange of object oriented services among separate distributed systems that differ in security policy, mechanisms, and assurance. A central

E. John Sebes; Terry C. Vickers Benzel

1996-01-01

118

Symbolic security analysis of ruby-on-rails web applications  

Microsoft Academic Search

Many of today's web applications are built on frameworks that include sophisticated defenses against malicious adversaries. However, mistakes in the way developers deploy those defenses could leave applications open to attack. To address this issue, we introduce Rubyx, a symbolic executor that we use to analyze Ruby-on-Rails web applications for security vulnerabilities. Rubyx specifications can easily be adapted to variety

Avik Chaudhuri; Jeffrey S. Foster

2010-01-01

119

Secure quantum key distribution with an uncharacterized source.  

PubMed

We prove the security of the Bennett-Brassard (BB84) quantum key distribution protocol for an arbitrary source whose averaged states are basis independent, a condition that is automatically satisfied if the source is suitably designed. The proof is based on the observation that, to an adversary, the key extraction process is equivalent to a measurement in the sigma(x) basis performed on a pure sigma(z)-basis eigenstate. The dependence of the achievable key length on the bit error rate is the same as that established by Shor and Preskill [Phys. Rev. Lett. 85, 441 (2000)

Koashi, Masato; Preskill, John

2003-02-01

120

Incompleteness and limit of security theory of quantum key distribution  

NASA Astrophysics Data System (ADS)

It is claimed in the many papers that a trace distance: d guarantees the universal composition security in quantum key distribution (QKD) like BB84 protocol. In this introduction paper, at first, it is explicitly explained what is the main misconception in the claim of the unconditional security for QKD theory. In general terms, the cause of the misunderstanding on the security claim is the Lemma in the paper of Renner. It suggests that the generation of the perfect random key is assured by the probability (1-d), and its failure probability is d. Thus, it concludes that the generated key provides the perfect random key sequence when the protocol is success. So the QKD provides perfect secrecy to the one time pad. This is the reason for the composition claim. However, the quantity of the trace distance (or variational distance) is not the probability for such an event. If d is not small enough, always the generated key sequence is not uniform. Now one needs the reconstruction of the evaluation of the trace distance if one wants to use it. One should first go back to the indistinguishability theory in the computational complexity based, and to clarify the meaning of the value of the variational distance. In addition, the same analysis for the information theoretic case is necessary. The recent serial papers by H.P.Yuen have given the answer on such questions. In this paper, we show more concise description of Yuen's theory, and clarify that the upper bound theories for the trace distance by Tomamichel et al and Hayashi et al are constructed by the wrong reasoning of Renner and it is unsuitable as the security analysis. Finally, we introduce a new macroscopic quantum communication to replace Q-bit QKD.

Hirota, Osamu; Murakami, Dan; Kato, Kentaro; Futami, Fumio

2012-10-01

121

7 CFR 1717.857 - Refinancing of existing secured debt-distribution and power supply borrowers.  

Code of Federal Regulations, 2010 CFR

...false Refinancing of existing secured debt-distribution and power supply borrowers. 1717.857 Section 1717...857 Refinancing of existing secured debtâdistribution and power supply borrowers. (a) Advance...

2010-01-01

122

7 CFR 1717.857 - Refinancing of existing secured debt-distribution and power supply borrowers.  

Code of Federal Regulations, 2010 CFR

...false Refinancing of existing secured debt-distribution and power supply borrowers. 1717.857 Section 1717...857 Refinancing of existing secured debtâdistribution and power supply borrowers. (a) Advance...

2009-01-01

123

A cooperative model for IS security risk management in distributed environment.  

PubMed

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively. PMID:24563626

Feng, Nan; Zheng, Chundong

2014-01-01

124

Java-based Open Platform for distributed health telematics applications.  

PubMed

Within the European HARP project, a Java-based Open Platform has been specified and implemented to support trustworthy distributed applications for health. Emphasis was put on security services for enabling both communication and application security. The Open Platform is Web-based and comprises the Client environment, Web/Application server, as well as Database and Archive servers. Servlets composed and executed according to the user's authorisation create signed XML messages. From those messages, user-role-related applets are generated. The technical details of the realisation are presented. Possible future enhancements for user-centric, adaptable services based on next-generation mobile service environments are outlined. PMID:15061527

Hoepner, Petra; Eckert, Klaus-Peter

2003-01-01

125

Proposing a hybrid-intelligent framework to secure e-government web applications  

Microsoft Academic Search

One of the essential needs to implement a successful e-Government web application is security. Web application firewalls (WAF) are the most important tool to secure web applications against the increasing number of web application attacks nowadays. WAFs work in different modes depending on the web traffic filtering approach used, such as positive security mode, negative security mode, session-based mode, or

Asaad Moosa; Eanas Muhsen Alsaffar

2008-01-01

126

On certifying mobile code for secure applications  

Microsoft Academic Search

Summary form only given. The security issues in mobile code arise from the fact that someone else's program is running on your machine often without your knowledge and approval, often without controls on its privileges, and often without knowledge for how trustworthy that program is. Several different approaches have emerged for providing some assurance against malicious behavior. Javasoft implemented a

A. K. Ghosh

1998-01-01

127

A Thin Security Layer Protocol over IP Protocol on TCP\\/IP Suite for Security Enhancement  

Microsoft Academic Search

In this paper, we proposed a security enhancement for TCP\\/IP suite. This enhancement adds three modules to TCP\\/IP. These are security policy, security control, and data security layer. Unlike IPsec, which plugs all security enforcements into IP layer, the proposed architecture distributes the proposed module into their relevant layer. The security policy belongs to application layer, and the security control

Mohammad Al-Jarrah; Abdel-Karim R. Tamimi

2006-01-01

128

Equivalence between two-qubit entanglement and secure key distribution.  

PubMed

We study the problem of secret key distillation from bipartite states in the scenario where Alice and Bob can perform measurements only at the single-copy level and classically process the obtained outcomes. Even with these limitations, secret bits can be asymptotically distilled by the honest parties from any two-qubit entangled state, under any individual attack. Our results point out a complete equivalence between two-qubit entanglement and secure key distribution: a key can be established through a one-qubit channel if and only if it allows one to distribute entanglement. These results can be generalized to a higher dimension for all those states that are one-copy distillable. PMID:14611441

Acín, Antonio; Masanes, Lluis; Gisin, Nicolas

2003-10-17

129

Application of quantum key distribution  

Microsoft Academic Search

Quantum key distribution is an innovative technique to distribute encryption keys without compromise. This paper focuses on the application of this technique to achieve reliable communication in an ever-evolving and increasingly vulnerable environment. Designers of cryptosystems have three basic objectives; designing cryptographic algorithms that adequately scramble the target data, developing strong encryption keys to lock and unlock the algorithm, and

Joseph Russell

2008-01-01

130

Consistency and Security in Mobile Real Time Distributed Database (MRTDDB): A Combinational Giant Challenge  

NASA Astrophysics Data System (ADS)

Many type of Information System are widely used in various fields. With the hasty development of computer network, Information System users care more about data sharing in networks. In traditional relational database, data consistency was controlled by consistency control mechanism when a data object is locked in a sharing mode, other transactions can only read it, but can not update it. If the traditional consistency control method has been used yet, the system's concurrency will be inadequately influenced. So there are many new necessities for the consistency control and security in MRTDDB. The problem not limited only to type of data (e.g. mobile or real-time databases). There are many aspects of data consistency problems in MRTDDB, such as inconsistency between attribute and type of data; the inconsistency of topological relations after objects has been modified. In this paper, many cases of consistency are discussed. As the mobile computing becomes well liked and the database grows with information sharing security is a big issue for researchers. Consistency and Security of data is a big challenge for researchers because when ever the data is not consistent and secure no maneuver on the data (e.g. transaction) is productive. It becomes more and more crucial when the transactions are used in non-traditional environment like Mobile, Distributed, Real Time and Multimedia databases. In this paper we raise the different aspects and analyze the available solution for consistency and security of databases. Traditional Database Security has focused primarily on creating user accounts and managing user privileges to database objects. But in the mobility and nomadic computing uses these database creating a new opportunities for research. The wide spread use of databases over the web, heterogeneous client-server architectures, application servers, and networks creates a critical need to amplify this focus. In this paper we also discuss an overview of the new and old database security challenges.

Gupta, Gyanendra Kr.; Sharma, A. K.; Swaroop, Vishnu

2010-11-01

131

Digital watermarking in telemedicine applications--towards enhanced data security and accessibility.  

PubMed

Implementing telemedical solutions has become a trend amongst the various research teams at an international level. Yet, contemporary information access and distribution technologies raise critical issues that urgently need to be addressed, especially those related to security. The paper suggests the use of watermarking in telemedical applications in order to enhance security of the transmitted sensitive medical data, familiarizes the users with a telemedical system and a watermarking module that have already been developed, and proposes an architecture that will enable the integration of the two systems, taking into account a variety of use cases and application scenarios. PMID:17946760

Giakoumaki, Aggeliki L; Perakis, Konstantinos; Tagaris, Anastassios; Koutsouris, Dimitris

2006-01-01

132

Privacy, Security and Interoperability of Mobile Health Applications  

Microsoft Academic Search

\\u000a This paper will discuss the security, privacy and interoperability of mobile health applications (MHAs) and how these issues\\u000a must be reconciled in order for MHA devices to be implemented in the most robust fashion. Balance is needed between privacy\\u000a and accessibility, between security and interoperability and between flexibility and standardization. The interoperability\\u000a of diverse MHA devices must be a goal

Josette F. Jones; Sara A. Hook; Seong C. Park; LaSha M. Scott

133

Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications  

SciTech Connect

This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

2010-05-24

134

Clilets: Web Applications with Secure Client-Side Storage  

Microsoft Academic Search

Abstract Today’s web applications require that all data be visible to the server. This is a problem in cases, such as a Web Tax service, where the user may not trust the server with the data. We present the Clilet system, a new web application system that allows sensitive data to be stored securely on the client yet still accessed

Robert Fischer

135

Securing context-aware applications using environment roles  

Microsoft Academic Search

In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and will provide access to a variety of other resources. Securing such applications is challenging for a number of reasons. Unlike

Michael J. Covington; Wende Long; Srividhya Srinivasan; Anind K. Dev; Mustaque Ahamad

2001-01-01

136

Securing a Remote Terminal Application with a Mobile Trusted Device  

Microsoft Academic Search

Many real-world applications use credentials such as passwords as means of user authentication. When accessed from untrusted public terminals, such applications are vul- nerable to credential sniffing attacks, as shown by recent highly publicized compromises (20). In this paper, we describe a secure remote terminal ap- plication that allows users possessing a trusted device to delegate their credentials for performing

Alina Oprea; Dirk Balfanz; Glenn Durfee; Diana K. Smetters

2004-01-01

137

Security Standards Perspective to Fortify Web Database Applications from Code Injection Attacks  

Microsoft Academic Search

In recent years, web application security has become the primary discussion for security experts, as application attacks are constantly on rise and posing new risks for organizations. Several trends have emerged lately in the attacks launched against Web application. The implementation of International security standard is to minimize the security failures and to mitigate their consequences. The aim of this

Sushila Madan; Supriya Madan

2010-01-01

138

Applying security algorithms against cyber attacks in the distribution automation system  

Microsoft Academic Search

As the communication technology weighs heavily in the power system, so the security issues becomes major concerns. So far most security research has focused on the SCADA system. In this paper we consider the security problems in the network environment of the distribution automation system (DAS) which is much different from the SCADA system. First we analyze the types of

I. H. Lim; S. Hong; M. S. Choi; S. J. Lee; B. N. Ha

2008-01-01

139

Social applications: exploring a more secure framework  

Microsoft Academic Search

Online social network sites, such as MySpace, Facebook and others have grown rapidly, with hundreds of millions of active users. A new feature on many sites is social applications - applications and services written by third party developers that provide additional functionality linked to a user's profile. However, current application platforms put users at risk by permitting the disclosure of

Andrew Besmer; Heather Richter Lipford; Mohamed Shehab; Gorrell Cheek

2009-01-01

140

Systems architecture for distributed applications  

NASA Technical Reports Server (NTRS)

This paper describes the kernel of a distributed operating system called ADAPT. The system runs on top of existing single host operating systems that are networked together. It's purpose is to transform this network of individual systems into a single system that will be easier for application programmers to use. This single system need not be monolithic; ADAPT facilitates the construction of both integrated and modular distributed systems.

Peebles, R.

1980-01-01

141

A secure distributed logistic regression protocol for the detection of rare adverse drug events  

PubMed Central

Background There is limited capacity to assess the comparative risks of medications after they enter the market. For rare adverse events, the pooling of data from multiple sources is necessary to have the power and sufficient population heterogeneity to detect differences in safety and effectiveness in genetic, ethnic and clinically defined subpopulations. However, combining datasets from different data custodians or jurisdictions to perform an analysis on the pooled data creates significant privacy concerns that would need to be addressed. Existing protocols for addressing these concerns can result in reduced analysis accuracy and can allow sensitive information to leak. Objective To develop a secure distributed multi-party computation protocol for logistic regression that provides strong privacy guarantees. Methods We developed a secure distributed logistic regression protocol using a single analysis center with multiple sites providing data. A theoretical security analysis demonstrates that the protocol is robust to plausible collusion attacks and does not allow the parties to gain new information from the data that are exchanged among them. The computational performance and accuracy of the protocol were evaluated on simulated datasets. Results The computational performance scales linearly as the dataset sizes increase. The addition of sites results in an exponential growth in computation time. However, for up to five sites, the time is still short and would not affect practical applications. The model parameters are the same as the results on pooled raw data analyzed in SAS, demonstrating high model accuracy. Conclusion The proposed protocol and prototype system would allow the development of logistic regression models in a secure manner without requiring the sharing of personal health information. This can alleviate one of the key barriers to the establishment of large-scale post-marketing surveillance programs. We extended the secure protocol to account for correlations among patients within sites through generalized estimating equations, and to accommodate other link functions by extending it to generalized linear models.

El Emam, Khaled; Samet, Saeed; Arbuckle, Luk; Tamblyn, Robyn; Earle, Craig; Kantarcioglu, Murat

2013-01-01

142

Simple proof of security of the BB84 quantum key distribution protocol  

PubMed

We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be proven secure using methods from Lo and Chau's proof of security for a similar protocol. We then show that the security of this protocol implies the security of BB84. The entanglement purification based protocol uses Calderbank-Shor-Steane codes, and properties of these codes are used to remove the use of quantum computation from the Lo-Chau protocol. PMID:10991303

Shor; Preskill

2000-07-10

143

Blue versus Red: Towards a Model of Distributed Security Attacks  

NASA Astrophysics Data System (ADS)

We develop a two-sided multiplayer model of security in which attackers aim to deny service and defenders strategize to secure their assets. Attackers benefit from the successful compromise of target systems, however, may suffer penalties for increased attack activities. Defenders weigh the force of an attack against the cost of security. We consider security decision-making in tightly and loosely coupled networks and allow defense expenditures in protection and self-insurance technologies.

Fultz, Neal; Grossklags, Jens

144

Software and CyberSecurity: Attack Resistant Secure Software Development Survivable Distributed Communication Services (DCS)  

Microsoft Academic Search

Messaging is a critical prerequisite for the scalability, dependability, and reliability of distributed services. A scalable messaging platform accommodates multiple diverse clients and adapts seamlessly within a heterogeneous environment. A reliable and dependable messaging scheme also offers a specific level of guarantee for the delivery of messages to legitimate services. Application services rely on message transport intermediaries to preserve loosely

N. J. Fuller; G. Simco

2008-01-01

145

System for efficient and secure distribution of medical images on the Internet.  

PubMed

Because of the high compressibility of the medical images, data compression is desirable for digital storage despite the availability of inexpensive hardware for mass storage. A progressive transmission algorithm with automatic security filtering features for on-line medical image distribution using Daubechies' wavelets has been developed and is discussed in this paper. The system is practical for real-world applications, processing and coding each 12-bit image of size 512 x 512 within 2 seconds on a Pentium Pro. Besides its exceptional speed, the security filter has demonstrated a remarkable accuracy in detecting sensitive textual information within current or digitized previous medical images. The algorithm is of linear run time. PMID:9929350

Wang, J Z; Wiederhold, G

1998-01-01

146

Web Application Security through Gene Expression Programming  

Microsoft Academic Search

In the paper we present a novel approach based on applying a modern metaheuristic Gene Expression Programming (GEP) to detecting\\u000a web application attacks. This class of attacks relates to malicious activity of an intruder against applications, which use\\u000a a database for storing data. The application uses SQL to retrieve data from the database and web server mechanisms to put\\u000a them

Jaroslaw Skaruz; Franciszek Seredynski

2009-01-01

147

Part III: AFS - A Secure Distributed File System  

SciTech Connect

AFS is a secure distributed global file system providing location independence, scalability and transparent migration capabilities for data. AFS works across a multitude of Unix and non-Unix operating systems and is used at many large sites in production for many years. AFS still provides unique features that are not available with other distributed file systems even though AFS is almost 20 years old. This age might make it less appealing to some but with IBM making AFS available as open-source in 2000, new interest in use and development was sparked. When talking about AFS, people often mention other file systems as potential alternatives. Coda (http://www.coda.cs.cmu.edu/) with its disconnected mode will always be a research project and never have production quality. Intermezzo (http://www.inter-mezzo.org/) is now in the Linux kernel but not available for any other operating systems. NFSv4 (http://www.nfsv4.org/) which picked up many ideas from AFS and Coda is not mature enough yet to be used in serious production mode. This article presents the rich features of AFS and invites readers to play with it.

Wachsmann, A.; /SLAC

2005-06-29

148

SECURITY PATTERNS AND SECURITY STANDARDS  

Microsoft Academic Search

Security should be a mandatory feature of any distributed business application. Nevertheless we can observe that we are far away from an acceptable security level: the same errors are made over and over again. Typical examples are buffer overflows or default passwords. Whereas there are mechanical aids to detect cod-ing errors, there is no such a thing for design errors,

Markus Schumacher

2003-01-01

149

A Secure Key Distribution System of Quantum Cryptography Based on the Coherent State  

NASA Technical Reports Server (NTRS)

The cryptographic communication has a lot of important applications, particularly in the magnificent prospects of private communication. As one knows, the security of cryptographic channel depends crucially on the secrecy of the key. The Vernam cipher is the only cipher system which has guaranteed security. In that system the key must be as long as the message and most be used only once. Quantum cryptography is a method whereby key secrecy can be guaranteed by a physical law. So it is impossible, even in principle, to eavesdrop on such channels. Quantum cryptography has been developed in recent years. Up to now, many schemes of quantum cryptography have been proposed. Now one of the main problems in this field is how to increase transmission distance. In order to use quantum nature of light, up to now proposed schemes all use very dim light pulses. The average photon number is about 0.1. Because of the loss of the optical fiber, it is difficult for the quantum cryptography based on one photon level or on dim light to realize quantum key-distribution over long distance. A quantum key distribution based on coherent state is introduced in this paper. Here we discuss the feasibility and security of this scheme.

Guo, Guang-Can; Zhang, Xiao-Yu

1996-01-01

150

A knowledge-based approach to security requirements for e-health applications  

Microsoft Academic Search

This paper introduces a knowledge-based approach for the security analysis and design of e- health applications. Following this approach, knowledge acquired through the process of developing secure e-health applications is represented in the form of security patterns; thus, it is made available to future developers. In this paper we present a set of security patterns that was developed based on

S. Dritsas; L. Gymnopoulos; M. Karyda; T. Balopoulos; S. Kokolakis; C. Lambrinoudakis; S. Katsikas

151

Application of COBIT to Security Management in Information Systems Development  

Microsoft Academic Search

COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline

Shoichi Morimoto

2009-01-01

152

Feature Extraction System for Contextual Classification within Security Imaging Applications  

Microsoft Academic Search

Throughout security imaging applications, there is a persistent need for accurate contextual classification of objects within the scene so proper subsequent decisions can be made. To generate a set of scene attributes necessary for this analysis, this paper presents a novel feature extraction system composed of three divisions: an edge detection system, a segmentation system, and a recognition system. System

E. E. Danahy; K. A. Panetta; S. S. Agaian

2007-01-01

153

Integrating web application security into the IT curriculum  

Microsoft Academic Search

Attackers are increasingly targeting web applications. Buffer overflows had been the most common vulnerability type since CERT began collecting statistics, but web applica- tion vulnerabilities like cross-site scripting have dominated vulnerability reports since 2005. Despite billions of dol- lars spent on network security, the amount lost to computer crime, much of it the result of the insecurity of web applica-

James Walden

2008-01-01

154

Defining a Set of Common Benchmarks for Web Application Security  

Microsoft Academic Search

A recent explosion in the number of security vulnerabilities being discovered every day motivated a great deal of interest in tools that attempt to address this problem. While buffer overruns have been plaguing C programs for years, application-level vul- nerabilities such as SQL injections, cross-site scripting, and path traversal attacks have become increasingly common in the last year. Looking at

Benjamin Livshits

155

Research Directions in Web Site Evolution II: Web Application Security  

Microsoft Academic Search

The growth of inexpensive bandwidth and the maturation of Web development technology have enabled a significant adoption of Web-based applications for interactions between customers and business, between businesses, and between citizens and institutions. However, those same improvements in bandwidth and corresponding rise in Web system complexity has also been of use to those with malicious intent. Thus Web security (the

Porfirio Tramontana; T. Dean; S. Tilley

2007-01-01

156

Custom electronic nose with potential homeland security applications  

Microsoft Academic Search

Detailed in this work is the design and development of a handheld electronic nose nose with an array of conducting polymer composite film sensors interfaced to a Compaq iPAQ. The device has potential applications in homeland security, such as screening people packages, luggage and vehicles at key locations such as airports or government buildings, for the prevention of terrorist attacks.

K. I. Arshak; C. Cunniffe; E. G. Moore; L. M. Cavanagh

2006-01-01

157

Privacy and security in biomedical applications of wireless sensor networks  

Microsoft Academic Search

Wireless sensor network applications in healthcare and biomedical technology have received increasing attention, while associated security and privacy issues remain open areas of consideration. The relevance of this technology to our growing elderly population, as well as our increasingly over-crowded and attention-drained healthcare systems, is promising. However, prior to the emergence of these systems as a ubiquitous technology, healthcare providers

Ellen Stuart; Melody Moh; Teng-Sheng Moh

2008-01-01

158

Microholographic computer generated holograms for security applications: Microtags.  

National Technical Information Service (NTIS)

We have developed a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. Eight-by-eight-cell and 12 x 12-cell phase-only and phase-and-amplitude microtag designs has been exposed in pho...

W. C. Sweatt M. E. Warren S. H. Kravitz

1998-01-01

159

Wireless structural monitoring for homeland security applications  

NASA Astrophysics Data System (ADS)

This paper addresses the development of a robust, low-cost, low power, and high performance autonomous wireless monitoring system for civil assets such as large facilities, new construction, bridges, dams, commercial buildings, etc. The role of the system is to identify the onset, development, location and severity of structural vulnerability and damage. The proposed system represents an enabling infrastructure for addressing structural vulnerabilities specifically associated with homeland security. The system concept is based on dense networks of "intelligent" wireless sensing units. The fundamental properties of a wireless sensing unit include: (a) interfaces to multiple sensors for measuring structural and environmental data (such as acceleration, displacements, pressure, strain, material degradation, temperature, gas agents, biological agents, humidity, corrosion, etc.); (b) processing of sensor data with embedded algorithms for assessing damage and environmental conditions; (c) peer-to-peer wireless communications for information exchange among units(thus enabling joint "intelligent" processing coordination) and storage of data and processed information in servers for information fusion; (d) ultra low power operation; (e) cost-effectiveness and compact size through the use of low-cost small-size off-the-shelf components. An integral component of the overall system concept is a decision support environment for interpretation and dissemination of information to various decision makers.

Kiremidjian, Garo K.; Kiremidjian, Anne S.; Lynch, Jerome P.

2004-07-01

160

A new type of security and safety architecture for distributed system: models and implementation  

Microsoft Academic Search

Security and safety problems are two of the main factors that hinder the development and practicality of distributed system. They are not only very important, but also closely related. But at present most of the researches only focuses on the aspect of security. However, with the massive use of software and the change of fault models, the distributed system is

Li Zhongwen; Qiu Zhongpan

2004-01-01

161

A technology acquisition strategy for the security of water distribution networks  

Microsoft Academic Search

This slide presentation outlines information on a technology acquisition strategy for the security of water distribution networks. The Department of Homeland Security (DHS) has tasked a multi-laboratory team to evaluate current and future needs to protect the nation's water distribution infrastructure by supporting an objective evaluation of current and new technologies. The primary deliverables from this Operational Technology Demonstration (OTD)

Wayne Einfeld; Adam Love; Maureen Alai; Lee G. Glascoe

2005-01-01

162

Web Application Security—Past, Present, and Future  

Microsoft Academic Search

Web application security remains a major roadblock to universal acceptance of the Web for many kinds of online transactions,\\u000a especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application\\u000a bugs. In software engineering, software testing is an established and well-researched process for improving software quality.\\u000a Recently, formal verification tools have also shown success in

Yao-Wen Huang; D. T. Lee

163

Nanomaterials and their application to defense and homeland security  

NASA Astrophysics Data System (ADS)

A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection. This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory to develop nanostructured materials for applications to forensics and homeland security. Among the many types of nanomaterials reviewed are silica-based materials, molecular imprinted polymers, and silicon platforms. The main aim of the article is to optimize these new classes of materials for the collection concentration and detection of chemical weapons or other related compounds.

Reynolds, John G.; Hart, Bradley R.

2004-01-01

164

Millimeter-Wave and Terahertz Imaging in Security Applications  

NASA Astrophysics Data System (ADS)

The relatively short wavelength of mm-wave and THz radiation coupled with good transmission through many dielectric materials allows images to be formed of concealed objects. This chapter gives an overview of the detectors, their associated circuitry, and system developments over the past 10 years, focussing on personnel security screening. We will discuss the phenomenology of imaging at these wavelengths, introduce the reader to the basic architectures being used and developed for image forming instruments, show examples of systems, and also discuss the feasibility of spectroscopic THz imaging for security screening applications.

Luukanen, Arttu; Appleby, Roger; Kemp, Mike; Salmon, Neil

165

Telepresence mobile robot for security applications  

Microsoft Academic Search

A mobile telepresence robot is currently being developed for use in surveillance and fire-detection applications that will be integrated into the present intelligent building system. The authors discuss the design, construction, and man-machine interface of the mobile telepresence robot. This system will allow the building operator to patrol remote areas from the safety and comfort of the building's control center.

Robert J. Schultz; Ryoji Nakajima; Junji Nomura

1991-01-01

166

Secure Online Examination Architecture Based on Distributed Firewall  

Microsoft Academic Search

Online (Web-based) examination is an effective solution for mass education evaluation. However, due to the incomplete of network security, students can communicate with each other, and we can't prevent the cheating. Therefore, keeping the security of a online examination has become an important issue. This paper focuses on how to implement a secure environment for online-examination in the general academic

Chi-chien Pan; Kai-hsiang Yang; Tzao-lin Lee

2004-01-01

167

Noble Gas Excimer Detectors for Security and Safeguards Applications  

NASA Astrophysics Data System (ADS)

Noble gas excimer detectors are a technology that is common in particle physics research and less common in applications for security and international safeguards. These detectors offer the capability to detect gammas with an energy resolution similar to NaI and to detect neutrons with good energy resolution as well. Depending on the noble gas selected and whether or not it is in a gaseous or liquid state, the sensitivity to gammas and neutrons can be tuned according to the needs of the application. All of this flexibility can be available at a significant cost saving over alternative technologies. This paper will review this detector technology and its applicability to security and safeguards.

Hynes, Michael V.; Chandra, Rico; Davatz, Giovanna; Lanza, Richard

2011-12-01

168

A strategy for the development of secure telemedicine applications.  

PubMed Central

Healthcare applications based on computer-supported collaboration technologies have the potential to improve the quality of care delivered to patients. Such applications can help overcome barriers to quality healthcare in the small, scattered populations of rural areas enabling telemedicine to be a part of the practice of medicine. However the growing concern about the potential for abuse through disclosure of personal health information to unauthorized parties has restricted the deployment and adoption of these potentially valuable tools. The authors, who built ARTEMIS--an Intranet healthcare collaboration facility, now describe their approach to develop secure telemedicine applications for rural healthcare practitioners.

Raman, R. S.; Reddy, R.; Jagannathan, V.; Reddy, S.; Cleetus, K. J.; Srinivas, K.

1997-01-01

169

37 CFR 5.1 - Applications and correspondence involving national security.  

Code of Federal Regulations, 2013 CFR

...AND LICENSES TO EXPORT AND FILE APPLICATIONS IN FOREIGN COUNTRIES...that are national security classified (see § 1.9(i) of this chapter...Office. National security classified documents filed in the Office...applicant in a national security classified patent application must...

2013-07-01

170

Security of differential-phase-shift quantum key distribution against individual attacks  

NASA Astrophysics Data System (ADS)

We derive a proof of security for the differential-phase-shift quantum key distribution protocol under the assumption that Eve is restricted to individual attacks. The security proof is derived by bounding the average collision probability, which leads directly to a bound on Eve’s mutual information on the final key. The security proof applies to realistic sources based on pulsed coherent light. We then compare individual attacks to sequential attacks and show that individual attacks are more powerful.

Waks, Edo; Takesue, Hiroki; Yamamoto, Yoshihisa

2006-01-01

171

Semantic information assurance for secure distributed knowledge management: a business process perspective  

Microsoft Academic Search

Secure knowledge management for eBusiness processes that span multiple organizations requires intraorganizational and interorganizational perspectives on security and access control issues. There is paucity in research on information assurance of distributed interorganizational eBusiness processes from a business process perspective. This paper presents a framework for secure semantic eBusiness processes integrating three streams of research, namely: 1) eBusiness processes; 2) information

Rahul Singh; Al Farooq Salam

2006-01-01

172

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications  

NASA Astrophysics Data System (ADS)

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

173

NEUTRON AND GAMMA RAY DETECTION FOR BORDER SECURITY APPLICATIONS  

SciTech Connect

Countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments in the U.S. and in a number of other countries by governments and international organizations. Most deployed radiation portal monitor systems are based on plastic scintillator for gamma-ray detection and 3He tubes for neutron detection. The approach to this homeland security application, and lessons learned, are discussed.

Kouzes, Richard T.

2010-05-21

174

Nanomaterials and their application to defense and homeland security  

Microsoft Academic Search

A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of\\u000a mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection.\\u000a This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory\\u000a to develop nanostructured materials for applications

John G. Reynolds; Bradley R. Hart

2004-01-01

175

Improving Security in the Fiber Distributed Data Interface (FDDI) Protocol.  

National Technical Information Service (NTIS)

The arrival of high speed packet switched fiber optic LANs has allowed local area design architectures to be used for larger metropolitan area network (MAN) implementations. The current LAN security mechanisms used in larger and faster fiber optic LANs an...

B. E. Jones

1992-01-01

176

Open, flexible and portable secure web-based health applications.  

PubMed

This paper presents a totally generic client-server model for accessing legacy and new databases according to the three tier architecture principles. It is based on an integrated environment that eases the dynamic creation and instantiation of secure web applications that access multiple database management systems. Emphasis is placed on the ability to query almost any type of relational database and queries can simultaneously address a multitude of data sources. The information is collected, assembled and presented to users depending on a possible set of user profiles. These profiles originate from work on securing the conduct of clinical studies. This has been achieved in the context of the EU funded project HARP (Harmonisation for the Security of Web Technologies and Applications). The generic character of the model is exploited through an accompanying set of development tools. This permits efficient and effective creation and maintenance of applications in several domains of health telematics and beyond. Main merit is the lightweight character of the resulting platform, whereby all necessary instantiations are accomplished through a set of related XML documents. PMID:15061523

Vlachos, Michael; Stassinopoulos, George

2003-01-01

177

Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology  

Microsoft Academic Search

\\u000a There is a need for improved security testing methodologies specialized for Web applications and their agile development environment.\\u000a The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority.\\u000a In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security\\u000a testing, and then present

Gencer Erdogan; Per Håkon Meland; Derek Mathieson

2010-01-01

178

A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems  

Microsoft Academic Search

As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade

Xinyi Huang; Yang Xiang; Ashley Chonka; Jianying Zhou; DENG Huijie Robert

2011-01-01

179

The security system analyzer: An application of the Prolog language  

SciTech Connect

The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs.

Zimmerman, B.D.; Seeman, S.E.

1986-02-20

180

Distributed virtual computers (DVC): simplifying the development of high performance Grid applications  

Microsoft Academic Search

Distributed Virtual Computer (DVC) is a computing environment which simplifies the development and execution of distributed applications on computational grids. DVC provides a simple set of abstractions to simplify application management of naming, security, communication, and resource, easing use of highly dynamic and heterogeneous resource environments. These abstractions enable complex collections of grid resources to be used in a fashion

Nut Taesombut; Andrew A. Chien

2004-01-01

181

Testing tool for distributed Java applications  

Microsoft Academic Search

Issues involved in testing large distributed applications employing distributed object technologies are discussed. A testing tool, RiOT, that addresses these issues are described. RiOT can be used for testing distributed Java applications that use Java RMI, Jini, or Jiro technologies. It relies on the availability of the interface descriptions of the objects and services provided in the application. This information

Sudipto Ghosh; Nishant Bawa; Gerald Craig; Ketaki Kalgaonkar

2001-01-01

182

ADDE: Application Development for the Distributed Enterprise.  

ERIC Educational Resources Information Center

Describes the Application Development for the Distributed Enterprise (ADDE) project, a methodological set that supports the design of distributed business processes and information and communication technologies. Discusses principles behind ADDE, guidance on definition and planning of application development, guidance on distributed application

Franckson, Marcel; Hall, John; Helmerich, Alfred; Canadas, Rafael; Dehn, Martin

1998-01-01

183

Some physics and system issues in the security analysis of quantum key distribution protocols  

NASA Astrophysics Data System (ADS)

In this paper, we review a number of issues on the security of quantum key distribution (QKD) protocols that bear directly on the relevant physics or mathematical representation of the QKD cryptosystem. It is shown that the cryptosystem representation itself may miss out many possible attacks, which are not accounted for in the security analysis and proofs. Hence, the final security claims drawn from such analysis are not reliable, apart from foundational issues about the security criteria that are discussed elsewhere. The cases of continuous-variable QKD and multi-photon sources are elaborated upon.

Yuen, Horace P.

2014-06-01

184

Secure multi-party communication with quantum key distribution managed by trusted authority  

DOEpatents

Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

Nordholt, Jane Elizabeth; Hughes, Richard John; Peterson, Charles Glen

2013-07-09

185

Terahertz wave opto-mechanical scanner for security application  

NASA Astrophysics Data System (ADS)

This paper describes a new opto-mechanical scanner that is hopeful for terahertz imaging in security applications. The target of using this scanner is portal screening of personnel for high-resolution imaging of concealed threat objects. It is not only applied to active terahertz imaging but also applied to passive Terahertz imaging. Terahertz wave can penetrate many materials that are opaque to visible and infrared light, such as plastics, cardboard, textiles and so on. So the terahertz imaging technology has a potential to be applicable in security inspection at airports, stations and other public place. Now, the most terahertz imaging system works at point to point mechanical scan pattern. The speed of this raster scan is too slow to apply in practical field. 2-D terahertz array detector can be applied to real time imaging. But at present their cost is prohibitively high. Fortunately low cost, high performance, opto-mechanically scanner is able to meet the current requirements. An opto-mechanical scanner should be able to rapidly scan a 2-D image of the scene. It also should have high optical efficiency so that an image system can achieve the required thermal sensitivity with the minimum number of receivers. These ensure that it can easily operate at any wavelength, and be active or passive. The opto-mechanically scanning can meets these requirements and is being developed into a high performance, low-cost prototype system that will meet the future needs for terahertz security.

Deng, Chao; Zheng, Yongju; Zhang, Cunlin

2010-11-01

186

Security Applications of Diodes with Unique Current-Voltage Characteristics  

NASA Astrophysics Data System (ADS)

Diodes are among the most simple and inexpensive electric components. In this paper, we investigate how random diodes with irregular I(U) curves can be employed for crypto and security purposes. We show that such diodes can be used to build Strong Physical Unclonable Functions (PUFs), Certificates of Authenticity (COAs), and Physically Obfuscated Keys (POKs), making them a broadly usable security tool. We detail how such diodes can be produced by an efficient and inexpensive method known as ALILE process. Furthermore, we present measurement data from real systems and discuss prototypical implementations. This includes the generation of helper data as well as efficient signature generation by elliptic curves and 2D barcode generation for the application of the diodes as COAs.

Rührmair, Ulrich; Jaeger, Christian; Hilgers, Christian; Algasinger, Michael; Csaba, György; Stutzmann, Martin

187

Secure Collaborative and Distributed Services in the Java Card Grid Platform  

Microsoft Academic Search

Ensuring the security of services in a distributed system requires the collaboration of all the elements involved in providing this service. In this paper we present how the security of collaborative distributed services is ensured in the Java CardTM1 Grid project carried out at LaBRI, Laboratoire Bordelais de Recherche en Informatique. The aim of this project is to build a

Serge Chaumette; Achraf Karray; Damien Sauveron

2006-01-01

188

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs  

NASA Technical Reports Server (NTRS)

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

Ivancic, William D.

2007-01-01

189

Secure Message Distribution Scheme with Configurable Privacy in Heterogeneous Wireless Sensor Networks  

NASA Astrophysics Data System (ADS)

Security and privacy of wireless sensor networks are key research issues recently. Most existing researches regarding wireless sensor networks security consider homogenous sensor networks. To achieve better security and performance, we adopt a heterogeneous wireless sensor network (HWSN) model that consists of physically different types of sensor nodes. This paper presents a secure message distribution scheme with configurable privacy for HWSNs, which takes advantage of powerful high-end sensor nodes. The scheme establishes a message distribution topology in an efficient and secure manner. The sensor node only need generate one signature for all the messages for all the users, which can greatly save the communication and computation cost of the sensor node. On the other hand, the user can only know the messages that let him know based on a pre-set policy, which can meet the requirement of the privacy. We show that the scheme has small bandwidth requirements and it is resilient against the node compromise attack.

Li, Yahui; Ma, Jianfeng; Moon, Sangjae

190

Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography  

NASA Astrophysics Data System (ADS)

With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP and with the use of Anonymizers we have covered the identity of true source of data. Modifier tokens are generated along encryption of data which are distributed among virtual parties, then sent to TTP and finally used in the computation. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have also given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved.

Pathak, Rohit; Joshi, Satyadhar

191

Secure Semantic Service Oriented Information Grid for Cyber Physical System and Applications  

Microsoft Academic Search

This paper describes our approach to designing a secure information grid for cyber physical systems and applications. We discuss access control and accountability for such semantic grid as well as secure infrastructure and storage issues.

Bhavani Thuraisingham; Sajal Das; Yonghe Liu; Elisa Bertino; Lorenzo Martino

192

Efficient Security Mechanisms for the Distributed Wireless Sensor Networks  

Microsoft Academic Search

In this paper, a secure data communication environment for the three-tiered wireless sensor networks (WSNs) that continues to operate correctly in a hostile medium is proposed. Considering the energy and hardware constraints of the sensor nodes, the low complex data confidential and authentication algorithms are proposed. Performance analysis of our protocol shows that it satisfies the energy and hardware limitations

Prasan Kumar Sahoo; Jonathan Jen-rong Chen; Ping-tai Sun

2005-01-01

193

Scalable secure multicasting with distributed key management from pairings  

Microsoft Academic Search

Multicast communication is an efficient way to send data to a group of participants and its security issue has received a great deal of attention. As members can join or leave a multicast group dynamically, to guarantee confidentiality, it has to have a dynamic key management mechanism. In this paper, we apply the pairings on elliptic curve and propose an

Shyi-Tsong Wu; Jung-Hui Chiu; Bin-Chang Chieu

2005-01-01

194

The Role of Trust Management in Distributed Systems Security  

Microsoft Academic Search

. Existing authorization mechanisms fail to provide powerfuland robust tools for handling security at the scale necessary for today'sInternet. These mechanisms are coming under increasing strain from thedevelopment and deployment of systems that increase the programmabilityof the Internet. Moreover, this "increased flexibility through programmability" trend seems to be accelerating with the advent of proposalssuch as Active Networking and Mobile Agents.The

Matt Blaze; Joan Feigenbaum; Angelos D. Keromytis

1999-01-01

195

The Role of Trust Management in Distributed Systems Security  

Microsoft Academic Search

Existing authorization mechanisms fail to provide powerful and robust tools for handling security at the scale necessary for today's Internet. These mechanisms are coming under increasing strain from the development and deployment of systems that increase the programma- bility of the Internet. Moreover, this \\

Matt Blaze; Joan Feigenbaum; John Ioannidis; Angelos D. Keromytis

1998-01-01

196

78 FR 79298 - Securities Exempted; Distribution of Shares by Registered Open-End Management Investment Company...  

Federal Register 2010, 2011, 2012, 2013

...by Registered Open- End Management Investment Company; Applications Regarding...Rulemaking Office, Division of Investment Management, U.S. Securities and...by registered open-end management investment company. * * * * *...

2013-12-30

197

Boosting-based Distributed and Adaptive Security-Monitoring through Agent Collaboration  

SciTech Connect

Within agent systems, two entities, namely hosts and agents, subsist and require protection against potential malicious acts. The use of such agent systems to support the development of practical applications is limited primarily by the risks to which hosts in the system are subject to. This article introduces a distributed and adaptive security-monitoring framework to decrease such potential threats. The proposed framework is based on a modified version of the popular Boosting algorithm to classify malicious agents based on their execution patterns on current and prior hosts. Having implemented the framework for the Aglet platform, we herein present the results of our experiments showcasing the detection of agent entities in the system with intention deviating from that of their well-behaved counterparts.

Jean, Evens [Pennsylvania State University] [Pennsylvania State University; Jiao, Yu [ORNL] [ORNL; Hurson, Ali R. [Pennsylvania State University] [Pennsylvania State University; Potok, Thomas E [ORNL] [ORNL

2007-01-01

198

Using Science Driven Technologies for the Defense and Security Applications  

NASA Technical Reports Server (NTRS)

For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

2004-01-01

199

Secure Communication Application of Josephson Tetrode in THz Region  

NASA Astrophysics Data System (ADS)

We numerically demonstrate the generation of chaos in a four-terminal superconductive device made of five Jospehson weak-link junctions, Josephson Tetrode. We calculate the dynamics of electrical voltages across the junctions when one of the normal resistances in varied. We confirm the generation of chaos by using temporal waveforms, three-dimensional attractors and Lyapunov exponent of chaotic attractor. We numerically investigated the threshold voltage dependence and sampling time dependence of random bits. Jospehson Tetrode is a promising superconductive device applicable to secure communication in THz region.

Sahri, Nurliyana Bte Mohd; Yoshimori, Shigeru

200

Image fusion technology for security and surveillance applications  

NASA Astrophysics Data System (ADS)

Image fusion technology offers a range of potential benefits to the security and surveillance community, including increased situational awareness and enhanced detection capabilities. This paper reports on how image fusion technology is being adapted from the military arena (in which it is generally found today) to provide a new and powerful asset in the fight against crime and terrorism. The combination of detection and tracking processing with image fusion is discussed and assessed. Finally, a number of specific examples are presented which include land, air, and sea applications.

Riley, Tom; Smith, Moira

2006-10-01

201

COCA: A Secure Distributed On-line Certification Authority  

Microsoft Academic Search

Abstract COCA is a fault-tolerant and secure on-line certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA’s protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only inter- mittent reliability; and with 3t

Lidong Zhou; Fred B. Schneider; Robbert van Renesse

2000-01-01

202

Enabling secure, distributed collaborations for adrenal tumor research.  

PubMed

Many e-Health strategies rely on the secure integration of datasets that have previously resided in isolated locations, but can now in principle be accessed over the Internet. Of paramount importance in the health domain is the need for the security and privacy of data that is transmitted across these networks. One such collaboration, which spans several specialist centres across France, Germany, Italy and the UK, is ENSAT - the European Network for the Study of Adrenal Tumors. The rarity of the tumors under study means the value of accessing, aggregating and comparing data from many centres is great indeed. However this is especially challenging given that ENSAT require clinical and genomic data to be seamlessly linked, but in such a way that the information governance, ethics and privacy concerns of the patients and associated stakeholders involved are visibly satisfied. Key to this is the clear separation of clinical and genomic data sets and support for rigorous patient-identity protecting access control. This is especially challenging when such data sets exist across different organisational boundaries. In this paper we describe a prototype solution offering a security-oriented tailored portal supported by a layered encryption-driven linkage technology (VANGUARD) that offers precisely such patient-privacy protecting capabilities. We describe the architecture, implementation and use to date of this facility to support the ENSAT adrenal cancer research network. PMID:20543447

Stell, Anthony; Sinnott, Richard; Jiang, Jipu

2010-01-01

203

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

SciTech Connect

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20

204

Application of infrared imaging systems to maritime security  

NASA Astrophysics Data System (ADS)

Enhancing maritime security through video based systems is a very challenging task, not only due to the different scales of vessels to be monitored, but also due to the constantly changing background and environmental conditions. Yet video systems operating in the visible part of the electromagnetic spectrum have established themselves as one of the most crucial tools in maritime security. However, certain inherent limitations such as requirements of proper scene illumination and failure under low visibility weather conditions like fog could be overcome utilizing different spectral regions. Thermal imaging systems present themselves as a good alternative in maritime security. They could overcome these problems and allow for additional detection of local variation of water temperature, yet have been rarely used efficiently in maritime environment evaluated. Here we present a first order study of the advantage of using long-wavelength infrared (LWIR) imaging for diver detection. Within these tasks we study the reasons and effects of bubbles on water surface in laboratory IR imaging study and have determined the changes in infrared emissivity and reflectivity due to the corresponding surface manifestation. This was compared and used to analyze experiments in the Hudson Estuary to the real-world applicability of infrared technology in maritime security application. Utilizing a LWIR camera, we limit ourselves on the detection of the scuba diver as well as the determination of its depth---information normally not obtainable in very low visibility water like the Hudson River. For this purpose we observed the thermal surface signature of the diver and obtained and analyzed its temporal behavior with respect to area, perimeter and infrared brightness. Additional qualitative and quantitative analyses of the area and perimeter growth show different behaviors with more or less pronounced correlation to the diver's depth---yet clearly showing a trend allowing for estimation of the diver's depth based on the IR surface manifestation. To reduce the impact of measurement and data processing errors in this natural very noisy environment, a computer based analysis process was developed and optimized for this very specific application. Based on its assessment previous contradictions in the bubble growth could be resolved.

Zeng, Debing

205

Semi-device-independent security of one-way quantum key distribution  

NASA Astrophysics Data System (ADS)

By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being “device-independent.” Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are noncharacterized, but the dimensionality of the quantum systems used in the protocol is assumed to be bounded. Our security proof relies on the analogies between one-way QKD, dimension witnesses, and random-access codes.

Paw?owski, Marcin; Brunner, Nicolas

2011-07-01

206

Security applications of a remote electric-field sensor technology  

NASA Astrophysics Data System (ADS)

A new generation of electric field sensors developed at the University of Sussex is enabling an alternative to contact voltage and non-contact magnetic field measurements. We have demonstrated the capability of this technology in a number of areas including ECG through clothing, remote off-body ECG, through wall movement sensing and electric field imaging. Clearly, there are many applications for a generic sensor technology with this capability, including long term vital sign monitoring. The non-invasive nature of the measurement also makes these sensors ideal for man/machine and human/robot interfacing. In addition, there are obvious security and biometric possibilities since we can obtain physiological data remotely, without the knowledge of the subject. This is a clear advantage if such systems are to be used for evaluating the psychological state of a subject. In this paper we report the results obtained with a new version of the sensor which is capable of acquiring electrophysiological signals remotely in an open unshielded laboratory. We believe that this technology opens up a new area of remote biometrics which could have considerable implications for security applications. We have also demonstrated the ability of EPS to function in closely-packed one and two dimensional arrays for real-time imaging.

Prance, Robert J.; Harland, Christopher J.; Prance, Helen

2008-10-01

207

Information theoretically secure, enhanced Johnson noise based key distribution over the smart grid with switched filters.  

PubMed

We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions. PMID:23936164

Gonzalez, Elias; Kish, Laszlo B; Balog, Robert S; Enjeti, Prasad

2013-01-01

208

Information Theoretically Secure, Enhanced Johnson Noise Based Key Distribution over the Smart Grid with Switched Filters  

PubMed Central

We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions.

2013-01-01

209

Security in the CernVM File System and the Frontier Distributed Database Caching System  

NASA Astrophysics Data System (ADS)

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

Dykstra, D.; Blomer, J.

2014-06-01

210

Creating variable data UV signals for security applications  

NASA Astrophysics Data System (ADS)

Substrates found in standard digital color printing applications frequently contain optical brightening agents (OBAs). These agents fluoresce under near UV light and are predominantly intended to increase the perceived paper white and thus create a paper look and feel which is preferred by customers. The fluorescence phenomenon poses a considerable challenge in standard color management applications, however, the problem description can be inverted and information can be embedded in a printed color image that is perceptually invisible under normal illumination, but revealed via substrate fluorescence under UV illumination. From a practical standpoint, the approach works with standard high brightness office-type papers and does not require any special materials or media, or any modifications to the imaging path inside the machine. This means that certain security aspects can now produced in an essentially cost-neutral way[1].

Eschbach, Reiner; Bala, Raja; Wang, Shen

2008-01-01

211

A Localized, Distributed Protocol for Secure Information Exchange in Sensor Networks  

Microsoft Academic Search

We consider the problem of securing communica- tion between sensor nodes in large-scale sensor networks. We propose a distributed, deterministic key management protocol designed to satisfy authentication and confidentiality, without the need of a key distribution center. Our scheme is scalable since every node only needs to hold a small number of keys independent of the network size, and it

Tassos Dimitriou; Ioannis Krontiris

2005-01-01

212

26 CFR 1.731-2 - Partnership distributions of marketable securities.  

Code of Federal Regulations, 2013 CFR

...purposes of sections 731(a)(1) and 737, the term money includes marketable securities...1) Sections 704(c)(1)(B) and 737 â(i) In general. If a distribution...both of sections 704(c)(1)(B) and 737, the effect of the distribution is...

2013-04-01

213

On optimization for security and reliability of power systems with distributed generation  

Microsoft Academic Search

Electricity market restructuring and supra-national agreements on the reduction of global greenhouse gas emissions have paved the way for an increase in the use of distributed generation - the connection of generation to the lower voltage power system. This paper formulates and discusses a methodology for the optimal siting and sizing of distributed generation a security constrained system can accept.

J. A. Greatbanks; D. H. Popovic; M. Begovic; A. Pregelj; T. C. Green

2003-01-01

214

77 FR 50184 - Miami International Securities Exchange, LLC; Notice of Filing of Application for Registration as...  

Federal Register 2010, 2011, 2012, 2013

...Rule 517. \\7\\ If its application ultimately is approved...including whether the application is consistent with the...Murphy, Secretary, Securities and Exchange Commission...Commission's Internet Web site (http://www...communications relating to the application between the...

2012-08-20

215

Scheme and applications of mobile payment based on 3-D security protocol  

Microsoft Academic Search

Considering the requirement of the development of mobile business, it improves the system structure, predigests the transaction flow, promotes the security, introduces the applications in mobile business, compares with 3-D security protocol and discusses some problems when carried out, based on 3-D security protocol in this article.

Chaobo Yang; Ming Qi

2006-01-01

216

Security of quantum key distribution using d-level systems.  

PubMed

We consider two quantum cryptographic schemes relying on encoding the key into qudits, i.e., quantum states in a d-dimensional Hilbert space. The first cryptosystem uses two mutually unbiased bases (thereby extending the BB84 scheme), while the second exploits all d+1 available such bases (extending the six-state protocol for qubits). We derive the information gained by a potential eavesdropper applying a cloning-based individual attack, along with an upper bound on the error rate that ensures unconditional security against coherent attacks. PMID:11909502

Cerf, Nicolas J; Bourennane, Mohamed; Karlsson, Anders; Gisin, Nicolas

2002-03-25

217

Application of telecom planar lightwave circuits for homeland security sensing  

NASA Astrophysics Data System (ADS)

Over the past decade, a massive effort has been made in the development of planar lightwave circuits (PLCs) for application in optical telecommunications. Major advances have been made, on both the technological and functional performance front. Highly sophisticated software tools that are used to tailor designs to required functional performance support these developments. In addition extensive know-how in the field of packaging, testing, and failure mode and effects analysis (FMEA) has been built up in the struggle for meeting the stringent Telcordia requirements that apply to telecom products. As an example, silica-on-silicon is now a mature technology available at several industrial foundries around the world, where, on the performance front, the arrayed-waveguide grating (AWG) has evolved into an off-the-shelf product. The field of optical chemical-biological (CB) sensors for homeland security application can greatly benefit from the advances as described above. In this paper we discuss the currently available technologies, device concepts, and modeling tools that have emerged from the telecommunications arena and that can effectively be applied to the field of homeland security. Using this profound telecom knowledge base, standard telecom components can readily be tailored for detecting CB agents. Designs for telecom components aim at complete isolation from the environment to exclude impact of environmental parameters on optical performance. For sensing applications, the optical path must be exposed to the measurand, in this area additional development is required beyond what has already been achieved in telecom development. We have tackled this problem, and are now in a position to apply standard telecom components for CB sensing. As an example, the application of an AWG as a refractometer is demonstrated, and its performance evaluated.

Veldhuis, Gert J.; Elders, Job; van Weerden, Harm; Amersfoort, Martin

2004-03-01

218

Unconditional security of time-energy entanglement quantum key distribution using dual-basis interferometry.  

PubMed

High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous parametric down-conversion and show that it is secure against collective attacks. Its security rests upon visibility data-obtained from Franson and conjugate-Franson interferometers-that probe photon-pair frequency correlations and arrival-time correlations. From these measurements, an upper bound can be established on the eavesdropper's Holevo information by translating the Gaussian-state security analysis for continuous-variable quantum key distribution so that it applies to our protocol. We show that visibility data from just the Franson interferometer provides a weaker, but nonetheless useful, secure-key rate lower bound. To handle multiple-pair emissions, we incorporate the decoy-state approach into our protocol. Our results show that over a 200-km transmission distance in optical fiber, time-energy entanglement HDQKD could permit a 700-bit/sec secure-key rate and a photon information efficiency of 2 secure-key bits per photon coincidence in the key-generation phase using receivers with a 15% system efficiency. PMID:24724641

Zhang, Zheshen; Mower, Jacob; Englund, Dirk; Wong, Franco N C; Shapiro, Jeffrey H

2014-03-28

219

Unconditional Security of Time-Energy Entanglement Quantum Key Distribution Using Dual-Basis Interferometry  

NASA Astrophysics Data System (ADS)

High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous parametric down-conversion and show that it is secure against collective attacks. Its security rests upon visibility data—obtained from Franson and conjugate-Franson interferometers—that probe photon-pair frequency correlations and arrival-time correlations. From these measurements, an upper bound can be established on the eavesdropper's Holevo information by translating the Gaussian-state security analysis for continuous-variable quantum key distribution so that it applies to our protocol. We show that visibility data from just the Franson interferometer provides a weaker, but nonetheless useful, secure-key rate lower bound. To handle multiple-pair emissions, we incorporate the decoy-state approach into our protocol. Our results show that over a 200-km transmission distance in optical fiber, time-energy entanglement HDQKD could permit a 700-bit/sec secure-key rate and a photon information efficiency of 2 secure-key bits per photon coincidence in the key-generation phase using receivers with a 15% system efficiency.

Zhang, Zheshen; Mower, Jacob; Englund, Dirk; Wong, Franco N. C.; Shapiro, Jeffrey H.

2014-03-01

220

Unconditional security proof of a deterministic quantum key distribution with a two-way quantum channel  

SciTech Connect

In a deterministic quantum key distribution (DQKD) protocol with a two-way quantum channel, Bob sends a qubit to Alice who then encodes a key bit onto the qubit and sends it back to Bob. After measuring the returned qubit, Bob can obtain Alice's key bit immediately, without basis reconciliation. Since an eavesdropper may attack the qubits traveling on either the Bob-Alice channel or the Alice-Bob channel, the security analysis of DQKD protocol with a two-way quantum channel is complicated and its unconditional security has been controversial. This paper presents a security proof of a single-photon four-state DQKD protocol against general attacks.

Lu Hua [State Key Laboratory of Magnetics Resonances and Atomic and Molecular Physics, Wuhan Institute of Physics and Mathematics, Chinese Academy of Sciences, Wuhan 430071 (China); Department of Mathematics and Physics, Hubei University of Technology, Wuhan 430068 (China); Fung, Chi-Hang Fred [Department of Physics and Center of Computational and Theoretical Physics, University of Hong Kong, Pokfulam Road (Hong Kong); Ma Xiongfeng [Center for Quantum Information and Quantum Control, Department of Physics, University of Toronto, Toronto, M5S 1A7 (Canada); Cai Qingyu [State Key Laboratory of Magnetics Resonances and Atomic and Molecular Physics, Wuhan Institute of Physics and Mathematics, Chinese Academy of Sciences, Wuhan 430071 (China)

2011-10-15

221

Web application security: Improving critical web-based applications quality through in-depth security analysis  

Microsoft Academic Search

m Abstract- The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted

Nuno Teodoro; Carlos Serrao

2011-01-01

222

Dynamic multi-process information flow tracking for web application security  

Microsoft Academic Search

Although there is a large body of research on detection and prevention of such memory corruption attacks as buer overflow, integer overflow, and format string attacks, the web application security prob- lem receives relatively less attention from the research community by comparison. The majority of web application security problems origi- nate from the fact that web applications fail to perform

Susanta Nanda; Lap-chung Lam; Tzi-cker Chiueh

2007-01-01

223

An Analysis of BlackBox Web Application Security Scanners against Stored SQL Injection  

Microsoft Academic Search

Web application security scanners are a compilation of various automated tools put together and used to detect security vulnerabilities in web applications. Recent research has shown that detecting stored SQL injection, one of the most critical web application vulnerabilities, is a major challenge for black-box scanners. In this paper, we evaluate three state of art black-box scanners that support detecting

Nidal Khoury; Pavol Zavarsky; Dale Lindskog; Ron Ruhl

2011-01-01

224

How to write application code even a security auditor could love  

SciTech Connect

In the past the application programmer was frequently isolated from the computer security professional. The target machine might have various access controls and security plans, but when the programmer delivered a new application, it was rarely scrutinized from a security standpoint. Security reviews of application code are now being used to overcome this apparent oversight, but these reviews are often hampered by a lack of knowledge among programmers of techniques that make code secure and facilitate security analysis of the code. This paper informally describes fifteen general principles for producing good code that is easily reviewed. This paper is not a formal guideline, but is intended as an inside view of how one reviewer looks at code from a security standpoint.

Barlich, G.L.

1989-01-01

225

Bio-inspired approaches to sensing for defence and security applications.  

PubMed

Interdisciplinary research in biotechnology and related scientific areas has increased tremendously over the past decade. This rapid pace, in conjunction with advances in microfabricated systems, computer hardware, bioengineering and the availability of low-powered miniature components, has now made it feasible to design bio-inspired materials, sensors and systems with tremendous potential for defence and security applications. To realize the full potential of biotechnology and bio-inspiration, there is a need to define specific requirements to meet the challenges of the changing world and its threats. One approach to assisting the defence and security communities in defining their requirements is through the use of a conceptual model. The distributed or intelligent autonomous sensing (DIAS) system is one such model. The DIAS model is not necessarily aimed at a single component, for instance a sensor, but can include a system, or even a system of systems in the same way that a single organism, a multi-cellular organism or group of organisms is configured. This paper provides an overview of the challenges to and opportunities for bio-inspired sensors and systems together with examples of how they are being implemented. Examples focus on both learning new things from biological organisms that have application to the defence and security forces and adapting known discoveries in biology and biochemistry for practical use by these communities. PMID:18427675

Biggins, Peter D E; Kusterbeck, Anne; Hiltz, John A

2008-05-01

226

Application of fuzzy sets to optimal reactive power planning with security constraints  

SciTech Connect

This paper presents a mathematical formulation for the optimal reactive power planning taking into account the static security constraints and the non-probabilistic uncertainty in load values. The planning process is decomposed into investment and operation problems via the generalized Benders decomposition (GBD). Fixed and variable costs are considered in the investment problem. Linguistic declarations of load values in the operation problem are translated into possibility distribution functions. The operation problem is decomposed into 4 subproblems via Dantzig-Wolfe decomposition (DWD), and the modeling of multi-area power systems is considered by applying a second DWD to each subproblem, leading to a significant reduction in its dimensions for personal computer applications. Voltage constraints within each area are modeled as fuzzy sets for the static security analysis by biasing the final solution towards desired values of variables within their given ranges. The overall solution is a compromise between economics (lower investment and operation costs) and security (tighter feasible region). Numerical examples for the applicability of the proposed approach to multi-area power systems are discussed.

Abdul-Rahman, K.H.; Shahidehpour, S.M. (Illinois Inst. of Tech., Chicago, IL (United States). Dept. of Electrical and Computer Engineering)

1994-05-01

227

Verification of secure distributed systems in higher order logic: A modular approach using generic components  

SciTech Connect

In this paper we present a generalization of McCullough's restrictiveness model as the basis for proving security properties about distributed system designs. We mechanize this generalization and an event-based model of computer systems in the HOL (Higher Order Logic) system to prove the composability of the model and several other properties about the model. We then develop a set of generalized classes of system components and show for which families of user views they satisfied the model. Using these classes we develop a collection of general system components that are instantiations of one of these classes and show that the instantiations also satisfied the security property. We then conclude with a sample distributed secure system, based on the Rushby and Randell distributed system design and designed using our collection of components, and show how our mechanized verification system can be used to verify such designs. 16 refs., 20 figs.

Alves-Foss, J.; Levitt, K.

1991-01-01

228

Test of radiation detectors used in homeland security applications.  

PubMed

This work was performed as part of the National Institute of Standards and Technology (NIST) program to support the development of the new American National Standards Institute (ANSI) standards N42.32-2003 and N42.33-2003 for hand-held detectors, and personal electronic dosimeters, as well as to support the Office of Law Enforcement Standards (OLES) and the Department of Homeland Security (DHS) in testing these types of detectors for their use by first responders. These instruments are required to operate over a photon energy range of 60 keV to 1.33 MeV and over a wide range of air-kerma rates. The performance and response of various radiation detectors, purchased by the NIST, was recorded when placed in 60Co, 137Cs, and x-ray beams at different air-kerma rates. The measurements described in this report were performed at the NIST x-ray and gamma-ray radiation calibration facilities. The instruments' response (exposure or dose rate readings) shows strong energy dependence but almost no dependence to different air-kerma rates. The data here reported provide a benchmark in support of current protocols that are being developed for radiation detection instrumentation used in homeland security applications. A future plan is to test these devices, plus other commercially available detectors, against ANSI standards N42.32-2003 and N42.33-2003. PMID:15824588

Pibida, L; Minniti, R; O'Brien, M; Unterweger, M

2005-05-01

229

Wireless sensors and sensor networks for homeland security applications.  

PubMed

New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers. PMID:23175590

Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

2012-11-01

230

High-speed secure key distribution over an optical network based on computational correlation imaging.  

PubMed

We present a protocol for an optical key distribution network based on computational correlation imaging, which can simultaneously realize privacy amplification and multiparty distribution. With current technology, the key distribution rate could reach hundreds of Mbit/s with suitable choice of parameters. The setup is simple and inexpensive, and may be employed in real networks where high-speed long-distance secure communication is required. PMID:23939004

Li, Shen; Yao, Xu-Ri; Yu, Wen-Kai; Wu, Ling-An; Zhai, Guang-Jie

2013-06-15

231

Web Services: Distributed Applications Without Limits  

Microsoft Academic Search

Abstract: Web services technologyis all about distributed computing. There is no fundamentally new basic ,concept behind this and related technologies. What is really new,is the reach of Web services and its ubiquitous support by literally all major vendors. Most likely, heterogeneity will at the end no longer be an obstruction for distributed applications. This will have impact on application architectures,

Frank Leymann

2003-01-01

232

Secure Conference Key Distribution Schemes for Conspiracy Attack  

Microsoft Academic Search

At the Eurocrypt’88 meeting, we proposed three identity-based conference key distribution schemes. At the Asiacrypt’91 meeting,\\u000a Shimbo and Kawamura presented a conspiracy attacking method which worked against our schemes to disclose a user’s secret information.\\u000a This paper proposes an improved identity-based conference key distribution scheme to counter this attack.

Kenji Koyama

1992-01-01

233

Communication Security Architecture for Smart Distribution System Operations  

Microsoft Academic Search

This paper proposes a communication cybersecurity architecture for smart distribution system operations using distributed network protocol (DNP3). The focus is on providing cybersecurity for residential load-management devices that are networked for access by the utility and their consumers. The proposed architecture utilizes DNP3 to produce a disjoint protocol between strictly-regulated utility devices and devices accessible by the utility and consumers.

T. Mander; H. Cheung; A. Hamlyn; R. Cheung

2007-01-01

234

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey  

PubMed Central

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

235

Security engineering: systems engineering of security through the adaptation and application of risk management  

NASA Technical Reports Server (NTRS)

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Gilliam, David P.; Feather, Martin S.

2004-01-01

236

Application of Lightweight Formal Methods to Software Security  

Microsoft Academic Search

Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of sofmare security properties. Such an approach which speci$es security properties in a library that can be re- used by 2 instruments and their

David P. Gilliam; John D. Powell; Matt Bishop

2005-01-01

237

Secure protocol lifecycle and its application in power industry  

Microsoft Academic Search

With advancing of communication technologies, various protocols have been designed, developed and widely deployed in modern industries, including power industry. And the security issues of these protocol systems which involve the security of national infrastructure have gained more and more concerns. Since protocols are not only communication services, but also evolving developing processes, security vulnerabilities could be introduced at the

Wen Tang; Aifen Sui

2008-01-01

238

Autonomous energy harvesting embedded sensors for border security applications  

NASA Astrophysics Data System (ADS)

Wireless networks of seismic sensors have proven to be a valuable tool for providing security forces with intrusion alerts even in densely forested areas. The cost of replenishing the power source is one of the primary obstacles preventing the widespread use of wireless sensors for passive barrier protection. This paper focuses on making use of energy from multiple sources to power these sensors. A system comprising of Texas Micropower's (TMP's) energy harvesting device and Crane Wireless Monitoring Solutions' sensor nodes is described. The energy harvesters are suitable for integration and for low cost, high volume production. The harvesters are used for powering sensors in Crane's wireless hub and spoke type sensor network. TMP's energy harvesting methodology is based on adaptive power management circuits that allow harvesting from multiple sources making them suitable for underground sensing/monitoring applications. The combined self-powered energy harvesting solutions are expected to be suitable for broad range of defense and industry applications. Preliminary results have indicated good feasibility to use a single power management solution that allows multi-source energy harvesting making such systems practical in remote sensing applications.

Hande, Abhiman; Shah, Pradeep; Falasco, James N.; Weiner, Doug

2010-04-01

239

A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker  

Microsoft Academic Search

Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises significant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper

Ian Goldberg; David Wagner; Randi Thomas; Eric Brewer

1996-01-01

240

Security  

ERIC Educational Resources Information Center

Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

Technology & Learning, 2008

2008-01-01

241

Communicating Health Risks under Pressure: Homeland Security Applications  

SciTech Connect

The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to customization to include radioactive waste management or responses to catastrophic releases of radioactive material due to terrorist actions. (authors)

Garrahan, K.G. [EPA National Homeland Security Research Center, 1200 Pennsylvania Ave NW, Washington, DC 20460 (United States); Collie, S.L. [Tetra Tech, 350 N. St. Paul, Suite 2600, Dallas TX 75201 (United States)

2006-07-01

242

Integrating CLIPS applications into heterogeneous distributed systems  

NASA Technical Reports Server (NTRS)

SOCIAL is an advanced, object-oriented development tool for integrating intelligent and conventional applications across heterogeneous hardware and software platforms. SOCIAL defines a family of 'wrapper' objects called agents, which incorporate predefined capabilities for distributed communication and control. Developers embed applications within agents and establish interactions between distributed agents via non-intrusive message-based interfaces. This paper describes a predefined SOCIAL agent that is specialized for integrating C Language Integrated Production System (CLIPS)-based applications. The agent's high-level Application Programming Interface supports bidirectional flow of data, knowledge, and commands to other agents, enabling CLIPS applications to initiate interactions autonomously, and respond to requests and results from heterogeneous remote systems. The design and operation of CLIPS agents are illustrated with two distributed applications that integrate CLIPS-based expert systems with other intelligent systems for isolating and mapping problems in the Space Shuttle Launch Processing System at the NASA Kennedy Space Center.

Adler, Richard M.

1991-01-01

243

26 CFR 1.731-2 - Partnership distributions of marketable securities.  

Code of Federal Regulations, 2011 CFR

...partnership (within the meaning of section 731(c...section. (h) Anti-abuse rule. The provisions...section 731(c) and the substance of the transaction...other partners is, in substance, equivalent to a distribution...securities within the meaning of section...

2014-04-01

244

Fault tolerance adaptation requirements vs. quality-of-service, realtime and security in dynamic distributed systems  

Microsoft Academic Search

Due to deregulation of electricity market and the trend towards distributed electricity generation based on renewable energy (e.g. wind energy), electric power infrastructure relies increasingly on communication infrastructure. Communication infrastructure has to fulfil requirements as survivability and dependability to secure a high availability and reliability of electric power infrastructure. For this requirements, the communication infrastructure must be able to adapt

Rodica Tirtea; Geert Deconinck; Ronnie Belmans

2006-01-01

245

Bacteriorhodopsin-based photochromic pigments for optical security applications  

NASA Astrophysics Data System (ADS)

Bacteriorhodopsin is a two-dimensional crystalline photochromic protein which is astonishingly stable towards chemical and thermal degradation. This is one of the reasons why this is one of the very few proteins which may be used as a biological pigment in printing inks. Variants of the naturally occurring bacteriorhodopsin have been developed which show a distinguished color change even with low light intensities and without the requirement of UV-light. Several pigments with different color changes are available right now. In addition to this visual detectable feature, the photochromism, the proteins amino acid sequence can be genetically altered in order to code and identify specific production lots. For advanced applications the data storage capability of bacteriorhodopsin will be useful. Write-once-read-many (WORM) recording of digital data is accomplished by laser excitation of printed bacteriorhodopsin inks. A density of 1 MBit per square inch is currently achieved. Several application examples for this biological molecule are described where low and high level features are used in combination. Bacteriorhodopsin-based inks are a new class of optical security pigments.

Hampp, Norbert A.; Fischer, Thorsten; Neebe, Martin

2002-04-01

246

Security of high-dimensional quantum key distribution protocols using Franson interferometers  

NASA Astrophysics Data System (ADS)

Franson interferometers are increasingly being proposed as a means of securing high-dimensional energy-time entanglement-based quantum key distribution (QKD) systems. Heuristic arguments have been proposed that purport to demonstrate the security of these schemes. We show, however, that such systems are vulnerable to attacks that localize the photons to several temporally separate locations. This demonstrates that a single pair of Franson interferometers is not a practical approach to securing high-dimensional energy-time entanglement-based QKD. This observation leads us to investigate the security of modified Franson-based-protocols, where Alice and Bob have two or more Franson interferometers. We show that such setups can improve the sensitivity against attacks that localize the photons to multiple temporal locations. While our results do not constitute a full security proof, they do show that a single pair of Franson interferometers is not secure and that multiple such interferometers could be a promising candidate for experimentally realizable high-dimensional QKD.

Brougham, Thomas; Barnett, Stephen M.; McCusker, Kevin T.; Kwiat, Paul G.; Gauthier, Daniel J.

2013-05-01

247

Secure authentication protocol for Internet applications over CATV network  

NASA Astrophysics Data System (ADS)

An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

Chin, Le-Pond

1998-02-01

248

Overcoming Channel Bandwidth Constraints in Secure SIM Applications  

Microsoft Academic Search

In this paper we present an architecture based on a Java (J2SE, J2EE, J2ME and Java Card) platform supporting a secure channel from a Mobile Operator to the SIM card. This channel offers the possibility of end to end security for delivery of large data files to a GSM SIM card. Such a secure channel could be used for delivery

John A. Macdonald; William G. Sirett; Chris J. Mitchell

2005-01-01

249

Applications of schema theory in information security teaching  

NASA Astrophysics Data System (ADS)

Information security knowledge is more and more important to students in universities of finance and economics. However, mastering the skill of information security is not easy to them. Schema theory is applied into information security teaching to help students improve their skills. The teaching result shows that there is a significant difference in final exam and practice exam between the proposed model and a regular teaching model.

Qiu, Chunyan; Zhao, Wei; Han, Jialing; Jiang, Jianhua

2012-04-01

250

Web Application Security Gateway with Java Non-blocking IO  

Microsoft Academic Search

We present the design and implementation of the WebDaemon Security Gateway (WDSG) with the techniques of event-driving, non-blocking\\u000a IO multiplexing, secure cookies, SSL and caches based on PKI framework and role-based access control (RBAC) policy. It not\\u000a only supports massive concurrency and avoids the pitfalls of traditional block I\\/O based design, but also is able to secure\\u000a all the resources

Zhenxing Luo; Nuermaimaiti Heilili; Dawei Xu; Chen Zhao; Zuoquan Lin

2006-01-01

251

Secure Business Application Logic for e-Commerce Systems  

Microsoft Academic Search

The major reason why most people are still sceptical about e-commerce is the perceived security and privacy risks associated with e-transactions, e.g., data, smart cards, credit cards and exchange of business information by means of online transactions. Today, vendors of e-commerce systems have relied solely on secure transaction protocols such as SSL, while ignoring the security of server and client

Faisal Nabi

2005-01-01

252

Defense and homeland security applications of multi-agent simulations  

Microsoft Academic Search

Department of Defense and Homeland Security analysts are increasingly using multi-agent simulation (MAS) to exam- ine national security issues. This paper summarizes three MAS national security studies conducted at the Naval Post- graduate School. The first example explores equipment and employment options for protecting critical infrastructure. The second case considers non-lethal weapons within the spectrum of force-protection options in a

Thomas W. Lucas; Susan M. Sanchez; Felix Martinez; Lisa R. Sickinger; Jonathan W. Roginski

2007-01-01

253

Secure Large-Scale Airport Simulations Using Distributed Computational Resources  

NASA Technical Reports Server (NTRS)

To fully conduct research that will support the far-term concepts, technologies and methods required to improve the safety of Air Transportation a simulation environment of the requisite degree of fidelity must first be in place. The Virtual National Airspace Simulation (VNAS) will provide the underlying infrastructure necessary for such a simulation system. Aerospace-specific knowledge management services such as intelligent data-integration middleware will support the management of information associated with this complex and critically important operational environment. This simulation environment, in conjunction with a distributed network of supercomputers, and high-speed network connections to aircraft, and to Federal Aviation Administration (FAA), airline and other data-sources will provide the capability to continuously monitor and measure operational performance against expected performance. The VNAS will also provide the tools to use this performance baseline to obtain a perspective of what is happening today and of the potential impact of proposed changes before they are introduced into the system.

McDermott, William J.; Maluf, David A.; Gawdiak, Yuri; Tran, Peter; Clancy, Dan (Technical Monitor)

2001-01-01

254

Gigahertz decoy quantum key distribution with 1 Mbit/s secure key rate.  

PubMed

We report the first gigahertz clocked decoy-protocol quantum key distribution (QKD). Record key rates have been achieved thanks to the use of self-differencing InGaAs avalanche photodiodes designed specifically for high speed single photon detection. The system is characterized with a secure key rate of 1.02 Mbit/s for a fiber distance of 20 km and 10.1 kbit/s for 100 km. As the present advance relies upon compact non-cryogenic detectors, it opens the door towards practical and low cost QKD systems to secure broadband communication in future. PMID:19581967

Dixon, A R; Yuan, Z L; Dynes, J F; Sharpe, A W; Shields, A J

2008-11-10

255

Continuous Variable Quantum Key Distribution: Finite-Key Analysis of Composable Security against Coherent Attacks  

NASA Astrophysics Data System (ADS)

We provide a security analysis for continuous variable quantum key distribution protocols based on the transmission of two-mode squeezed vacuum states measured via homodyne detection. We employ a version of the entropic uncertainty relation for smooth entropies to give a lower bound on the number of secret bits which can be extracted from a finite number of runs of the protocol. This bound is valid under general coherent attacks, and gives rise to keys which are composably secure. For comparison, we also give a lower bound valid under the assumption of collective attacks. For both scenarios, we find positive key rates using experimental parameters reachable today.

Furrer, F.; Franz, T.; Berta, M.; Leverrier, A.; Scholz, V. B.; Tomamichel, M.; Werner, R. F.

2012-09-01

256

Retrofitting network security to third-party applications — the SecureBase experience  

Microsoft Academic Search

Systems such as Kerberos, designed to provide secure user and service authentication over insecure open networks, continue to gain acceptance in the UNIX world. There are both freely available and commercial products which reduce the vulnerabilities inherent in trus ting \\

Jonathan I. Kamens

257

Rendering post production applications in distributed environments  

Microsoft Academic Search

The paper considers the problem of rendering post production applications in a distributed environment. The aim is to limit the concessions that conventional, in-house methods force graphics operators to make to the quality of the end products to get them on time and within budget. A reference architecture for distributed rendering is proposed that takes advantage of the parallel properties

Apostolos Meliones; Theodora Varvarigou; Einmanuel Protonotarios

1997-01-01

258

Power system DNP3 data object security using data sets  

Microsoft Academic Search

Power system cyber security demand is escalating with the increased number of security incidents and the increased stakeholder participation in power system operations, specifically consumers. Rule-based cyber security is proposed for Distributed Network Protocol (DNP3) outstation devices, with a focus on smart distribution system devices. The security utilizes the DNP3 application layer function codes and data objects to determine data

Todd Mander; Richard Cheung; Farhad Nabhani

2010-01-01

259

Task Assignment Heuristics for Distributed CFD Applications  

NASA Technical Reports Server (NTRS)

CFD applications require high-performance computational platforms: 1. Complex physics and domain configuration demand strongly coupled solutions; 2. Applications are CPU and memory intensive; and 3. Huge resource requirements can only be satisfied by teraflop-scale machines or distributed computing.

Lopez-Benitez, N.; Djomehri, M. J.; Biswas, R.; Biegel, Bryan (Technical Monitor)

2001-01-01

260

Micro-analytical systems for national security applications  

NASA Astrophysics Data System (ADS)

Sandia National Laboratories has a long tradition of technology development for national security applications. In recent years, significant effort has been focused on micro-analytical systems - handheld, miniature, or portable instruments built around microfabricated components. Many of these systems include microsensor concepts and target detection and analysis of chemical and biological agents. The ultimate development goal for these instruments is to produce fully integrated sensored microsystems. Described here are a few new components and systems being explored: (1) A new microcalibrator chip, consisting of a thermally labile solid matrix on an array of suspended-membrane microhotplates, that when actuated delivers controlled quantities of chemical vapors. (2) New chemical vapor detectors, based on a suspended-membrane micro-hotplate design, which are amenable to array configurations. (3) Micron-scale cylindrical ion traps, fabricated using a molded tungsten process, which form the critical elements for a micro-mass analyzer. (4) Monolithically integrated micro-chemical analysis systems fabricated in silicon that incorporate chemical preconcentrators, gas chromatography columns, detector arrays, and MEMS valves.

Cernosek, R. W.; Robinson, A. L.; Cruz, D. Y.; Adkins, D. R.; Barnett, J. L.; Bauer, J. M.; Blain, M. G.; Byrnes, J. E.; Dirk, S. M.; Dulleck, G. R.; Ellison, J. A.; Fleming, J. G.; Hamilton, T. W.; Heller, E. J.; Howell, S. W.; Kottenstette, R. J.; Lewis, P. R.; Manginell, R. P.; Moorman, M. W.; Mowry, C. D.; Manley, R. G.; Okandan, M.; Rahimian, K.; Shelmidine, G. J.; Shul, R. J.; Simonson, R. J.; Sokolowski, S. S.; Spates, J. J.; Staton, A. W.; Trudell, D. E.; Wheeler, D. R.; Yelton, W. G.

2006-06-01

261

Hidden object detection: security applications of terahertz technology  

Microsoft Academic Search

Recent events have led to dramatic changes to the methods employed in security screening. For example, following the failed shoe bombing, it is now common for shoes to be removed and X-rayed at airport checkpoints. There is therefore an increasing focus on new Recent events have led to dramatic changes to the methods employed in security screening. For example, following

William R. Tribe; David A. Newnham; Philip F. Taday; Michael C. Kemp

2004-01-01

262

Hidden object detection: security applications of terahertz technology  

Microsoft Academic Search

Recent events have led to dramatic changes to the methods employed in security screening. For example, following the failed shoe bombing, it is now common for shoes to be removed and X-rayed at airport checkpoints. There is therefore an increasing focus on new technologies that can be applied to security screening, either to simplify or speed up the checking process,

William R. Tribe; David A. Newnham; Philip F. Taday; Michael C. Kemp

263

Software security: Application-level vulnerabilities in SCADA systems  

Microsoft Academic Search

In this paper we study the security threats to Supervisory Control and Data Acquisition (SCADA) systems via intentional and unintentional software errors. We claim that current programming practices and security mechanisms for the Programmable Logic Controllers (PLC), that are fundamental components of all SCADA systems, do not provide adequate protection against unintentional errors or malicious, code-level attacks. We focus on

Sidney Valentine; Csilla Farkas

2011-01-01

264

Secure positioning of wireless devices with application to sensor networks  

Microsoft Academic Search

So far, the problem of positioning in wireless net- works has been mainly studied in a non-adversarial setting. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call Verifiable Multilateration. We then show how this mechanism can be used to secure

Srdjan Capkun; Jean-pierre Hubaux

2005-01-01

265

Passive millimeter-wave imaging for security and safety applications  

Microsoft Academic Search

77 GHz passive millimeter wave (PMMW) imaging camera for the purpose of security is developed. In order to detect concealed objects in clothes without hindrance to flow of people at airport security checks, video rate imaging is realized using one-dimensional imaging sensor array of 25 elements and a flapping reflector. As receiving antennas, novel antipodal Fermi antenna (APFA) having required

Hiroyasu Sato; Kunio Sawaya; Koji Mizuno; Jun Uemura; Masamune Takeda; Junichi Takahashi; Kota Yamada; Keiichi Morichika; Tsuyoshi Hasegawa; Haruyuki Hirai; Hirotaka Niikura; Tomohiko Matsuzaki; Shigeto Kato; Jun Nakada

2010-01-01

266

THE RADIATRON: A HIGH AVERAGE CURRENT BETATRON FOR INDUSTRIAL AND SECURITY APPLICATIONS  

Microsoft Academic Search

The fixed-field alternating-gradient (FFAG) betatron has emerged as a viable alternative to RF linacs as a source of high-energy radiation for industrial and security applications. For industrial applications, high average currents at modest relativistic electron beam energies, typically in the 5 to 10 MeV range, are desired for medical product sterilization, food irradiation and materials processing. For security applications, high

S. Boucher; R. Agustsson; P. Frigola; A. Murokh; M. Ruelas; F. O'Shea; J. Rosenzweig; G. Travish; FFAG BETATRON

267

Concise security bounds for practical decoy-state quantum key distribution  

NASA Astrophysics Data System (ADS)

Due to its ability to tolerate high channel loss, decoy-state quantum key distribution (QKD) has been one of the main focuses within the QKD community. Notably, several experimental groups have demonstrated that it is secure and feasible under real-world conditions. Crucially, however, the security and feasibility claims made by most of these experiments were obtained under the assumption that the eavesdropper is restricted to particular types of attacks or that the finite-key effects are neglected. Unfortunately, such assumptions are not possible to guarantee in practice. In this work, we provide concise and tight finite-key security bounds for practical decoy-state QKD that are valid against general attacks.

Lim, Charles Ci Wen; Curty, Marcos; Walenta, Nino; Xu, Feihu; Zbinden, Hugo

2014-02-01

268

Application of the Open Software Foundation (OSF)distributed computing environment to global PACS  

NASA Astrophysics Data System (ADS)

In this paper, we present our approach to developing Global Picture Archiving and Communication System (GPACS) applications using the Open Software Foundation (OSF) Distributed Computing Environment (DCE) services and toolkits. The OSF DCE services include remote procedure calls, naming service, threads service, time service, file management services, and security service. Several OSF DCE toolkits are currently available from computer and software vendors. Designing distributed Global PACS applications using the OSF DCE approach will feature an open architecture, heterogeneity, and technology independence for GPACS remote consultation and diagnosis applications, including synchronized image annotation, and system privacy and security. The applications can communicate through various transport services and communications networks in a Global PACS environment. The use of OSF DCE services for Global PACS will enable us to develop a robust distributed structure and new user services which feature reliability and scalability for Global PACS environments.

Martinez, Ralph; Alsafadi, Yasser H.; Kim, Jinman

1994-05-01

269

Enriching healthcare applications with cryptographic mechanisms and XML- based security services.  

PubMed

The paper presents the enrichment of an existing e-referral / e-prescription application within a Regional Healthcare Information Network with security functionality, solving current authentication, integrity, non-repudiation and confidentiality issues and thus significantly enhancing the overall system security, operability, applicability and user acceptance. The application makes use of an underlying PKI framework, in order to provide strong authentication, digital signature, encryption and time-stamping services. XML is used for the representation of the healthcare data itself, the encrypted form of this data, as well as the relevant data security information, following W3C standards. PMID:12590159

Bourka, A; Kaliontzoglou, A; Polemi, D; Georgoulas, A; Sklavos, P

2003-01-01

270

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications  

NASA Technical Reports Server (NTRS)

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

Tompkins, F. G.

1984-01-01

271

Selection application for platforms and security protocols suitable for wireless sensor networks  

NASA Astrophysics Data System (ADS)

There is a great number of platforms and security protocols which can be used for wireless sensor networks (WSN). All these platforms and protocols have different properties with certain advantages and disadvantages. For a good choice of platform and an associated protocol, these advantages and disadvantages should be compared and the best for the appropriate WSN chosen. To select a Security protocol and a wireless platform suitable for a specific application a software tool will be developed. That tool will enable wireless network deployment engineers to easily select a suitable wireless platform for their application based on their network needs and application security requirements.

Möller, S.; Newe, T.; Lochmann, S.

2009-07-01

272

TERAEYE- A fully passive THz inspection system based on nanotechnology for security applications  

Microsoft Academic Search

The objective of TERAEYE project, funded by the European Community through the Sixth Framework Programme, is to develop an innovative range of inspecting passive systems, based on Quantum Dot sensor, to identify harmful materials for homeland security both by spectral analysis and imaging. Main applications will be related to airports security systems, surveillance of crowded areas such as railway and

V. Ferrando; V. Pagnotta; G. Pezzuto

2007-01-01

273

Active Millimeter-Wave and Sub-Millimeter-Wave Imaging for Security Applications  

SciTech Connect

Active imaging at millimeter and sub-millimeter wavelengths has been developed for security applications including concealed weapon detection. The physical properties that affect imaging performance are discussed along with a review of the current state-of-the-art and future potential for security imaging systems.

Sheen, David M.; McMakin, Douglas L.; Hall, Thomas E.

2011-09-02

274

Image sensor for security applications with on-chip data authentication  

Microsoft Academic Search

Sensors in a networked environment which are used for security applications could be jeopardized by man-in-the- middle or address spooflng attacks. By authentication and secure data transmission of the sensor's data stream, this can be thwart by fusing the image sensor with the necessary digital encryption and authentication circuit, which fulflls the three standard requirements of cryptography: data integrity, confldentiality

P. Stifter; K. Eberhardt; A. Erni; K. Hofmann

275

Extending XACML authorisation model to support policy obligations handling in distributed application  

Microsoft Academic Search

The paper summarises the recent developments and discussions in the Grid and networking security community to build interoperable and scalable authorisation infrastructure for distributed applications. The paper provides a short overview of the XACML policy format and policy obligations definition in the XACML specification. The paper analyses the basic use cases for obligations in computer Grids and on-demand network resource

Yuri Demchenko; Oscar Koeroo; Cees De Laat; Hakon Sagehaug

2008-01-01

276

Application of synthesized coherence function to distributed optical sensing  

NASA Astrophysics Data System (ADS)

We have proposed and developed a technique to synthesize an optical coherence function into arbitrary shapes. By using this technique, which we call the `synthesis of an optical coherence function', various distributed optical sensing schemes have been developed, which have no mechanical moving parts nor data calculation. In these schemes, we do not use a pulsed lightwave but instead use a continuous wave, whose correlation is controlled by frequency modulation or phase modulation. We have proposed a reflectometry system to diagnose fibre optic subscriber networks. Fibre optic distributed force sensing systems have also been developed, which are applicable to smart structures and security systems. In a similar way, we have proposed a system to measure strain distribution along an optical fibre through the Brillouin scattering caused in the fibre. Spatial resolution of just 1 cm has been demonstrated by this system, which is 100 times higher than the practical limitation of conventional pulsed-lightwave techniques. Such a high spatial resolution is suitable for smart material applications. Two- or three-dimensional distributed sensing has also been developed by this technique. An optical tomography system has been proposed, which has fewer mechanical moving parts. A system for surface shape measurement for a multi-layered object has also been developed.

Hotate, Kazuo

2002-11-01

277

Empirical Distributional Semantics: Methods and Biomedical Applications  

PubMed Central

Over the past fifteen years, a range of methods have been developed that are able to learn human-like estimates of the semantic relatedness between terms from the way in which these terms are distributed in a corpus of unannotated natural language text. These methods have also been evaluated in a number of applications in the cognitive science, computational linguistics and the information retrieval literatures. In this paper, we review the available methodologies for derivation of semantic relatedness from free text, as well as their evaluation in a variety of biomedical and other applications. Recent methodological developments, and their applicability to several existing applications are also discussed.

Cohen, Trevor; Widdows, Dominic

2009-01-01

278

Applicability of Visual Analytics to Defence and Security Operations.  

National Technical Information Service (NTIS)

In the context of modern defence and security operations, analysts are faced with a continuously growing set of information of different nature which causes significant information overload problems and prevent developing good situation awareness. Fortuna...

D. Gouin V. Lavigne

2011-01-01

279

Intelligent Facial Recognition Systems: Technology advancements for security applications.  

National Technical Information Service (NTIS)

Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just cr...

C. L. Beer

1993-01-01

280

Microholographic computer generated holograms for security applications: Microtags  

SciTech Connect

We have developed a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. Eight-by-eight-cell and 12 x 12-cell phase-only and phase-and-amplitude microtag designs has been exposed in photoresist using the extreme-ultraviolet (13.4 nm) lithography (EUVL) tool developed at Sandia National Laboratories. Using EUVL, we have also fabricated microtags consisting of 150-nm lines arranged to form 300-nm-period gratings. The microtags described in this report were designed for readout at 632.8 nm and 442 nm. The smallest microtag measures 56 {mu}m x 80 {mu}m when viewed at normal incidence. The largest microtag measures 80 by 160 microns and contains features 0.2 {mu}m wide. The microtag design process uses a modified iterative Fourier-transform algorithm to create either phase-only or phase-and-amplitude microtags. We also report on a simple and compact readout system for recording the diffraction pattern formed by a microtag. The measured diffraction patterns agree very well with predictions. We present the results of a rigorous coupled-wave analysis (RCWA) of microtags. Microtags are CD modeled as consisting of sub-wavelength gratings of a trapezoidal profile. Transverse-electric (TE) and TM readout polarizations are modeled. The objective of our analysis is the determination of optimal microtag-grating design parameter values and tolerances on those parameters. The parameters are grating wall-slope angle, grating duty cycle, grating depth, and metal-coating thickness. Optimal microtag-grating parameter values result in maximum diffraction efficiency. Maximum diffraction efficiency is calculated at 16% for microtag gratings in air and 12% for microtag gratings underneath a protective dielectric coating, within fabrication constraints. TM-microtag gratings. Finally, we suggest several additional microtag concepts, such as two-dimensional microtags and pixel-code microtags.

Sweatt, W.C.; Warren, M.E.; Kravitz, S.H. [and others

1998-01-01

281

Reviews of computing technology: Securing network applications, Kerberos and RSA  

SciTech Connect

This paper will focus on the first step in establishing network security, authentication, and describe the basic function of both RSA and Kerberos as used to provide authentication and confidential data transfer services. It will also discuss the Digital Signature Standard and the market acceptance of each. Proper identification of the principals involved in a network dialog is a necessary first step in providing network-wide security comparable to that of stand-alone systems.

Johnson, S.M.

1992-06-01

282

Application of Modified ICA to Secure Communications in Chaotic Systems  

Microsoft Academic Search

Along with the increasingly quick development of modern communication system technologies, secure communication has become\\u000a increasingly important. We propose a new method for secure communication systems. Independent component analysis (ICA) is\\u000a employed to retrieve the message signal encrypted by a mixture of Gaussian white noise and chaotic noise. Unlike the traditional\\u000a chaotic synchronization method, this method does not require knowing

Shih-lin Lin; Pi-cheng Tung

2007-01-01

283

Applying SOA Concepts to Distributed Industrial Applications Using WCF Technology  

NASA Astrophysics Data System (ADS)

Software Development is subject to a constant process of change. In the meantime web services, access to remote services or distributed applications are already the standard. Simultaneously with their advancement demands on these techniques are rising significantly. Defined support for security issues, coordination of transactions and reliable communications are expected. Windows Communication Foundation (WCF)-as a part of Microsoft Corporation's .NET Framework-supports these requirements in line with wide range interoperability. WCF provides the development of distributed and interconnected software applications by means of a service-oriented programming model. This paper introduces a service-oriented communication concept based on WCF, which is specifically designed for industrial applications within a production environment using a central manufacturing information system (MIS) database. It introduces applied technologies and provides an overview of some important design aspects and base service sets of WCF. Additionally, this paper also shows a factual implementation of the presented service-oriented communication concept in the form of an industrial software application used in plastics industry.

Stopper, Markus; Gastermann, Bernd

2010-10-01

284

Secure, Autonomous, Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations  

NASA Technical Reports Server (NTRS)

This report describes a Secure, Autonomous, and Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations. It includes a description of current improvements to existing Virtual Mission Operations Center technology being used by US Department of Defense and originally developed under NASA funding. The report also highlights a technology demonstration performed in partnership with the United States Geological Service for Earth Resources Observation and Science using DigitalGlobe(Registered TradeMark) satellites to obtain space-based sensor data.

Ivancic, William D.; Paulsen, Phillip E.; Miller, Eric M.; Sage, Steen P.

2013-01-01

285

Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems.  

National Technical Information Service (NTIS)

This report presents the results of our audit of Web applications security and intrusion detection in air traffic control (ATC) systems. This audit was requested by the Ranking Minority members of the House Committee on Transportation and Infrastructure a...

2009-01-01

286

Security proof of a three-state quantum-key-distribution protocol without rotational symmetry  

SciTech Connect

Standard security proofs of quantum-key-distribution (QKD) protocols often rely on symmetry arguments. In this paper, we prove the security of a three-state protocol that does not possess rotational symmetry. The three-state QKD protocol we consider involves three qubit states, where the first two states |0{sub z}> and |1{sub z}> can contribute to key generation, and the third state |+>=(|0{sub z}>+|1{sub z}>)/{radical}(2) is for channel estimation. This protocol has been proposed and implemented experimentally in some frequency-based QKD systems where the three states can be prepared easily. Thus, by founding on the security of this three-state protocol, we prove that these QKD schemes are, in fact, unconditionally secure against any attacks allowed by quantum mechanics. The main task in our proof is to upper bound the phase error rate of the qubits given the bit error rates observed. Unconditional security can then be proved not only for the ideal case of a single-photon source and perfect detectors, but also for the realistic case of a phase-randomized weak coherent light source and imperfect threshold detectors. Our result in the phase error rate upper bound is independent of the loss in the channel. Also, we compare the three-state protocol with the Bennett-Brassard 1984 (BB84) protocol. For the single-photon source case, our result proves that the BB84 protocol strictly tolerates a higher quantum bit error rate than the three-state protocol, while for the coherent-source case, the BB84 protocol achieves a higher key generation rate and secure distance than the three-state protocol when a decoy-state method is used.

Fung, C.-H.F.; Lo, H.-K. [Center for Quantum Information and Quantum Control, Department of Electrical and Computer Engineering and Department of Physics, University of Toronto, Toronto, Ontario M5S 3G4 (Canada)

2006-10-15

287

Automatic Test Approach of Web Application for Security (AutoInspect)  

Microsoft Academic Search

\\u000a We present an automatic test approach to improve the security of web application, which detects vulnerable spots based on\\u000a black box test through three phases of craw, test, and report. The test process considers a blind point for security through\\u000a the development life cycle, the faults of web application and server setup in a various point of attackers, etc. The

Kyung Cheol Choi; Gun Ho Lee

2006-01-01

288

Towards a multilevel secure database management system for real-time applications  

Microsoft Academic Search

Database systems for real-time applications must satisfy timing constraints associated with transactions, in addition to maintaining data consistency. In addition to real-time requirements, security is usually required in many applications, because sensitive information must be safeguarded. Multilevel security requirements introduce a new dimension to transaction processing in real-time database systems. The paper addresses issues that must be investigated in order

Sang H. Son; Bhavani Thuraisingham

1993-01-01

289

Developing secure Web-applicationsSecurity criteria for the development of e-Democracy Web-applications  

Microsoft Academic Search

One of the most important requirements in government websites is the security. The Data Protection Act, Human Rights Act and\\u000a other legislation require that privacy is respected. Beyond this, Government websites must be secure to build trust and maintain\\u000a the reputation of electronic government. This will be seriously damaged if websites are defaced, services are unavailable\\u000a or sensitive information is

António Pacheco; Carlos Serrão

290

Contributions to Human Errors and Breaches in National Security Applications.  

SciTech Connect

Los Alamos National Laboratory has recognized that security infractions are often the consequence of various types of human errors (e.g., mistakes, lapses, slips) and/or breaches (i.e., deliberate deviations from policies or required procedures with no intention to bring about an adverse security consequence) and therefore has established an error reduction program based in part on the techniques used to mitigate hazard and accident potentials. One cornerstone of this program, definition of the situational and personal factors that increase the likelihood of employee errors and breaches, is detailed here. This information can be used retrospectively (as in accident investigations) to support and guide inquiries into security incidents or prospectively (as in hazard assessments) to guide efforts to reduce the likelihood of error/incident occurrence. Both approaches provide the foundation for targeted interventions to reduce the influence of these factors and for the formation of subsequent 'lessons learned.' Overall security is enhanced not only by reducing the inadvertent releases of classified information but also by reducing the security and safeguards resources devoted to them, thereby allowing these resources to be concentrated on acts of malevolence.

Pond, D. J. (Daniel J.); Houghton, F. K. (Florence Kay); Gilmore, W. E. (Walter E.)

2002-01-01

291

DOE integrated safeguards and security (DISS) system a nation-wide distributed information system for personnel security  

SciTech Connect

DISS uses secure client-server and relational database technology across open networks to address the problems of security clearance request processing and tracking of security clearances for the Department of energy. The system supports the entire process from data entry by the prospective clearance holders through tracking of all DOE clearances, and use of standard DOE badges in automated access control systems throughout the DOE complex.

Block, B.

1997-06-05

292

Application of Lightweight Formal Methods to Software Security  

NASA Technical Reports Server (NTRS)

Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which species security properties in a library that can be reused by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The Flexible Modeling Framework (FMF) is a model based verijkation instrument that uses Promela and the SPIN model checker. The Property Based Tester (PBT) uses TASPEC and a Text Execution Monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles.

Gilliam, David P.; Powell, John D.; Bishop, Matt

2005-01-01

293

Synchronizable Objects in Distributed Multimedia Applications  

NASA Astrophysics Data System (ADS)

In training and gaming systems, distributed multimedia are often used, in which the basic content elements must be conveyed or presented in a synchronized order at synchronized moments over multiple devices and in many cases over a network. These content elements are often presented or represented as "Synchronizable Objects" with which their control and management fall into a design pattern. This paper uses the pattern language to capture the common features of these "Synchronizable Objects", in combination of the formal Object-Z specification to treat the architectural construct. The proposed pattern can be applied for content elements with or without intrinsic timing in distributed multimedia applications. Examples are given to show how this pattern can be applied in distributed applications.

Hu, Jun; Feijs, Loe

294

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks  

NASA Astrophysics Data System (ADS)

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

295

Fast and secure key distribution using mesoscopic coherent states of light  

NASA Astrophysics Data System (ADS)

This work shows how two parties A and B can securely share unlimited sequences of random bits at optical speeds. A and B possess true-random physical sources and exchange random bits by using a random sequence received to cipher the following one to be sent. A starting shared secret key is used and the method can be described as a one-time-pad unlimited extender. It is demonstrated that the minimum probability of error in signal determination by the eavesdropper can be set arbitrarily close to the pure guessing level. Being based on the M-ry encryption protocol this method also allows for optical amplification without security degradation, offering practical advantages over the Bennett-Brassard 1984 protocol for key distribution.

Barbosa, Geraldo A.

2003-11-01

296

Linear Programming for Power-System Network Security Applications  

Microsoft Academic Search

A linear programming (LP) method for security dispatch and emergency control calculations on large power systems is presented. The method is reliable, fast, flexible, easy to program, and requires little computer storage. It works directly with the normal power-system variables and limits, and incorporates the usual sparse matrix techniques. An important feature of the method is that it handles multi-segment

B.. Stott; J. L. Marinho

1979-01-01

297

An Analysis Framework for Security in Web Applications  

Microsoft Academic Search

Software systems interact with outside environments (e.g., by taking inputs from a user) and usually have particular assumptions about these environments. Unchecked or im- properly checked assumptions can aect security and reli- ability of the systems. A major class of such problems is the improper validation of user inputs. In this paper, we present the design of a static analysis

Gary Wassermann; Zhendong Su

2004-01-01

298

An artificial immune system architecture for computer security applications  

Microsoft Academic Search

With increased global interconnectivity, reliance on e-commerce, network services, and Internet communication, computer security has become a necessity. Organizations must protect their systems from intrusion and computer-virus attacks. Such protection must detect anomalous patterns by exploiting known signatures while monitoring normal computer programs and network usage for abnormalities. Current antivirus and net- work intrusion detection (ID) solutions can become overwhelmed

Paul K. Harmer; Paul D. Williams; Gregg H. Gunsch; Gary B. Lamont

2002-01-01

299

Securing RDS broadcast messages for smart grid applications  

Microsoft Academic Search

Efforts to reduce peak electrical demand has led to the introduction of demand response (DR) programs for residences. The RDS network is a strong candidate for delivering DR messages due to its low-cost nature and ubiquitous coverage. However, security concerns arise due to the wireless nature of the communication channel. We present evaluations of cryptographic methods that could be employed

Monageng Kgwadi; Thomas Kunz

2010-01-01

300

Lower bounds for the security of modified coherent-one-way quantum key distribution against one-pulse-attack  

NASA Astrophysics Data System (ADS)

Upper bounds for the security of coherent-one-way (COW) quantum key distribution protocols have been analyzed by considering the one-pulse-attack [Branciard C, Gisin N and Scarani V (BGS) New J.Phys. (2008) 10 013031]. However, their security analysis was based on long distance case, and the typical value of the transmission distance is larger than 50 km. Applying the sharp continuity for the von Neumann entropy and some basic inequalities, we provide lower bounds for the security of modified coherent-one-way quantum key distribution protocol against the most general one-pulse-attack by only considering photon number resolved detectors that will be used in the receiver's side. Comparing with BGS's security analysis, our security analysis can be satisfied with arbitrary distance case.

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Chen, Wei; Han, Zheng-Fu; Bao, Wan-Su; Guo, Guang-Can

2011-02-01

301

Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application  

NASA Astrophysics Data System (ADS)

Systems based on Grid computing have not traditionally been developed through suitable methodologies and have not taken into account security requirements throughout their development, offering technical security solutions only during the implementation stages. We are creating a development methodology for the construction of information systems based on Grid Computing, which is highly dependent on mobile devices, in which security plays a highly important role. One of the activities in this methodology is the requirements analysis which is use-case driven. In this paper, we build use case diagrams for a real mobile Grid application by using a UML-extension, called GridUCSec-Profile, through which it is possible to represent specific mobile Grid features and security aspects for use case diagrams, thus obtaining diagrams for secure mobile Grid environments.

Rosado, David G.; Fernández-Medina, Eduardo; López, Javier

302

Shor-Preskill-type security proof for quantum key distribution without public announcement of bases  

NASA Astrophysics Data System (ADS)

We give a Shor-Preskill-type security proof to quantum key distribution without public announcement of bases [W.Y. Hwang et al., Phys. Lett. A 244, 489 (1998)]. First, we modify the Lo-Chau protocol once more so that it finally reduces to the quantum key distribution without public announcement of bases. Then we show how we can estimate the error rate in the code bits based on that in the checked bits in the proposed protocol, which is the central point of the proof. We discuss the problem of imperfect sources and that of large deviation in the error rate distributions. We discuss when the bases sequence must be discarded.

Hwang, Won-Young; Wang, Xiang-Bin; Matsumoto, Keiji; Kim, Jaewan; Lee, Hai-Woong

2003-01-01

303

Image-based electronic patient records for secured collaborative medical applications.  

PubMed

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications. PMID:17282930

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

304

On the Automated Creation of Understandable Positive Security Models for Web Applications  

Microsoft Academic Search

Web applications pose new security-related challenges since attacks on web applications strongly differ from those on client-server applications. Traditional network-based firewall systems offer no protection against this kind of attacks since they occur on the application-level. The current solution is the manual definition of large sets of filtering rules which should prevent malicious attempts from being successful. We propose a

Christian Bockermann; Ingo Mierswa; Katharina Morik

2008-01-01

305

A Design and Implementation of Profile Based Web Application Securing Proxy  

Microsoft Academic Search

\\u000a Recently, the security threat on web application is increasing rapidly and especially open source web applications are becoming\\u000a popular target of web server hacking. And more there was a worm which spread via web application vulnerabilities. Web application\\u000a attack uses the vulnerability not in web server itself, but in structural, logical, and code errors. The majority of flaws\\u000a in web

Youngtae Yun; Yosik Kim; Jaecheol Ryou

2006-01-01

306

Mobile Ad Hoc and Sensor Systems for Global and Homeland Security Applications  

Microsoft Academic Search

\\u000a Communications infrastructures are a critical asset in today’s information society. However, legacy telecommunication systems\\u000a easily collapse in case of disruptions that may occur due to security incidents or crises. In this chapter, we first elaborate\\u000a on the major shortcomings of the current communications networks for security applications to identify the key missing requirements\\u000a for such networks. Then, we show that

Raffaele Bruno; Marco Conti; Antonio Pinizzotto

307

The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications  

Microsoft Academic Search

AVISPA is a push-button tool for the automated validation of Internet security-sensitive protocols and applications. It provides a modular and expressive formal language for specifying protocols and their security properties, and integrates different back-ends that imple- ment a variety of state-of-the-art automatic analysis techniques. To the best of our knowledge, no other tool exhibits the same level of scope and

Alessandro Armando; David A. Basin; Yohan Boichut; Yannick Chevalier; Luca Compagna; Jorge Cuéllar; Paul Hankes Drielsma; Pierre-cyrille Héam; Olga Kouchnarenko; Jacopo Mantovani; Sebastian Mödersheim; David Von Oheimb; Michaël Rusinowitch; Judson Santiago; Mathieu Turuani; Luca Viganò; Laurent Vigneron

2005-01-01

308

Secure Federated Access to GRID applications using SAML\\/XACML  

Microsoft Academic Search

Internationally, the need for federated Identity & Access Management continues to grow, as it allows users to get Single Sign-On access to external resources (a.k.a. Service Providers) using their home account and some attributes that are being released securely by their home organization (a.k.a. Identity Providers). In other words, it solves the problem of service providers needing to create and

Erik Vullings; Markus Buchhorn; James Dalziel

309

Forward Secrecy and Its Application to Future Mobile Communications Security  

Microsoft Academic Search

Perfect forward secrecy, one of the possible security features pro- vided by key establishment protocols, concerns dependency of a session key upon long-term secret keys (symmetric or asymmetric). The feature promises that even if a long-term private key is disclosed to any adversary, the session keys established in the protocol runs using the long-term key would not be compromised. The

Colin Boyd; Sang-jae Moon

2000-01-01

310

Gigahertz decoy quantum key distribution with 1 Mbit\\/s secure key rate  

Microsoft Academic Search

We report the first gigahertz clocked decoy-protocol quantum key distribution\\u000a(QKD). Record key rates have been achieved thanks to the use of\\u000aself-differencing InGaAs avalanche photodiodes designed specifically for high\\u000aspeed single photon detection. The system is characterized with a secure key\\u000arate of 1.02 Mbit\\/s for a fiber distance of 20 km and 10.1 kbit\\/s for 100 km.\\u000aAs

A. R. Dixon; Z. L. Yuan; J. F. Dynes; A. W. Sharpe; A. J. Shields

2008-01-01

311

Bootstrapping Key Pre-Distribution: Secure, Scalable and User-Friendly Initialization of Sensor Nodes  

Microsoft Academic Search

To establish secure (point-to-point and\\/or broadcast) communication channels\\u000aamong the nodes of a wireless sensor network is a fundamental task. To this\\u000aend, a plethora of (socalled) key pre-distribution schemes have been proposed\\u000ain the past. All these schemes, however, rely on shared secret(s), which are\\u000aassumed to be somehow pre-loaded onto the sensor nodes. In this paper, we\\u000apropose

Nitesh Saxena

2008-01-01

312

An empirical analysis of the social security disability application, appeal, and award process  

Microsoft Academic Search

We provide an empirical analysis of the Social Security disability application, award, and appeal process using the Health and Retirement Survey (HRS). We show that the appeal option increases the award probability from 46% to 73%. However, this comes at the cost of significant delays: the duration between application and award is over three times longer for those who are

Hugo Ben??tez-Silva; Moshe Buchinsky; Hiu Man Chan; John Rust; Sofia Sheidvasser

1999-01-01

313

An application of integral engineering technique to information security standards analysis and refinement  

Microsoft Academic Search

The work demonstrates practical application of information security integral engineering technique to solve standards analysis and refinement problem. The application was exemplified by the development and analysis of the ISMS standards (ISO\\/IEC 27000 series) dictionary object model. Standards refinement process consisting of model development, model and standards modification was described. As a result of the research the weaknesses related to

Dmitry V. Cheremushkin; Alexander V. Lyubimov

2010-01-01

314

Secured multi-identity mobile infrastructure and offline mobile-assisted micro-payment application  

Microsoft Academic Search

Wireless networks are increasingly deployed in every-day services. The mobile device is becoming a part of the personal identity for its owner. New mobile standards, such as 3GPP are offering more and more mobile user application areas. It seems very useful to deploy the mobile device itself to support its owner's security and his applications. As mobile devices have no

Wael Adi; Ali Al-Qayedi; Abdulkarim Al Zarooni; Ali Mabrouk

2004-01-01

315

Distributed Computing Framework for Synthetic Radar Application  

NASA Technical Reports Server (NTRS)

We are developing an extensible software framework, in response to Air Force and NASA needs for distributed computing facilities for a variety of radar applications. The objective of this work is to develop a Python based software framework, that is the framework elements of the middleware that allows developers to control processing flow on a grid in a distributed computing environment. Framework architectures to date allow developers to connect processing functions together as interchangeable objects, thereby allowing a data flow graph to be devised for a specific problem to be solved. The Pyre framework, developed at the California Institute of Technology (Caltech), and now being used as the basis for next-generation radar processing at JPL, is a Python-based software framework. We have extended the Pyre framework to include new facilities to deploy processing components as services, including components that monitor and assess the state of the distributed network for eventual real-time control of grid resources.

Gurrola, Eric M.; Rosen, Paul A.; Aivazis, Michael

2006-01-01

316

SENTINEL: securing database from logic flaws in web applications  

Microsoft Academic Search

Logic flaws within web applications allow the attackers to disclose or tamper sensitive information stored in back-end databases, since the web application usually acts as the single trusted user that interacts with the database. In this paper, we model the web application as an extended finite state machine and present a black-box approach for deriving the application specification and detecting

Xiaowei Li; Wei Yan; Yuan Xue

2012-01-01

317

78 FR 14847 - Topaz Exchange, LLC; Notice of Filing of Application for Registration as a National Securities...  

Federal Register 2010, 2011, 2012, 2013

...Exchange's Form 1 application, including all of the...including whether the application is consistent with the...Murphy, Secretary, Securities and Exchange Commission...Commission's Internet Web site (http://www...communications relating to the application between the...

2013-03-07

318

Application of AHP to support information security decision making in case of Indian e-government systems  

Microsoft Academic Search

This paper examines the application of AHP in evaluating information security policy decision making with respect to Indian e-government systems. We suggest a new model based on four aspects of information security (management, technology, economy and culture) and three information security components (confidentiality, integrity and availability). AHP methodology was applied to analyze the decision making process. It is found that

Mayur Gaigole; Nilay Khere

2011-01-01

319

Definition and Validation of Design Metrics for Distributed Applications  

Microsoft Academic Search

As distributed technologies become more widely used , the need for assessing the quality of distributed applications correspondingly increases. Despite the rich body of research and practice in developing quality measures for centralised applications, there has be en little emphasis on measures for distributed softwar e. The need to understand the complex structure and behavi our of distributed applications suggests

Pablo Rossi; George Fernandez

2003-01-01

320

Bayesian performance metrics of binary sensors in homeland security applications  

NASA Astrophysics Data System (ADS)

Bayesian performance metrics, based on such parameters, as: prior probability, probability of detection (or, accuracy), false alarm rate, and positive predictive value, characterizes the performance of binary sensors; i.e., sensors that have only binary response: true target/false target. Such binary sensors, very common in Homeland Security, produce an alarm that can be true, or false. They include: X-ray airport inspection, IED inspections, product quality control, cancer medical diagnosis, part of ATR, and many others. In this paper, we analyze direct and inverse conditional probabilities in the context of Bayesian inference and binary sensors, using X-ray luggage inspection statistical results as a guideline.

Jannson, Tomasz P.; Forrester, Thomas C.

2008-05-01

321

A technology acquisition strategy for the security of water distribution networks.  

SciTech Connect

This slide presentation outlines information on a technology acquisition strategy for the security of water distribution networks. The Department of Homeland Security (DHS) has tasked a multi-laboratory team to evaluate current and future needs to protect the nation's water distribution infrastructure by supporting an objective evaluation of current and new technologies. The primary deliverables from this Operational Technology Demonstration (OTD) are the following: establishment of an advisory board for review and approval of testing protocols, technology acquisition processes and recommendations for technology test and evaluation in laboratory and field settings; development of a technology acquisition process; creation of laboratory and field testing and evaluation capability; and, testing of candidate technologies for insertion into a water early warning system. The initial phase of this study involves the development of two separate but complementary strategies to be reviewed by the advisory board: a technology acquisition strategy; and, a technology evaluation strategy. Lawrence Livermore National Laboratory and Sandia National Laboratories are tasked with the first strategy, while Los Alamos, Pacific Northwest, and Oak Ridge National Laboratories are tasked with the second strategy. The first goal of the acquisition strategy is the development of a technology survey process that includes a review of current test programs and development of a method to solicit and select existing and emerging sensor technologies for evaluation and testing. The second goal is to implement the acquisition strategy to provide a set of recommendations for candidate technologies for laboratory and field testing.

Einfeld, Wayne; Love, Adam (Lawrence Livermore National Laboratory, Livermore, CA); Alai, Maureen (Lawrence Livermore National Laboratory, Livermore, CA); Glascoe, Lee G. (Lawrence Livermore National Laboratory, Livermore, CA)

2005-04-01

322

A testing framework for Web application security assessment  

Microsoft Academic Search

The rapid development phases and extremely short turnaround time of Web applications make it difficult to elim- inate their vulnerabilities. Here we study how software testing techniques such as fault injection and runtime monitoring can be applied to Web applications. We implemented our proposed mechanisms in the Web Application Vulnerability and Error Scanner (WAVES)—a black-box testing framework for automated Web

Yao-wen Huang; Chung-hung Tsai; Tsung-po Lin; Shih-kun Huang; D. T. Lee; Sy-yen Kuo

2005-01-01

323

Anomaly detection using negative security model in web application  

Microsoft Academic Search

Today's combat zone for both ethical and unethical hackers is the web. Rapid growth of web sites and web applications gives way to deliver complex business applications through the web. As the web dependency increases, so do the web hacking activities. Web applications are normally written in scripting languages like JavaScript, PHP embedded in HTML allowing connectivity to the databases,

M. Auxilia; D. Tamilselvan

2010-01-01

324

Ultra Wideband (UWB) communication vulnerability for security applications.  

SciTech Connect

RF toxicity and Information Warfare (IW) are becoming omnipresent posing threats to the protection of nuclear assets, and within theatres of hostility or combat where tactical operation of wireless communication without detection and interception is important and sometimes critical for survival. As a result, a requirement for deployment of many security systems is a highly secure wireless technology manifesting stealth or covert operation suitable for either permanent or tactical deployment where operation without detection or interruption is important The possible use of ultra wideband (UWB) spectrum technology as an alternative physical medium for wireless network communication offers many advantages over conventional narrowband and spread spectrum wireless communication. UWB also known as fast-frequency chirp is nonsinusoidal and sends information directly by transmitting sub-nanosecond pulses without the use of mixing baseband information upon a sinusoidal carrier. Thus UWB sends information using radar-like impulses by spreading its energy thinly over a vast spectrum and can operate at extremely low-power transmission within the noise floor where other forms of RF find it difficult or impossible to operate. As a result UWB offers low probability of detection (LPD), low probability of interception (LPI) as well as anti-jamming (AJ) properties in signal space. This paper analyzes and compares the vulnerability of UWB to narrowband and spread spectrum wireless network communication.

Cooley, H. Timothy

2010-07-01

325

Using trusted third parties for secure telemedical applications over the WWW: the EUROMED-ETS approach.  

PubMed

This paper reports on the results obtained by the pilot operation of Trusted Third Parties (TTP) for secure telemedical applications over the WWW. The work reported on herein was carried out within the context of EUROMED-ETS, a R&D project funded by the INFOSEC office of Directorate General XIII of the European Union. The paper discusses the platform used, the security needs of the specific application, the TTP solution provided, the steps taken in order to implement the solution at a pilot scale and the results of the pilot operation; it is compiled using material included in the project deliverables. PMID:9723802

Katsikas, S K; Spinellis, D D; Iliadis, J; Blobel, B

1998-03-01

326

Security Issues in Mobile Agents  

Microsoft Academic Search

Mobile agents offer a new paradigm for distributed computation, but their potential benefits must be weighted against the very security threats they pose. These threats originate not just in malicious agents but malicious hosts as well. Thus security is a very crucial issue in dealing with mobile agent systems without which their implementation in real life applications will be rendered

Kedar Mohare

327

Securing elastic applications on mobile devices for cloud computing  

Microsoft Academic Search

Cloud computing provides elastic computing infrastructure and resources which enable resource-on-demand and pay-as-you-go utility computing models. We believe that new applications can leverage these models to achieve new features that are not available for legacy applications. In our project we aim to build elastic applications which augment resource-constrained platforms, such as mobile phones, with elastic computing resources from clouds. An

Xinwen Zhang; Joshua Schiffman; Simon Gibbs; Anugeetha Kunjithapatham; Sangoh Jeong

2009-01-01

328

Secure PVM.  

National Technical Information Service (NTIS)

This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user's PVM application, or, optionally, security ca...

T. H. Dunigan N. Venugopal

1996-01-01

329

Modeling and Testing Secure Web-Based Systems: Application to an Industrial Case Study  

Microsoft Academic Search

Ensuring that a Web-based system respects its security requirements is a critical issue that has become more and more difficult to perform in these last years. This difficulty is due to the complexity level of such systems as well as their variety and increasing distribution. To guarantee such a respect, we need to test the target Web system by applying

Wissam Mallouli; Mounir Lallali; Gerardo Morales; Ana Rosa Cavalli

2008-01-01

330

Extending XACML Authorisation Model to Support Policy Obligations Handling in Distributed Applications  

Microsoft Academic Search

The paper summarises the recent and on-going developments and discussions in the Grid security community to built interoperable and scalable AuthZ infrastructure for distributed applications. The paper provides a short overview of the XACML policy format and policy obligations definition in the XACML specification. The paper analyses the basic use cases for obligations in computer Grids and on-demand network resource

Yuri Demchenko; Cees de Laat; Oscar Koeroo; Hakon Sagehaug

331

Generalized Role-Based Access Control for Securing Future Applications  

Microsoft Academic Search

As computing technology becomes more pervasive andbroadband services are deployed into residential communities,new applications will emerge for the homeand community environment. These applications willassist people in a variety of daily activities by enablingthem to create, access, and manipulate informationabout the residents and resources in their homes.In a connected community, resources in the home andinformation about the residents of the home

2000-01-01

332

Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices  

NASA Astrophysics Data System (ADS)

In general, quantum key distribution (QKD) has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noncloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108: 130503].

Liang, Lin-Mei; Sun, Shi-Hai; Jiang, Mu-Sheng; Li, Chun-Yan

2014-05-01

333

Sub-operating systems: a new approach to application security  

Microsoft Academic Search

Users regularly exchange apparently innocuous data files using email and ftp. While the users view these data as passive, there are situations when they are interpreted as code by some system application. In that case the data become \\

Sotiris Ioannidis; Steven M. Bellovin; Jonathan M. Smith

2002-01-01

334

Characterisation of Liquid Properties by Electrical Capacitance Tomography Sensor for Security Applications  

Microsoft Academic Search

The ECT sensor based on electrical permittivity measurements is presented which may be applied to security application for contactless detection of flammable and explosive liquid. The structure, geometry and size of ECT sensor are discussed in this paper; two types of capacitance sensor are designed and compared. COMSOL simulation software is used to evaluate the performance of designed sensor. An

Li Nan; Guo Bao-long; Huang Chuan

2009-01-01

335

Safe VISITOR: visible, infrared, and terahertz object recognition for security screening application  

Microsoft Academic Search

Security solutions with the purpose to detect hidden objects underneath the clothing of persons are desired in many environments. With the variety of application scenarios criteria like flexibility and mobility become more important. So, many developments trend to focus on cameras, which can image scenes from a distance. This new generation of tools will have the advantage of hidden operation,

T. May; G. Zieger; S. Anders; V. Zakosarenko; H.-G. Meyer; M. Schubert; M. Starkloff; M. Rößler; G. Thorwirth; U. Krause

2009-01-01

336

Fuzzy modular arithmetic for cryptographic schemes with applications for mobile security  

Microsoft Academic Search

Modular arithmetic is a key operation in modern cryptology. This paper presents a modified modular computation strategy to simplify processing of modular arithmetic for cryptographic applications. A novel technique called fuzzy modular arithmetic is presented. The impact of this technique on the implementation of modular computations is discussed in particular cases. The impact of the technique on system security for

W. Adi

2000-01-01

337

THz all-electronic 3D imaging for safety and security applications  

Microsoft Academic Search

The ability of terahertz and millimeter-wave imaging to detect suspicious hidden objects underneath or in luggage has led to increased interest in these techniques. Several approaches have been demonstrated in the past few years, amongst which active, all-electronic terahertz imaging has proven to be particularly adapted for safety and security applications. It combines a large dynamic range and the ability

Bernd M. Fischer; Yaël Demarty; Markus Schneider; Torsten Löffler; Andreas Keil; Holger Quast

2010-01-01

338

Towards real-time active THz range imaging for security applications  

Microsoft Academic Search

Active Terahertz imaging technology for security applications overcomes the current limitations of commercially available passive imaging systems. These limitations are either a fairly low spatial resolution or a too slow image acquisition time. At the same time, active systems based on all-electronic sources and detectors offer a very large dynamic range and the ability to perform range measurements. In this

H. Quast; T. Loffler

2009-01-01

339

THz imaging and sensing for security applications---explosives, weapons and drugs  

Microsoft Academic Search

Over the past 5 years, there has been a significant interest in employing terahertz (THz) technology, spectroscopy and imaging for security applications. There are three prime motivations for this interest: (a) THz radiation can detect concealed weapons since many non-metallic, non-polar materials are transparent to THz radiation; (b) target compounds such as explosives and illicit drugs have characteristic THz spectra

John F. Federici; Brian Schulkin; Feng Huang; Dale Gary; Robert Barat; Filipe Oliveira; David Zimdars

2005-01-01

340

Work in progress — Web penetration testing: Effectiveness of student learning in Web application security  

Microsoft Academic Search

Web penetration testing embodies both the understanding of attack and defense philosophies. By learning malicious hacking activities, students will understand the perspectives of attackers and realize how to defend a Web application system. To foster information security education, it is important to introduce the attack understanding philosophy. Using student group projects, this study aims to measure student learning effectiveness in

Hwee-Joo Kam; Joshua J. Pauli

2011-01-01

341

Using Incremental JavaServer Faces Projects for Promoting Active Learning in Teaching Web Applications & Security  

Microsoft Academic Search

This paper introduces the pedagogical approach of using incremental lab projects for promoting active learning in teaching Web applications and Security. These incremental lab projects are easy to learn, easy to implement, and relevant with the targeted subjects in nature. This set of lab projects starts with a base project and progressively becomes more complicated as more requirements are introduced

Cheer-Sun Yang

2006-01-01

342

A Security Framework of Group Location-Based Mobile Applications in Cloud Computing  

Microsoft Academic Search

In this paper, we present a secure frame- work when the location information of mobile terminals is utilized in a cloud computing environment. Because cloud computing provides powerful storage capabil- ity and scalability, many application providers start migrating the data stored in their original databases to outsourced databases (ODB), such as AMAZON SIMPLEDB. However, because of the multiple tenants and

Yu-Jia Chen; Li-Chun Wang

2011-01-01

343

Information security issue of enterprises adopting the application of cloud computing  

Microsoft Academic Search

Cloud computing has become one of the most significant issues in recent years. Those associative applications and services based on cloud computing are dramatically emerging. However, in order to enjoy the widely utilization of cloud computing through wired\\/wireless networking, providing sufficient assurance of information security such as confidentiality, authentication, non-repudiation, and integrity is the critical factor of success promotion. In

Chang-Lung Tsai; Uei-Chin Lin; Allen Y. Chang; Chun-Jung Chen

2010-01-01

344

The use of neutrons for the detection of explosives in Civil Security Applications  

SciTech Connect

The search for hidden explosives has been simulated in laboratory conditions by using our Tagged Neutron Inspection System (TNIS). Applications of the TNIS concept to Civil Security problems are discussed in the light of our projects for cargo container inspections. Moreover, neutron attenuation and scattering can be used to search in real time for large quantity of explosive hidden in vehicles.

Pesente, S.; Fabris, D.; Lunardon, M.; Moretto, S.; Nebbia, G.; Viesti, G. [Dipartimento di Fisica dell' Universita di Padova, I-35131 Padova (Italy); INFN Sezione di Padova, I-35131 Padova (Italy)

2007-02-12

345

EARTH OBSERVATION IMAGES INFORMATION MINING FOR FLOODING AND SECURITY RELATED APPLICATIONS  

Microsoft Academic Search

Nowadays the Earth Observation sensors provide images containing detailed information relevant for applications related to hazard or security matters. Unfortunately, image information mining, its interpretation and transformation in products useful to the rescue or decision teams is still a laborious task, effectuated many times by visual inspection and manual annotations of the images, thus not appropriate to react in prerequisite

Daniela Faur; Mihai Datcu

346

Nonlinear observer performance in chaotic synchronization with application to secure communication  

Microsoft Academic Search

This work is on performance comparison of five different nonlinear observers in two chaotic synchronization case studies and their application to secure communications. Extended Kalman filter, state dependent Riccati equation, Thau's observer, high-gain observer, and covariance upper bound assignment techniques are used in state reconstruction of two chaotic nonlinear systems, namely Chua and Lorenz systems. We show that synchronization of

Javid Amirazodi; Edwin E. Yaz; Asad Azemi; Yvonne I. Yaz

2002-01-01

347

Application of an explosive detection device based on quadrupole resonance (QR) technology in aviation security  

Microsoft Academic Search

The Federal Aviation Administration has deployed Advanced Technology (AT) based explosive detection devices for screening checked baggage in US domestic airports. The paper addresses the application of quadrupole resonance (QR) technology to detect explosives in checked baggage in aviation security. This technology was deployed in combination with advanced X-ray by the US government. The paper focuses on the quadrupole resonance

Ed Rao; William J. Hughes

2001-01-01

348

Development of Standardized Clinical Training Cases for Diagnosis of Sexual Abuse using a Secure Telehealth Application  

ERIC Educational Resources Information Center

Objectives: The training of physicians, nurse examiners, social workers and other health professional on the evidentiary findings of sexual abuse in children is challenging. Our objective was to develop peer reviewed training cases for medical examiners of child sexual abuse, using a secure web based telehealth application (TeleCAM). Methods:…

Frasier, Lori D.; Thraen, Ioana; Kaplan, Rich; Goede, Patricia

2012-01-01

349

On the application of parameter identifiability to the security of chaotic synchronization  

Microsoft Academic Search

We apply the concept of parameter identifiability to the security of parameters in chaos-based communication. The parameter is a good choice of the secret key if it is not identifiable. To test the parameter identifiability, we use the linear algebraic method based on differential 1-forms, which is applicable to more general systems than existing results. We analyze the identifiability of

Xiyin Liang; Jiangfeng Zhang; Xiaohua Xia

2008-01-01

350

Addressable flat-panel x-ray sources for medical, security, and industrial applications  

NASA Astrophysics Data System (ADS)

Traditional tube-based x-ray sources are widely employed in medical imaging, security screening, and industrial inspection. The cone-beam produced by these tubes is simple to apply, but often demands a long stand-off distance to the object of interest. When combined with the bulk of tubes and their attendant power supplies and cooling systems, the footprint requirement of traditional sources often impedes their use, especially in mobile situations. Here we present an approach to a distributed, flat-panel x-ray source, which eliminates the aforementioned bulk, weight and need for standoff. This source uses spontaneous polarization in pyroelectric crystals to generate high fields and field enhanced emission from micropatterned tips to create a large array of electron beamlets. When combined with a transmission Bremsstrahlung target, a mechanism for raster control of the emitters, and a collimator, this source offers a new and cost effective way to perform stationary and portable imaging. The working principles and performance characteristics of this source are presented. The demands placed on the imaging detector and image processing are also described. Finally, prospects for new promising applications (such as mammography) are mentioned.

Travish, Gil; Rangel, Felix J.; Evans, Mark A.; Hollister, Ben; Schmiedehausen, Kristin

2012-10-01

351

Experimental quantum key distribution with finite-key security analysis for noisy channels.  

PubMed

In quantum key distribution implementations, each session is typically chosen long enough so that the secret key rate approaches its asymptotic limit. However, this choice may be constrained by the physical scenario, as in the perspective use with satellites, where the passage of one terminal over the other is restricted to a few minutes. Here we demonstrate experimentally the extraction of secure keys leveraging an optimal design of the prepare-and-measure scheme, according to recent finite-key theoretical tight bounds. The experiment is performed in different channel conditions, and assuming two distinct attack models: individual attacks or general quantum attacks. The request on the number of exchanged qubits is then obtained as a function of the key size and of the ambient quantum bit error rate. The results indicate that viable conditions for effective symmetric, and even one-time-pad, cryptography are achievable. PMID:24008848

Bacco, Davide; Canale, Matteo; Laurenti, Nicola; Vallone, Giuseppe; Villoresi, Paolo

2013-01-01

352

Security Technologies for Open Networking Environments (STONE)  

SciTech Connect

Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Ad

Muftic, Sead

2005-03-31

353

Web Applications Security Assessment in the Portuguese World Wide Web Panorama  

Microsoft Academic Search

\\u000a Following the EU Information and Communication Technologies agenda, the Portuguese Government has started the creation of\\u000a many applications, enabling electronic interaction between individuals, companies and the public administration – the e-Government.\\u000a Due to the Internet open nature and the sensitivity of the data that those applications have to handle, it is important to\\u000a ensure and assess their security. Financial institutions,

Nuno Teodoro; Carlos Serrão

354

Applications of nuclear techniques relevant for civil security  

NASA Astrophysics Data System (ADS)

The list of materials which are subject to inspection with the aim of reducing the acts of terrorism includes explosives, narcotics, chemical weapons, hazardous chemicals and radioactive materials. To this we should add also illicit trafficking with human beings. The risk of nuclear terrorism carried out by sub-national groups is considered not only in construction and/or use of nuclear device, but also in possible radioactive contamination of large urban areas. Modern personnel, parcel, vehicle and cargo inspection systems are non-invasive imaging techniques based on the use of nuclear analytical techniques. The inspection systems use penetrating radiations: hard x-rays (300 keV or more) or gamma-rays from radioactive sources (137Cs and 60Co with energies from 600 to 1300 keV) that produce a high resolution radiograph of the load. Unfortunately, this information is ''non-specific'' in that it gives no information on the nature of objects that do not match the travel documents and are not recognized by a visual analysis of the radiographic picture. Moreover, there are regions of the container where x and gamma-ray systems are ''blind'' due to the high average atomic number of the objects irradiated that appear as black spots in the radiographic image. Contrary to that is the use of neutrons; as results of the bombardment, nuclear reactions occur and a variety of nuclear particles, gamma and x-ray radiation is emitted, specific for each element in the bombarded material. The problem of material (explosive, drugs, chemicals, etc.) identification can be reduced to the problem of measuring elemental concentrations. Neutron scanning technology offers capabilities far beyond those of conventional inspection systems. The unique automatic, material specific detection of terrorist threats can significantly increase the security at ports, border-crossing stations, airports, and even within the domestic transportation infrastructure of potential urban targets as well as protecting armed forces and infrastructure.

Valkovi, Vlado

2006-05-01

355

Bayesian performance metrics and small system integration in recent homeland security and defense applications  

NASA Astrophysics Data System (ADS)

In this paper, Bayesian inference is applied to performance metrics definition of the important class of recent Homeland Security and defense systems called binary sensors, including both (internal) system performance and (external) CONOPS. The medical analogy is used to define the PPV (Positive Predictive Value), the basic Bayesian metrics parameter of the binary sensors. Also, Small System Integration (SSI) is discussed in the context of recent Homeland Security and defense applications, emphasizing a highly multi-technological approach, within the broad range of clusters ("nexus") of electronics, optics, X-ray physics, ?-ray physics, and other disciplines.

Jannson, Tomasz; Kostrzewski, Andrew; Patton, Edward; Pradhan, Ranjit; Shih, Min-Yi; Walter, Kevin; Savant, Gajendra; Shie, Rick; Forrester, Thomas

2010-04-01

356

Application of classification methods in assessment of NATO member countries' economic, security and political risks  

NASA Astrophysics Data System (ADS)

The aim of this paper is to attempt possible quantification of determinants of military expenditure and their application to current NATO member countries. To analyse the economic, security and political risks of NATO member countries, author employ multivariate statistical techniques which take into consideration the multivariate properties of the data sets used as input variables. Classification of countries based on cluster analysis has made it possible to identify disparities between NATO member countries, and thus to describe diverse economic or security environment affecting the amount of military expenditure as a percentage of the respective countries' gross domestic product.

Odehnal, Jakub

2013-10-01

357

PERSONAL ENCRYPTED TALK - SECURING INSTANT MESSAGING WITH A JAVA APPLICATION  

Microsoft Academic Search

Most users of mainstream Instant Messaging applications on the Internet don't realize their conver- sations are being transmitted in clear text and are vulnerable to eavesdropping during transmission. This project report presents a solution to this problem implemented in a final project for CS699 in the spring of 2005 at Rivier College. The project was entitled Personal Encrypted Talk and

David Snogles

2005-01-01

358

Secure sensor platform (SSP) for materials' sealing and monitoring applications  

Microsoft Academic Search

For over a decade, Sandia National Laboratories has collaborated with domestic and international partners in the development of intelligent radio frequency (RF) loop seals and sensor technologies for multiple applications. Working with US industry, the International Atomic Energy Agency and Russian institutes; the Sandia team continues to utilize gains in technology performance to develop and deploy increasingly sophisticated platforms. Seals

B. Schoeneman; S. Blankenau

2005-01-01

359

REAL-TIME ENVIRONMENTAL MONITORING: APPLICATIONS FOR HOMELAND SECURITY  

EPA Science Inventory

Real-time monitoring technology developed as part of the EMPACT program has a variety of potential applications. These tools can measure a variety of potential contaminants in the air, water, in buildings, or in the soil. Real-time monitoring technology allows these detection sys...

360

Distributed Combined Authentication and Intrusion Detection With Data Fusion in High-Security Mobile Ad Hoc Networks  

Microsoft Academic Search

Multimodal biometric technology provides potential solutions for continuous user-to-device authentication in high- security mobile ad hoc networks (MANETs). This paper studies distributed combined authentication and intrusion detection with data fusion in such MANETs. Multimodal biometrics are deployed to work with intrusion detection systems (IDSs) to alleviate the shortcomings of unimodal biometric systems. Since each device in the network has measurement

Shengrong Bu; F. Richard Yu; Xiaoping P. Liu; Peter Mason; Helen Tang

2011-01-01

361

Studies in Income Distribution. Estimation of Social Security Taxes on the March Current Population Survey. No. 4.  

ERIC Educational Resources Information Center

The impact of the tax-transfer system on the distribution of income among economic units is the subject of a number of studies by the Office of Research and Statistics of the Social Security Administration. One of the most important data sources for the work is the Census Bureau's March Current Population Survey (CPS). To conduct such studies, the…

Bridges, Benjamin, Jr.; Johnston, Mary P.

362

Iodine-129 AMS for Earth Science, Biomedical, and National Security Applications  

SciTech Connect

This Laboratory Directed Research and Development project created the capability to analyze the radionuclide iodine-129 ({sup 129}I) by accelerator mass spectrometry (AMS) in the CAMS facility at LLNL, and enhanced our scientific foundation for its application through development of sample preparation technology required for environmental, biomedical, and national security applications. The project greatly improved our environmental iodine extraction and concentration methodology, and developed new techniques for the analysis of small quantities of {sup 129}I. The project can be viewed as having two phases, one in which the basic instrumental and chemical extraction methods necessary for general {sup 129}I analysis were developed, and a second in which these techniques were improved and new techniques were developed to enable broader and more sophisticated applications. The latter occurred through the mechanism of four subprojects that also serve as proof-of-principle demonstrations of our newly developed {sup 129}I capabilities. The first subproject determined the vertical distribution of bomb-pulse {sup 129}I ({sup 129}Iv distributed globally as fallout from 1950's atmospheric nuclear testing) through 5 meters in the upper vadose zone in the arid southwestern United States. This characterizes migration mechanisms of contaminant {sup 129}I, or {sup 129}I released by nuclear fuel reprocessing, as well as the migration of labile iodine in soils relative to moisture flux, permitting a determination of nutrient cycling. The second subproject minimized the amount of iodine required in an AMS sample target. Because natural iodine abundances are very low in almost all environments, many areas of research had been precluded or made extremely difficult by the demands of sample size. Also, certain sample types of potential interest to national security are intrinsically small - for example iodine on air filters. The result of this work is the ability to measure the {sup 129}I/{sup 127}I ratio at the 2E-07 level or higher in a sample as small as a single raindrop. The third subproject tested the feasibility of using bomb-pulse {sup 129}I in shallow groundwaters in the Sierra Nevada to determine the source of waters entering into the Merced River. The sources of water and their time (age) within the hydrologic system is crucial to understanding the effects of climate change on California waters. The project is in collaboration with faculty and students at the University of California - Merced, and is now the subject of a follow-on Ph.D. dissertation project funded by the LLNL-URP University Education Participation Program. The fourth subproject examined the requirements for using the decay of {sup 129}I to date pore waters associated with continental shelf methane hydrate deposits. Understanding the age of formation and the historical stability of these hydrates is important in determining their response to climate change. Thawing of the world's methane hydrates would quickly and dramatically increase greenhouse gases in the atmosphere. The calculations and testing performed on this project have led to a follow on project that selectively implants {sup 127}I to the exclusion of {sup 129}I, creating an analytical iodine carrier with a substantially lower {sup 129}I background than is available from natural sources. This will permit measurement of {sup 129}I/{sup 127}I ratios at sub-10-14 levels, thereby providing a method for dating hydrate pore waters that are tens of millions of years old.

Nimz, G; Brown, T; Tumey, S; Marchetti, A; Vu, A

2007-02-20

363

Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks  

PubMed Central

Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

Sahoo, Prasan Kumar

2012-01-01

364

Surface penetrating radar for industrial and security applications  

NASA Astrophysics Data System (ADS)

Surface penetrating radar is playing an ever increasing role in enabling the nondestructive investigation of the ground, and within buildings, bridges and other vertical structures. Further technical developments are improving the clarity of the radar image and providing the operator with a clear, uncluttered radar image of wanted targets. While surface penetrating radar techniques have not received the much larger development investments that conventional military radars have achieved, the technology is playing a vital role in broadening the commercial market for radar methods. A number of applications are explored, including those concerned with buried bodies, antitank and antipersonnel mines, and detection of voids around sewers. Various system components and techniques are discussed, including frequency filtering, clutter reduction, waveform processing, signal processing, transmitters, receivers, and antenna arrays.

Daniels, David J.

1994-12-01

365

Distributed-application development tools for DCE\\/OSF  

Microsoft Academic Search

DCE\\/OSF (Distributed Computing Environment by the Open Software Foundation) offers a comprehensive remote procedure call (RPC) based solution for the development of open distributed applications across a network of heterogeneous multiple-vendor machines. However, even simple DCE applications may have a rather complicated structure, requiring good understanding of the elaborate DCE technology. In this paper, we examine the DCE application development

Uri Shani; Israel Gold

1994-01-01

366

Miniature EO/IR sensors for border security applications  

NASA Astrophysics Data System (ADS)

The geographic lines of the land borders between the United States and Mexico total over 6,000 miles. The vast majority of those borders are in difficult to reach remote landscape. This makes it nearly impossible to patrol with any reasonable amount of personal or budget. Thus, the primary approach has been to mix a combination of low cost acoustic/seismic sensors with remotely controlled EO cameras. While moderately successful in controlled locations, these systems are expensive to install and expensive to man. The cost of these systems rises further when operation is required in night and adverse weather conditions. A lower cost of installation and maintenance could be achieved with miniaturized EO/IR cameras combined with intelligent remote and central processing. Advances in both VNIR and LW infrared sensors and developments in integrated signal processing now make possible a distributed low cost surveillance system. The ability now exists to detect, track, and classify people and equipment prior to notification of the responding agent.

Hornback, William B.

2006-06-01

367

Towards Reliable Cross Sections for National Security Applications  

SciTech Connect

Stockpile stewardship requires the description of weapons performance without resorting to underground nuclear testing. In the earlier tests, selected isotopes were used as detectors, and recovered after irradiation. Aspects of nuclear device performance were inferred by comparing the measured isotopic ratios to those predicted from simulations. The reaction flows that produce the final isotopic distributions proceed through regions of the nuclear chart that include unstable nuclei. Presently, improved nuclear data input is required to reanalyze prior tests and to certify the stockpile's reliability and safety. Many important cross sections are unknown, as is shown in the example of the Yttrium reaction network (Figure 1). The relevant reactions include (n,2n), (n,n'), (n,gamma), (n,p) and other charged-particle emitting reactions. The cross sections have to be calculated or inferred from indirect measurements. In both cases, reliable optical models that are valid a few nucleons away from stability are needed. The UNEDF Nuclear Reaction activities address this need by combining nuclear-structure input from UNEDF structure calculations with modern reaction theory and large-scale computational capabilities to develop microscopic nucleon-nucleus optical potentials that can be extrapolated to unstable nuclei. In addition, the reaction calculation tools and optical models developed in this context are proving valuable for planning and interpreting indirect (surrogate) measurements of the required cross sections.

Escher, J E; Dietrich, F S; Nobre, G A; Thompson, I J

2011-02-24

368

Web Based Application for Distributed Remote Measurement Viewing  

Microsoft Academic Search

The paper discusses web based application for distributed automation. Realization is made over three-layer distributed model. XML table driven communication model is used for heterogeneous connection of different parts of the system. Functionality of the model is delegated and distributed among servers and embedded systems. Majority features of realization, concerning scalability, flexibility, distribution, collecting and delegating of functionality, reliability and

Ivan Stankov; Grisha Spasov

369

Photopolymer-based holographic variable data storage system for security applications  

NASA Astrophysics Data System (ADS)

Photopolymer based microholograms are gaining much importance in the field of security imaging, product authentication and prevention of document forgery. Security holograms, mass produced through soft or hard embossing, from electroformed metal master holograms are not amenable to store and retrieve variable data. On the other side, rapid developments in optical and digital technologies result in large scale counterfeiting of conventional security holograms and look-alike holograms of great exactitude is becoming a real threat to original manufacturers. In contrast to conventional recording materials, photopolymer holograms do not need wet processing. They are amenable to replication and, at the same time, can hold variable data. This, apart from security at various levels, facilitates machine readability, automation, easy tracking and effective maintenance of inventory. This paper presents design, development and performance evaluation of a photopolymer based holographic variable data storage system for security applications. A liquid crystal spatial light modulator (SLM) is used to create a modulated optical data beam that varies from hologram to hologram. Photopolymer films in tape form are applied for continuous recording of micro-holograms, synchronous with the variable data content. This is a novel, but simple data storage system and can be used to give added security, in conjunction with conventional holograms. Easy and on site verification by applying special reading devices and dedicated software is the other charm of the proposed system. Moreover, for added protection, variable key based data encryption can be applied effectively. System parameters like diffraction efficiency, recording speed, preprocessing requirements etc. are analyzed and the response of the photopolymer material is also evaluated.

Sheeja, M. K.; Ajith Kumar, P. T.; Achuthsankar, S. Nair

2006-10-01

370

17 CFR 230.139 - Publications or distributions of research reports by brokers or dealers distributing securities.  

...false Publications or distributions of research reports by brokers or dealers distributing...139 Publications or distributions of research reports by brokers or dealers distributing...dealer's publication or distribution of a research report about an issuer or any...

2014-04-01

371

An efficient application of a dynamic crypto system in mobile wireless security  

Microsoft Academic Search

The vast growth of wireless networks, with the associated importance of mobile computing, has generated a huge interest in wireless security and performance. Encryption mechanisms that are recently deployed in the wireless domain, including WEP (802.11) and TKIP (802.1X), all appear to require more enhancements. In this paper, we present the application of a new dynamic encryption system for the

Hamdy S. Soliman; Mohammed Omari

2004-01-01

372

Phase Contrast X-ray Imaging Signatures for Homeland Security Applications  

SciTech Connect

Gratings-based phase contrast imaging is a promising new radiographic technique providing three distinct contrast mechanisms, absorption, phase, and scatter, using a conventional x-ray tube source. We investigate the signatures available in these three contrast mechanisms with particular attention towards potential homeland security applications. We find that the scatter mode in particular is sensitive to textured materials, enabling lowered detection limits than absorption for materials such as powders. We investigate the length scales to which our imaging system is sensitive.

Miller, Erin A.; White, Timothy A.; McDonald, Benjamin S.; Seifert, Allen; Flynn, Michael J.

2011-06-13

373

SC-CNNs for chaotic signal applications in secure communication systems.  

PubMed

In this paper a CNNs based circuit for the generation of hyperchaotic signals is proposed. The circuit has been developed for applications in secure communication systems. An Saito oscillator has been designed by using a suitable configuration of a four-cells State-Controlled CNNs. A cryptography system based on the Saito oscillator has been implemented by using inverse system synchronization. The proposed circuit implementation and experimental results are given. PMID:15031854

Caponetto, Riccardo; Fortuna, Luigi; Occhipinti, Luigi; Xibilia, Maria Gabriella

2003-12-01

374

HEALERS: A Toolkit for Enhancing the Robustness and Security of Existing Applications  

Microsoft Academic Search

HEALERS is a practical, high-performance toolkit that can enhance the\\u000arobustness and security of existing applications. For any shared\\u000alibrary, it can find all functions defined in that library and\\u000aautomatically derives properties for those functions. Through\\u000aautomated fault-injection experiments, it can detect arguments that\\u000acause the library to crash and derive safe argument types for each\\u000afunction. The toolkit

Christof Fetzer; Zhen Xiao

2003-01-01

375

Developing Energy Crops for Thermal Applications: Optimizing Fuel Quality, Energy Security and GHG Mitigation  

Microsoft Academic Search

Unprecedented opportunities for biofuel development are occurring as a result of increasing energy security concerns and the\\u000a need to reduce greenhouse gas (GHG) emissions. This chapter analyzes the potential of growing energy crops for thermal energy\\u000a applications, making a case-study comparison of bioheat, biogas and liquid biofuel production from energy crops in Ontario.\\u000a Switchgrass pellets for bioheat and corn silage

Roger Samson; Claudia Ho Lem; Stephanie Bailey Stamler; Jeroen Dooper

376

Distribution automation: Applications to move from today's distribution system to tomorrow's smartgrid  

Microsoft Academic Search

In 2008 the Hydro-Quebec Distribution roadmap was completed. The resulting roadmap is based on customers' expectations, Hydro-Quebec's business drivers, available technologies, Hydro-Quebec's context and electrical distribution industry trends. This paper will present the distribution roadmap and then will focus on application and technology strategy to move from today's distribution network to tomorrow's Smartgrid.

G. Simard; D. Chartrand; P. Christophe

2009-01-01

377

Lifetime Earnings Patterns, The Distribution Of Future Social Security Benefits, And The Impact Of Pension Reform  

Microsoft Academic Search

This paper describes an analysis of career earnings patterns developed for predicting the impact of Social Security reform. We produce estimates of age-earnings profiles of American men and women born between 1931 and 1960. The estimates are obtained using lifetime earnings records maintained by the Social Security Administration. We use a standard econometric approach to develop forecasts of future individual

Barry Bosworth; Gary Burtless; Eugene Steuerle

2002-01-01

378

Trusted Distributed Repository of Internet Usage Data for Use in Cyber Security Research  

Microsoft Academic Search

This paper discussed about the protected repository for the defense of infrastructure against cyber threats (PREDICT) that has been established to create a trusted framework for sharing data for research and testing. By facilitating data sharing within the research community, PREDICT seeks to accelerate the creation of cyber security solutions that support effective threat assessment and increase cyber security capabilities.

C. Scheper; S. Cantor; R. Karlsen

2009-01-01

379

Advancing Software Security - The Software Protection Initiative.  

National Technical Information Service (NTIS)

In December 2001, the Software Protection Initiative (SPI) was established to prevent the unauthorized distribution and exploitation of national security application software by our adversaries. To achieve this, the SPI has several goals, which are to ins...

J. Hughes M. R. Stytz

2003-01-01

380

Building a high-performance, programmable secure coprocessor  

Microsoft Academic Search

Secure coprocessors enable secure distributed applications by providing safe havens where an application program can execute (and accumulate state), free of observation and interference by an adversary with direct physical access to the device. However, for these coprocessors to be effective, participants in such applications must be able to verify that they are interacting with an authentic program on an

Sean W. Smith; Ron Perez

1999-01-01

381

Neutron Generators Developed at LBNL for Homeland Security andImaging Applications  

SciTech Connect

The Plasma and Ion Source Technology Group at Lawrence Berkeley National Laboratory has developed various types of advanced D-D (neutron energy 2.5 MeV), D-T (14 MeV) and T-T (0-9 MeV) neutron generators for wide range of applications. These applications include medical (Boron Neutron Capture Therapy), homeland security (Prompt Gamma Activation Analysis, Fast Neutron Activation Analysis and Pulsed Fast Neutron Transmission Spectroscopy) and planetary exploration with a sub-surface material characterization on Mars. These neutron generators utilize RF induction discharge to ionize the deuterium/tritium gas. This discharge method provides high plasma density for high output current, high atomic species from molecular gases, long life operation and versatility for various discharge chamber geometries. Four main neutron generator developments are discussed here: high neutron output co-axial neutron generator for BNCT applications, point neutron generator for security applications, compact and sub-compact axial neutron generator for elemental analysis applications. Current status of the neutron generator development with experimental data will be presented.

Reijonen, Jani

2006-08-13

382

An automated approach for tone mapping operator parameter adjustment in security applications  

NASA Astrophysics Data System (ADS)

High Dynamic Range (HDR) imaging has been gaining popularity in recent years. Different from the traditional low dynamic range (LDR), HDR content tends to be visually more appealing and realistic as it can represent the dynamic range of the visual stimuli present in the real world. As a result, more scene details can be faithfully reproduced. As a direct consequence, the visual quality tends to improve. HDR can be also directly exploited for new applications such as video surveillance and other security tasks. Since more scene details are available in HDR, it can help in identifying/tracking visual information which otherwise might be difficult with typical LDR content due to factors such as lack/excess of illumination, extreme contrast in the scene, etc. On the other hand, with HDR, there might be issues related to increased privacy intrusion. To display the HDR content on the regular screen, tone-mapping operators (TMO) are used. In this paper, we present the universal method for TMO parameters tuning, in order to maintain as many details as possible, which is desirable in security applications. The method's performance is verified on several TMOs by comparing the outcomes from tone-mapping with default and optimized parameters. The results suggest that the proposed approach preserves more information which could be of advantage for security surveillance but, on the other hand, makes us consider possible increase in privacy intrusion.

Krasula, LukáÅ.¡; Narwaria, Manish; Le Callet, Patrick

2014-05-01

383

Protocol Support for Distributed Multimedia Applications  

Microsoft Academic Search

In this paper we describe ongoing work in protocol support for distributed multimediaapplications. This work concerns the provision of suitable transport mechanisms to conveymultimedia information (text, and digital voice and video) between multimedia workstationsin a distributed system. There are two parts to the Lancaster multimedia work. First, wehave developed an abstract model for multimedia communications that is based on the

Geoff Coulson; Francisco Garcia; David Hutchison; Doug Shepherd

1991-01-01

384

Terahertz continuous-wave transmission imaging system and its application in security inspections  

NASA Astrophysics Data System (ADS)

A terahertz continuous-wave transmission imaging system and its applications in security inspections are reported. A Gunn oscillator is utilized as emitter and an unbiased Schottky diode is employed as detector in this system. The sample is placed on an X-Y two-dimensional stage which is controlled by a computer. The intensity information of the terahertz wave after passing though the sample is collected by the Schottky diode and fed into the computer. Two-dimensional image is obtained by scanning the sample point by point. Compared with the terahertz pulse imaging system, this system is compact, simple, and portable. Tennis bat with sheath and knife in the box are imaged by using this system. The results obtained here show that this new technology can be widely used in security inspections.

Zhang, Yandong; Deng, Chao; Sun, Wenfeng; Zhang, Yan; Zhang, Cunlin

2008-03-01

385

Geospatial Applications on Different Parallel and Distributed Systems in enviroGRIDS Project  

NASA Astrophysics Data System (ADS)

The execution of Earth Science applications and services on parallel and distributed systems has become a necessity especially due to the large amounts of Geospatial data these applications require and the large geographical areas they cover. The parallelization of these applications comes to solve important performance issues and can spread from task parallelism to data parallelism as well. Parallel and distributed architectures such as Grid, Cloud, Multicore, etc. seem to offer the necessary functionalities to solve important problems in the Earth Science domain: storing, distribution, management, processing and security of Geospatial data, execution of complex processing through task and data parallelism, etc. A main goal of the FP7-funded project enviroGRIDS (Black Sea Catchment Observation and Assessment System supporting Sustainable Development) [1] is the development of a Spatial Data Infrastructure targeting this catchment region but also the development of standardized and specialized tools for storing, analyzing, processing and visualizing the Geospatial data concerning this area. For achieving these objectives, the enviroGRIDS deals with the execution of different Earth Science applications, such as hydrological models, Geospatial Web services standardized by the Open Geospatial Consortium (OGC) and others, on parallel and distributed architecture to maximize the obtained performance. This presentation analysis the integration and execution of Geospatial applications on different parallel and distributed architectures and the possibility of choosing among these architectures based on application characteristics and user requirements through a specialized component. Versions of the proposed platform have been used in enviroGRIDS project on different use cases such as: the execution of Geospatial Web services both on Web and Grid infrastructures [2] and the execution of SWAT hydrological models both on Grid and Multicore architectures [3]. The current focus is to integrate in the proposed platform the Cloud infrastructure, which is still a paradigm with critical problems to be solved despite the great efforts and investments. Cloud computing comes as a new way of delivering resources while using a large set of old as well as new technologies and tools for providing the necessary functionalities. The main challenges in the Cloud computing, most of them identified also in the Open Cloud Manifesto 2009, address resource management and monitoring, data and application interoperability and portability, security, scalability, software licensing, etc. We propose a platform able to execute different Geospatial applications on different parallel and distributed architectures such as Grid, Cloud, Multicore, etc. with the possibility of choosing among these architectures based on application characteristics and complexity, user requirements, necessary performances, cost support, etc. The execution redirection on a selected architecture is realized through a specialized component and has the purpose of offering a flexible way in achieving the best performances considering the existing restrictions.

Rodila, D.; Bacu, V.; Gorgan, D.

2012-04-01

386

Effects of preparation and measurement misalignments on the security of the Bennett-Brassard 1984 quantum-key-distribution protocol  

NASA Astrophysics Data System (ADS)

The ideal Bennett-Brassard 1984 (BB84) quantum-key-distribution protocol is based on the preparation and measurement of qubits in two alternative bases differing by an angle of ?/2. Any real implementation of the protocol, though, will inevitably introduce misalignments in the preparation of the states and in the alignment of the measurement bases with respect to this ideal situation. Various security proofs take into account (at least partially) such errors, i.e., show how Alice and Bob can still distill a secure key in the presence of these imperfections. Here, we consider the complementary problem: How can Eve exploit misalignments to obtain more information about the key than would be possible in an ideal implementation? Specifically, we investigate the effects of misalignment errors on the security of the BB84 protocol in the case of individual attacks, where necessary and sufficient conditions for security are known. Though the effects of these errors are small for expected deviations from the perfect situation, our results nevertheless show that Alice and Bob can incorrectly conclude that they have established a secure key if the inevitable experimental errors in the state preparation and in the alignment of the measurements are not taken into account. This gives further weight to the idea that the formulation and security analysis of any quantum cryptography protocol should be based on realistic assumptions about the properties of the apparatus used. Additionally, we note that BB84 seems more robust against alignment imperfections if both the x and z bases are used to generate the key.

Woodhead, Erik; Pironio, Stefano

2013-03-01

387

Development of passive submillimeter-wave video imaging systems for security applications  

NASA Astrophysics Data System (ADS)

Passive submillimeter-wave imaging is a concept that has been in the focus of interest as a promising technology for security applications for a number of years. It utilizes the unique optical properties of submillimeter waves and promises an alternative to millimeter-wave and X-ray backscattering portals for personal security screening in particular. Possible application scenarios demand sensitive, fast, and flexible high-quality imaging techniques. Considering the low radiometric contrast of indoor scenes in the submillimeter range, this objective calls for an extremely high detector sensitivity that can only be achieved using cooled detectors. Our approach to this task is a series of passive standoff video cameras for the 350 GHz band that represent an evolving concept and a continuous development since 2007. The cameras utilize arrays of superconducting transition-edge sensors (TES), i. e. cryogenic microbolometers, as radiation detectors. The TES are operated at temperatures below 1 K, cooled by a closed-cycle cooling system, and coupled to superconducting readout electronics. By this means, background limited photometry (BLIP) mode is achieved providing the maximum possible signal to noise ratio. At video rates, this leads to a pixel NETD well below 1K. The imaging system is completed by reflector optics based on free-form mirrors. For object distances of 3-10 m, a field of view up to 2m height and a diffraction-limited spatial resolution in the order of 1-2 cm is provided. Opto-mechanical scanning systems are part of the optical setup and capable frame rates up to 25 frames per second. Both spiraliform and linear scanning schemes have been developed. Several electronic and software components are used for system control, signal amplification, and data processing. Our objective is the design of an application-ready and user-friendly imaging system. For application in real world security screening scenarios, it can be extended using image processing and automated threat detection software.

Heinz, Erik; May, Torsten; Born, Detlef; Zieger, Gabriel; Brömel, Anika; Anders, Solveig; Zakosarenko, Vyacheslav; Krause, Torsten; Krüger, André; Schulz, Marco; Bauer, Frank; Meyer, Hans-Georg

2012-10-01

388

A secure distribution method for digitized image scan using a two-step wavelet-based technique: A Telemedicine Case.  

PubMed

The objective of this paper is to present a secure distribution method to distribute healthcare records (e.g. video streams and digitized image scans). The availability of prompt and expert medical care can meaningfully improve health care services in understaffed rural and remote areas, sharing of available facilities, and medical records referral. Here, a secure method is developed for distributing healthcare records, using a two-step wavelet based technique; first, a 2-level db8 wavelets transform for textual elimination, and later a 4-level db8 wavelets transform for digital watermarking. The first db8 wavelets are used to detect and eliminate textual information found on images for protecting data privacy and confidentiality. The second db8 wavelets are to secure and impose imperceptible marks to identify the owner; track authorized users, or detects malicious tampering of documents. Experiments were performed on different digitized image scans. The experimental results have illustrated that both wavelet-based methods are conceptually simple and able to effectively detect textual information while our watermark technique is robust to noise and compression. PMID:17282675

Yee Lau, Phooi; Ozawa, Shinji

2005-01-01

389

Secure capabilities for a petabyte-scale object-based distributed file system  

Microsoft Academic Search

Recently, the Network-Attached Secure Disk (NASD) model has become a more widely used technique for constructing large-scale storage systems. However, the security system proposed for NASD assumes that each client will contact the server to get a capability to access one object on a server. While this approach works well in smaller-scale systems in which each file is composed of

Christopher Olson; Ethan L. Miller

2005-01-01

390

Distribution automation applications of fiber optics  

NASA Technical Reports Server (NTRS)

Motivations for interest and research in distribution automation are discussed. The communication requirements of distribution automation are examined and shown to exceed the capabilities of power line carrier, radio, and telephone systems. A fiber optic based communication system is described that is co-located with the distribution system and that could satisfy the data rate and reliability requirements. A cost comparison shows that it could be constructed at a cost that is similar to that of a power line carrier system. The requirements for fiber optic sensors for distribution automation are discussed. The design of a data link suitable for optically-powered electronic sensing is presented. Empirical results are given. A modeling technique that was used to understand the reflections of guided light from a variety of surfaces is described. An optical position-indicator design is discussed. Systems aspects of distribution automation are discussed, in particular, the lack of interface, communications, and data standards. The economics of distribution automation are examined.

Kirkham, Harold; Johnston, A.; Friend, H.

1989-01-01

391

Validating Security Policy Conformance with WS-Security Requirements  

Microsoft Academic Search

\\u000a Web Services Security (WS-Security) is a technology to secure the data exchanges in SOA applications. The security requirements\\u000a for WS-Security are specified as a security policy expressed in Web Services Security Policy (WS-SecurityPolicy). The WS-I\\u000a Basic Security Profile (BSP) describes the best-practices security practices for addressing the security concerns of WS-Security.\\u000a It is important to prepare BSP-conformant security policies, but

Fumiko Satoh; Naohiko Uramoto

2010-01-01

392

Lifetime earnings patterns, the distribution of future Social Security benefits, and the impact of pension reform.  

PubMed

In order to assess the effect of Social Security reform on current and future workers, it is essential to accurately characterize the initial situations of representative workers affected by reform. For the purpose of analyzing typical reforms, the most important characteristic of a worker is the level and pattern of his or her preretirement earnings. Under the current system, pensions are determined largely by the level of the workers' earnings averaged over their work life. However, several reform proposals would create individual retirement accounts for which the pension would depend on the investment accumulation within the account. Thus, the pension would also depend on the timing of the contributions into the account and hence on the exact shape of the worker's lifetime earnings profile. Most analysis of the distributional impact of reform has focused, however, on calculating benefit changes among a handful of hypothetical workers whose relative earnings are constant over their work life. The earnings levels are not necessarily chosen to represent the situations of workers who have typical or truly representative earnings patterns. Consequently, the results of such analysis can be misleading, especially if reform involves introducing a fundamentally new kind of pension formula. This article presents two broad approaches to creating representative earnings profiles for policy evaluation. First, we use standard econometric methods to predict future earnings for a representative sample of workers drawn from the Survey of Income and Program Participation (SIPP). Our statistical estimates are based on a simple representation of typical career earnings paths and a fixed-effect statistical specification. Because our estimation file contains information on each worker's annual earnings from 1951 through 1996 as reported in the Social Security Administration's earnings files, we have a record (though an incomplete one) of the actual earnings that will be used to determine future benefit payments. Our estimates of the earnings function permit us to make highly differentiated predictions of future earnings for each member of our sample. By combining the historical information on individual earnings with our prediction of future earnings up through the normal retirement age, our first approach produces tens of thousands of predicted career earnings paths that can be used in microsimulation policy analysis. Our second approach to creating lifetime earnings profiles is similar in some ways to the traditional method. For example, it is based on the creation of only a handful of "stylized" career earnings patterns. An important difference with the traditional method, however, is that we define the career earnings patterns so that they are truly representative of patterns observed in the workforce. We use simple mathematical formulas to characterize each stylized earnings pattern, and we then produce estimates of the average path of annual earnings for workers whose career earning path falls within each of the stylized patterns we have defined. Finally, we calculate the percentage of workers in successive birth-year cohorts who have earnings profiles that match each of the stylized earnings patterns. Although this method may seem simple, it allows the analyst to create stylized earnings patterns that are widely varied but still representative of earnings patterns observed among sizable groups of U.S. workers. The effects of policy reforms can then be calculated for workers with each of the stylized earnings patterns. Our analysis of U.S. lifetime earnings patterns and of the impact of selected policy reforms produces a number of findings about past trends in earnings, typical earnings patterns in the population, and the potential impact of reform. The analysis focuses on men and women born between 1931 and 1960. Along with earlier analysts, we find that men earn substantially higher lifetime wages than women and typically attain their peak career earnings at a somewhat earlier age. However, the difference in career earnin

Bosworth, B; Burtless, G; Steuerle, E

2000-01-01

393

To boldly go where invention isn't secure: applying security entrepreneurship to secure systems design  

Microsoft Academic Search

When designing secure systems, we are inundated with an eclectic mix of security and non-security requirements; this makes predicting a successful outcome from the universe of possible security design decisions a difficult problem. We propose augmenting the process of security design with the paradigm of Security Entrepreneurship: the application of innovation models and principles to organise, create, and manage security

Shamal Faily; Ivan Flechais

2010-01-01

394

Security model for VM in cloud  

NASA Astrophysics Data System (ADS)

Cloud computing is a new approach emerged to meet ever-increasing demand for computing resources and to reduce operational costs and Capital Expenditure for IT services. As this new way of computation allows data and applications to be stored away from own corporate server, it brings more issues in security such as virtualization security, distributed computing, application security, identity management, access control and authentication. Even though Virtualization forms the basis for cloud computing it poses many threats in securing cloud. As most of Security threats lies at Virtualization layer in cloud we proposed this new Security Model for Virtual Machine in Cloud (SMVC) in which every process is authenticated by Trusted-Agent (TA) in Hypervisor as well as in VM. Our proposed model is designed to with-stand attacks by unauthorized process that pose threat to applications related to Data Mining, OLAP systems, Image processing which requires huge resources in cloud deployed on one or more VM's.

Kanaparti, Venkataramana; Naveen K., R.; Rajani, S.; Padmvathamma, M.; Anitha, C.

2013-03-01

395

An efficient wireless power transfer system with security considerations for electric vehicle applications  

NASA Astrophysics Data System (ADS)

This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption.

Zhang, Zhen; Chau, K. T.; Liu, Chunhua; Qiu, Chun; Lin, Fei

2014-05-01

396

Nonlinear observer for synchronization of chaotic systems with application to secure data transmission  

NASA Astrophysics Data System (ADS)

The main issue of this work is related with the design of a class of nonlinear observer in order to synchronize chaotic dynamical systems in a master-slave scheme, considering different initial conditions. The oscillator of Chen is proposed as a benchmark model and a bounded-type observer is proposed to reach synchronicity between both two chaotic systems. The proposed observer contains a proportional and sigmoid form of a bounded function of the synchronization error in order to provide asymptotic synchronization with a satisfactory performance. Some numerical simulations were carrying out in order to show the operation of the proposed methodology, with possible applications to secure data communications issues.

Aguilar-López, Ricardo; Martínez-Guerra, Rafael; Perez-Pinacho, Claudia A.

2014-03-01

397

Upgrading Distributed Applications with the Version Manager.  

National Technical Information Service (NTIS)

Developers and managers of distributed systems today face a difficult choice. To provide for the evolution of their systems, they can either require that the software running on all nodes is interoperable, or they can shut down the entire system when an u...

M. Agrawal S. Nath S. Seshan

2005-01-01

398

Katz Distributions, with Applications to Minefield Clearance.  

National Technical Information Service (NTIS)

At the end of a mine clearance operation, some judgment must be made about the number of mines that remain uncleared. A Bayesian analysis will require a prior distribution for the number of mines. This report describes some desirable properties of Katz di...

A. Washburn

1996-01-01

399

Distributed Oblivious Function Evaluation and Its Applications  

Microsoft Academic Search

This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input ? wants to learnf(?) in an oblivious way with the help of a set of servers. What Alice should do is to share her secret functionf(x) among the servers. Bob obtains what he should

Hong-da Li; Xiong Yang; Deng-Guo Feng; Bao Li

2004-01-01

400

75 FR 31820 - Notice of Applications for Deregistration Under Section 8(f) of the Investment Company Act of 1940  

Federal Register 2010, 2011, 2012, 2013

...value. Each applicant also distributed preferred shares of Dutch Auction Rate Transferable Securities (``DARTS'') of the...Fund II, based on net asset value. Applicant also distributed Dutch Auction Rate Transferable Securities (``DARTS'') of...

2010-06-04

401

Upper bounds for the security of two distributed-phase reference protocols of quantum cryptography  

NASA Astrophysics Data System (ADS)

The differential-phase-shift (DPS) and the coherent-one-way (COW) are among the most practical protocols for quantum cryptography, and are therefore the object of fast-paced experimental developments. The assessment of their security is also a challenge for theorists: the existing tools, that allow to prove security against the most general attacks, do not apply to these two protocols in any straightforward way. We present new upper bounds for their security in the limit of large distances (dgsim50 km with typical values in optical fibers) by considering a large class of collective attacks, namely those in which the adversary attaches ancillary quantum systems to each pulse or to each pair of pulses. We introduce also two modified versions of the COW protocol, which may prove more robust than the original one.

Branciard, Cyril; Gisin, Nicolas; Scarani, Valerio

2008-01-01

402

Time-variant distributed agent matching applications  

Microsoft Academic Search

The process of pair partnership formation is an important infrastructure for many plausible MAS applications. Each agent evaluates potential partner agents, where each potential match yields a different utility. Commonly, the utility associated with a given agent partner in such two-sided search processes may change over time. This change in the agent’s future attractiveness to potential partners significantly increases the

David Sarne; Sarit Kraus

2004-01-01

403

Distributed Embedded Smart Cameras for Surveillance Applications  

Microsoft Academic Search

Recent advances in computing, communication, and sensor technology are pushing the development of many new applications. This trend is especially evident in pervasive computing, sensor networks, and embedded systems. Smart cameras, one example of this innovation, are equipped with a high-performance onboard computing and communication infrastructure, combining video sensing, processing, and communications in a single embedded device. By providing access

Michael Bramberger; Andreas Doblander; Arnold Maier; Bernhard Rinner; Helmut Schwabach

2006-01-01

404

MAGDA and MAGNATE: Secure Web-Based Data Distribution and Visualization for the Cassini Magnetometer  

NASA Astrophysics Data System (ADS)

The measurements of Saturn's magnetic field acquired by the Cassini magnetometer (MAG) to date have provided the basis of numerous pioneering scientific studies of the planet's magnetic and plasma environs. MAG data is essential for, among other applications, understanding the nature of the particle distributions observed by the plasma instruments onboard Cassini. In order to facilitate interaction and collaboration between instrument teams, we have developed a multi-layered suite of software to provide an intuitive interface for accessing, visualizing and analysing MAG data from the Cassini spacecraft. In this presentation, we describe architecture and capabilities of the MAG software systems, and how they promote collaboration between subscribing Cassini scientists and other users. The 'layered' approach of this software model comproses the following components: (i) MAGDA - A web-based system for locating, retrieving and preliminary visualization of magnetometer (MAG) data, which requires no proprietary client software; (ii) MAGNATE - A package of Matlab routines which allows users to perform more detailed analyses and more 'customised' visualization of datasets which they have retrieved using MAGDA. (iii) Data-Handling Libraries - For advanced users who may wish to integrate MAG data-handling with their own applications, we provide a set of Java classes for this purpose (which are platform-independent). The systems described are implemented using industry-standard languages and protocols in order to make them accessible by the widest possible user community.

Seears, T.; Achilleos, N.; Kellock, S.; Slootweg, P.; Dougherty, M.

2006-05-01

405

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...  

Code of Federal Regulations, 2013 CFR

...2013-04-01 2013-04-01 false Form X-15AA-1, for application for registration...Securities Associations § 249.801 Form X-15AA-1, for application for registration...Federal Register citations affecting Form X-15AA-1, see the List of CFR...

2013-04-01

406

Fusion of current technologies with real-time 3D MEMS ladar for novel security and defense applications  

Microsoft Academic Search

Through the utilization of scanning MEMS mirrors in ladar devices, a whole new range of potential military, Homeland Security, law enforcement, and civilian applications is now possible. Currently, ladar devices are typically large (>15,000 cc), heavy (>15 kg), and expensive (>$100,000) while current MEMS ladar designs are more than a magnitude less, opening up a myriad of potential new applications.

James P. Siepmann

2006-01-01

407

Fusion of current technologies with real-time 3D MEMS ladar for novel security & defense applications  

Microsoft Academic Search

Through the utilization of scanning MEMS mirrors in ladar devices, a whole new range of potential military, Homeland Security, law enforcement, and civilian applications is now possible. Currently, ladar devices are typically large (>15,000 cc), heavy (>15 kg), and expensive (>$100,000) while current MEMS ladar designs are more than a magnitude less, opening up a myriad of potential new applications.

James P. Siepmann

408

Secure wireless actuation of an implanted microvalve for drug delivery applications  

NASA Astrophysics Data System (ADS)

The capability to wirelessly control fluid flow through a microvalve can emerge as an attractive technology enabling various biomedical applications such as remote drug delivery and in vitro diagnostics. Contactless powering of such a microvalve is best addressed by near-field inductive coupling due to its close proximity to the external interrogator. In this paper, we propose the use of the same technique for secure remote interrogation and powering of a human implantable, surface acoustic wave (SAW) correlation-based, passive microvalve. This is carried out by interrogating the microvalve with a Barker sequence-encoded BPSK signal. A numerical and experimental analysis of the biotelemetry link for the microvalve was undertaken in the vicinity of numerical and physical human body phantoms, respectively. To accurately account for the path losses and to address the design optimization, the receiver coil/antenna was solved simultaneously with the transmitter coil/antenna in the presence of a human body simulant using three-dimensional, high frequency electromagnetic FEM modelling. The received relative signal strength was numerically and experimentally derived for a miniature (6 mm × 6 mm × 0.5 mm), square spiral antenna/coil when interrogated by a handheld 8 cm × 5 cm × 0.2 cm square spiral antenna/coil in the near-field. Finally, the experimental results agreed well with the FEM analysis predictions and hence ascertained the applicability of the developed system for secure interrogation and remote powering of the newly proposed microvalve.

Tikka, Ajay C.; Faulkner, Michael; Al-Sarawi, Said F.

2011-10-01

409

Application of contract-based security assertion monitoring framework for telecommunications software engineering  

Microsoft Academic Search

Telecommunication software systems, containing security vulnerabilities, continue to be created and released to consumers. We need to adopt improved software engineering practices to reduce the security vulnerabilities in modern systems. Contracts can provide a useful mechanism for the identification, tracking, and validation of security vulnerabilities. In this work, we propose a new contract-based security assertion monitoring framework (CB_SAMF) that is

Alexander M. Hoole; Issa Traoré; Isabelle Simplot-Ryl

2011-01-01

410

17 CFR 230.139 - Publications or distributions of research reports by brokers or dealers distributing securities.  

Code of Federal Regulations, 2013 CFR

...2013-04-01 2013-04-01 false Publications or distributions of research reports...ACT OF 1933 General § 230.139 Publications or distributions of research reports...section, a broker's or dealer's publication or distribution of a...

2013-04-01

411

Field Measurements and Guidelines for the Application of Wireless Sensor Networks to the Environment and Security  

PubMed Central

Frequently, Wireless Sensor Networks (WSN) are designed focusing on applications and omitting transmission problems in these wireless networks. In this paper, we present a measurement campaign that has been carried out using one of the most commonly used WSN platforms, the micaZ from Crossbow©. Based on these measurements, some guidelines to deploy a robust and reliable WSN are provided. The results are focused on security and environmental applications but can also be extrapolated to other scenarios. A main conclusion that can be extracted is that, from the transmission point of view, a dense WSN is one of the best choices to overcome many of the transmission problems such as the existence of a transitional region, redundance, forwarding, obstructions or interference with other systems.

Gil Jimenez, Victor P.; Armada, Ana Garcia

2009-01-01

412

Synchronization of hyperchaotic harmonics in time-delay systems and its application to secure communication  

PubMed

We present a predictor-feedback method for synchronizing chaotic systems in this paper. By using this method, two structurally equivalent or nonequivalent systems can be synchronized very effectively and quickly. Moreover, the feedback perturbation can be switched on even if trajectories of the two systems are far from each other. Therefore, this method is applicable to real-world experimental systems, especially to some fast experimental systems. The validity of this method is demonstrated by synchronizing hyperchaotic harmonics in a time-delay system. As an application, we introduce how messages can be encoded, transmitted, and decoded using this technique. We suggest taking use of the multistability of time-delay systems to improve the performance of the secure communication. PMID:11138072

Yaowen; Guangming; Hong; Yinghai; Liang

2000-12-01

413

Maximizing an Organization's Information Security Posture by Distributedly Assessing and Remedying System Vulnerabilities  

Microsoft Academic Search

Updating systems for security vulnerabilities has become a cumbersome yet necessary evil in today's environment of zero-day exploits and ever-changing threat matrix. The current state of affairs for the vulnerability and threat management functions are in dire need of a solution that can rapidly assess systems for vulnerabilities and fix them expeditiously. This will guarantee the effective reconnaissance of critical

Yonesy F. Nunez

2008-01-01

414

Security Considerations When Designing a Distributed File System Using Object Storage Devices  

Microsoft Academic Search

We present the design goals that led us to developing a dis- tributed object-based secure file system, Brave. Brave uses mutually authenticated object storage devices, SCARED, to store file system data. Rather than require a new authen- tication infrastructure, we show how we use a simple au- thentication protocol that is bridged into existing securi ty infrastructures, even if there

Benjamin C. Reed; Mark A. Smith; Dejan Diklic

2002-01-01

415

LEAP: efficient security mechanisms for large-scale distributed sensor networks  

Microsoft Academic Search

In this paper, we describe LEAP (Localized Encryption and Authentication Protocol), a key management protocol for sensor networks that is designed to support in-network processing, while at the same time restricting the security impact of a node compromise to the immediate network neighborhood of the compromised node. The design of the protocol is motivated by the observation that different types

Sencun Zhu; Sanjeev Setia; Sushil Jajodia

2003-01-01

416

An Approach for Mobile Agent Security and Fault Tolerance using Distributed Transactions  

Microsoft Academic Search

Mobile agents are no longer a theoretical issue since different architectures for their realization have been proposed. With the increasing market of electronic commerce it becomes an interesting aspect to use autonomous mobile agents for electronic business trans- actions. Being involved in money transactions, supple- mentary security features for mobile agent systems have to be ensured. In this paper we

Hartmut Vogler; Thomas Kunkelmann; Marie-Louise Moschgath

1997-01-01

417

Flexi-DNP3: Flexible distributed network protocol version 3 (DNP3) for SCADA security  

Microsoft Academic Search

Legacy SCADA systems are inherently insecure. They were built using specialized and proprietary protocols and used serial link, radio or leased line for communication. As these protocols were little known and specific to the industry they catered to, security was not important for them. But, recently because of increased terrorist attacks and migration of these protocols to TCP\\/IP, they have

Sankalp Bagaria; Shashi Bhushan Prabhakar; Zia Saquib

2011-01-01

418

Event-Driven Programming for Distributed Multimedia Applications  

Microsoft Academic Search

Current interest in wide-area distributed computing has highlighted the need for an adequate programming model for this environment. Because of its asynchronous nature, event-driven programming provides a suitable model for dealing with the failures and delays that are frequent in this context. In this work we propose an architecture for distributed multimedia applications based on an event- driven programming model.

Alésio Pfeifer; Cristina Ururahy; Noemi Rodriguez; Roberto Ierusalimschy; R. Marquês de São Vicente

2002-01-01

419

APPLICATION OF THE BINGHAM DISTRIBUTION FUNCTION IN PALEOMAGNETIC STUDIES  

Microsoft Academic Search

Fisherian statistical parameters are frequently published for paleomagnetic data that form elongate directional distributions, despite the fact that they are strictly applicable to circularly symmetric distributions. Thus the Bingham statistical parameters provide better approximation to elongate paleomagnetic data sets. Because the Bingham parameters also pertain to directions dispersed along a great circle, they supply a statistical basis for describing the

Tullis C. Onstott

1980-01-01

420

Web Services: Distributed Applications without Limits - An Outline  

Microsoft Academic Search

Web services technology is all about distributed computing. There is no fundamentally new basic concept behind this and related technologies. What is really new is the reach of Web services and its ubiquitous support by literally all major vendors. Most likely, heterogeneity will at the end no longer be an obstruc- tion for distributed applications. This will have impact on

Frank Leymann

421

Application for fault location in electrical power distribution systems  

Microsoft Academic Search

Fault location has been studied deeply for transmission lines due to its importance in power systems. Nowadays the problem of fault location on distribution systems is receiving special attention mainly because of the power quality regulations. In this context, this paper presents an application software developed in Matlabtrade that automatically calculates the location of a fault in a distribution power

S. Herraiz; J. Melendez; G. Ribugent; J. Sanchez; M. Castro

2007-01-01

422

Distributed expert systems for ground and space applications  

NASA Technical Reports Server (NTRS)

Presented here is the Spacecraft Command Language (SCL) concept of the unification of ground and space operations using a distributed approach. SCL is a hybrid software environment borrowing from expert system technology, fifth generation language development, and multitasking operating system environments. Examples of potential uses for the system and current distributed applications of SCL are given.

Buckley, Brian; Wheatcraft, Louis

1992-01-01

423

Security for the digital information age of medicine: issues, applications, and implementation  

NASA Astrophysics Data System (ADS)

Privacy and integrity of medical records is expected by patients. This privacy and integrity is often mandated by regulations. Traditionally, the security of medical records has been based on physical lock and key. As the storage of patient record information shifts from paper to digital, new security concerns arise. Digital cryptographic methods provide solutions to many of these new concerns. In this paper we overview new security concerns, new legislation mandating secure medical records and solutions providing security.

Epstein, Michael A.; Pasieka, Michael S.; Lord, William P.; Wong, Stephen T. C.; Mankovich, Nicholas J.

1997-05-01

424

78 FR 26407 - Notice of an Application of W2007 Grace Acquisition I, Inc. Under Section 12(h) of the Securities...  

Federal Register 2010, 2011, 2012, 2013

...W2007 Grace's securities; (3) the...W2007 Grace's application, which is...Commission's Internet Web site at http...shtml and for Web site viewing...bearing on the application or the desirability...Secretary, Securities and Exchange...Commission's Internet Web site (http...respect to the application filed...

2013-05-06

425

The use of stimulated electron emission (SEE) in homeland security applications  

NASA Astrophysics Data System (ADS)

Certain insulating solids can store a fraction of the absorbed energy when irradiated by ionizing radiation. The stored energy can be released subsequently by heating or optical stimulation. As a result, light may be emitted through Thermoluminescence (TL) or Optically-Stimulated Luminescence (OSL) and electrons may be emitted through Thermally-Stimulated Electron Emission (TSEE) or Optically-Stimulated Electron Emission (OSEE). TL and OSL are widely used in current radiation dosimetry systems. However, despite considerable research effort during the early 1970s, SEE was not commonly adopted for dosimetry applications. One of the main reasons is that SEE is a surface phenomenon, while luminescence is a bulk phenomenon, making SEE more susceptible to humidity, absorption of gases, minor physical defects and handling, both before and after irradiation. Nevertheless, it has been recognized that SEE may be useful for homeland security applications in nuclear forensics, where dose accuracy is not the primary performance metric. In this research, we are investigating the use of SEE for nuclear forensic applications. Many common materials, both natural and man-made, exhibit the phenomenon, providing an opportunity to use the environment itself as an in-situ radiation detector. We have designed and constructed a unique prototype reader for conducting SEE measurements. We have demonstrated that the SEE measurements from a variety of materials are quantitatively reproducible and correlated to radiation exposure. Due to the broad applicability of SEE, significant additional studies are warranted to optimize this novel technique for nuclear forensic and other applications.

Ing, H.; Andrews, H. R.; Facina, M.; Lee, W. T.; Niu, H. W.

2012-05-01

426

The Application of Gapless Arresters on Underground Distribution Systems  

Microsoft Academic Search

The application of gapless zinc oxide arresters represents a significant development in surge protection. The purpose of this paper is to examine the application of gapless surge arresters to underground distribution feeders, and compare the protection of these arresters to conventional gapped arresters. This comparison should introdwxe the reader to the performance that can be expected from this new arrester

J. J. Burke; E. C. Sakshaug; S. L. Snith

1981-01-01

427

Performance Prediction for Mappings of Distributed Applications on PC Clusters  

Microsoft Academic Search

Distributed applications running on clusters may be composed of several components with very different performance re- quirements. The FlowVR middleware allows the developer to deploy such applications and to define communication and synchroni zation schemes between components without modifying the code. While it eases the creation of mappings, FlowVR does not come with a performance model. Consequently the optimization of

Sylvain Jubertie; Emmanuel Melin

2007-01-01

428

Non-repudiation oblivious watermarking schema for secure digital video distribution  

Microsoft Academic Search

This paper presents a mechanism and algorithm for creating undeniable watermarks. It assumes a system where a content owner or provider uses outside agents to distribute its content. Content watermarked by distribution agents using this system will be undeniably recognizable by the content provider as originating with that distribution agent. That is to say that given N distribution agents, the

Wensheng Zhou; Troy Rockwood; Phoom Sagetong

2002-01-01

429

Upper bounds for the security of differential-phase-shift quantum key distribution with weak coherent states  

NASA Astrophysics Data System (ADS)

In this paper we present limitations imposed by sequential attacks on the maximal distance achievable by a differential-phase-shift (DPS) quantum key distribution (QKD) protocol with weak coherent pulses. Specifically, we compare the performance of two possible sequential attacks against DPS QKD where Eve realizes, respectively, optimal unambiguous state discrimination of Alice's signal states, and optimal unambiguous discrimination of the relative phases between consecutive signal states. We show that the second eavesdropping strategy provides tighter upper bounds for the security of a DPS QKD scheme than the former one.

Curty, Marcos; Tamaki, Kiyoshi; Moroder, Tobias; Gómez-Sousa, Hipólito

2009-04-01

430

System Support for Dynamic Layout of Distributed Applications  

Microsoft Academic Search

Dynamic application layout is the capability to move the components of a distributed program among different hosts during the execution of the application. This capability is essential for large-scale applications since it allows t o adapt them to changes in resource availability, which are common in wide-area environments. The FarGo system in- troduces a model for programming the layout of

Ophir Holder; Israel Ben-shaul; Hovav Gazit

1999-01-01

431

GridAgents™: Intelligent agent applications for integration of distributed energy resources within distribution systems  

Microsoft Academic Search

Infotilitypsilas GridAgentstrade software is being used for large-scale integration of distributed energy and renewable energy resources into distribution systems with specific applications on SmartGrid based energy networks including Microgrid management, intelligent load control and smart charging applications, including photovoltaics & storage, load control, and future assets such as plug-in hybrid cars. The GridAgentstrade EAM Suite is an advanced software foundation

D. A. Cohen

2008-01-01

432

Stable and generalized-t distributions and applications  

NASA Astrophysics Data System (ADS)

In this paper a generalized-t distribution is introduced and used as an alternative to the symmetric stable distribution. To do so, the ?2-divergence is presented and minimized to approximate the symmetric stable distribution, as accurately as possible, by the generalized-t distribution. Kth moments for the generalized-t distribution function are given. The stable distribution is defined in terms of generalized hypergeometric functions. Five applications with natural data (sunspots activity), and financial data (stock exchange in Brazil, South Africa and Venezuela, and daily variation of Petrobras stock market) are analyzed. A time series analysis is used to eliminate data correlation in each data set, and then the distributions are used to fit the residuals of these models.

Rathie, P. N.; Coutinho, M.; Sousa, T. R.; Rodrigues, G. S.; Carrijo, T. B.

2012-12-01

433

Highly purified mussel adhesive protein to secure biosafety for in vivo applications  

PubMed Central

Background Unique adhesive and biocompatibility properties of mussel adhesive proteins (MAPs) are known for their great potential in many tissue engineering and biomedical applications. Previously, it was successfully demonstrated that redesigned hybrid type MAP, fp-151, mass-produced in Gram-negative bacterium Escherichia coli, could be utilized as a promising adhesive biomaterial. However, purification of recombinant fp-151 has been unsatisfactory due to its adhesive nature and polarity which make separation of contaminants (especially, lipopolysaccharide, a toxic Gram-negative cell membrane component) very difficult. Results In the present work, we devised a high resolution purification approach to secure safety standards of recombinant fp-151 for the successful use in in vivo applications. Undesirable impurities were remarkably eliminated as going through sequential steps including treatment with multivalent ion and chelating agent for cell membrane washing, mechanical cell disruption, non-ionic surfactant treatment for isolated inclusion body washing, acid extraction of washed inclusion body, and ion exchange chromatography purification of acid extracted sample. Through various analyses, such as high performance liquid chromatographic purity assay, limulus amoebocyte lysate endotoxin assay, and in vitro mouse macrophage cell tests on inflammation, viability, cytotoxicity, and apoptosis, we confirmed the biological safety of bacterial-derived purified recombinant fp-151. Conclusions Through this purification design, recombinant fp-151 achieved 99.90% protein purity and 99.91% endotoxin reduction that nearly no inflammation response was observed in in vitro experiments. Thus, the highly purified recombinant MAP would be successfully used as a safety-secured in vivo bioadhesive for tissue engineering and biomedical applications.

2014-01-01

434

A Programming Framework for Incremental Data Distribution in Iterative Applications  

NASA Astrophysics Data System (ADS)

Successful HPC over desktop grids and non-dedicated NOWs is challenging, since good performance is difficult to achieve due to dynamic workloads. On iterative data-parallel applications, this is addressed by dynamic data distribution. However, current approaches migrate an application from one distribution to another in one single phase, which can impact performance. In this paper, we present D3-ARC, a programming framework to support adaptive and incremental data distribution, so that data migration takes place over several successive iterations. D3-ARC consists of a runtime system and an API for specifying the distribution of arrays as well as how data redistribution takes place. We demonstrate how D3-ARC can be used to develop an incremental strategy for data distribution in a Poisson solver, utilising a runtime feedback mechanism to determine how much data to migrate during each iteration.

Chan, P.; Abramson, D.

435

Homeland security application of the Army Soft Target Exploitation and Fusion (STEF) system  

NASA Astrophysics Data System (ADS)

A fusion system that accommodates both text-based extracted information along with more conventional sensor-derived input has been developed and demonstrated in a terrorist attack scenario as part of the Empire Challenge (EC) 09 Exercise. Although the fusion system was developed to support Army military analysts, the system, based on a set of foundational fusion principles, has direct applicability to department of homeland security (DHS) & defense, law enforcement, and other applications. Several novel fusion technologies and applications were demonstrated in EC09. One such technology is location normalization that accommodates both fuzzy semantic expressions such as behind Library A, across the street from the market place, as well as traditional spatial representations. Additionally, the fusion system provides a range of fusion products not supported by traditional fusion algorithms. Many of these additional capabilities have direct applicability to DHS. A formal test of the fusion system was performed during the EC09 exercise. The system demonstrated that it was able to (1) automatically form tracks, (2) help analysts visualize behavior of individuals over time, (3) link key individuals based on both explicit message-based information as well as discovered (fusion-derived) implicit relationships, and (4) suggest possible individuals of interest based on their association with High Value Individuals (HVI) and user-defined key locations.

Antony, Richard T.; Karakowski, Joseph A.

2010-04-01

436

Comparative analysis of optical and hybrid joint transform correlators for security applications  

NASA Astrophysics Data System (ADS)

The possibilities of using of optical and hybrid joint transform correlator (JTC) architectures for construction of security devices with usage of the transformed phase masks (PMs) as optical marks are investigated. With this purpose the yardsticks of an estimation of their efficiency, namely peak- to-noise ratio (PNR) and relative intensity of correlation peaks, are selected general for two types of JTCs. The idealized model of an interference noise in a linear JTC is designed, if the binary random PMs on input are entered. The relations of a PNR to dimension both PM and window ambient correlation peak are parsed. The optically addressed spatial light modulator (OASLM) based on the chalcogenide glass photoconductor -- nematic liquid crystal structure is studied. The experimental setup of an OASLM JTC is designed on the basis of this SLM. The relations a PNR and relative intensity versus an effective focal length are studied and the major factors limiting efficiency of the setup are parsed. The optoelectronic device based on a hybrid optical-digital JTC architecture is built. The relations to different conditions of a joint power spectrum recording by a CCD-camera in this device are investigated. The comparative analysis of two types of JTC is carried out also concluding about expediency of their usage for different security applications is made.

Muravsky, Leonid I.; Kulynych, Yaroslav P.; Maksymenko, Olexander P.; Voronjak, Taras I.; Pogan, Ignat J.; Vladimirov, Fedor L.; Kostyukevych, Sergey A.

2000-11-01

437

Iodine-129 AMS for Earth Science, Biomedical, and National Security Applications. Technique and Application Development.  

National Technical Information Service (NTIS)

This Laboratory Directed Research and Development project created the capability to analyze the radionuclide iodine-129 (129I) by accelerator mass spectrometry (AMS) in the CAMS facility at LLNL, and enhanced our scientific foundation for its application ...

A. A. Marchetti A. K. Vu G. J. Nimz S. J. Tumey T. A. Brown

2007-01-01

438

Applications Analysis: Principles and Examples from Various Distributed Computer Applications at Sandia National Laboratories New Mexico  

SciTech Connect

As information systems have become distributed over many computers within the enterprise, managing those applications has become increasingly important. This is an emerging area of work, recognized as such by many large organizations as well as many start-up companies. In this report, we present a summary of the move to distributed applications, some of the problems that came along for the ride, and some specific examples of the tools and techniques we have used to analyze distributed applications and gain some insight into the mechanics and politics of distributed computing.

Bateman, Dennis; Evans, David; Jensen, Dal; Nelson, Spencer

1999-08-01

439

Application of X-ray CT to liquid security inspection: System analysis and beam hardening correction  

NASA Astrophysics Data System (ADS)

The motivation of X-ray CT application to liquid security inspection (LSI) is to identify and classify liquids filled in bottles without bottles being opened. In this paper, the system design of an LSI scanner is analyzed and a beam hardening (BH) correction method is presented. In our method, a Full-liquid linearization is used and the lookup table (LUT) technique is introduced to quickly implement this procedure. Lack of prior knowledge, we present a blind BH correction approach. We store some representative liquid models in advance. Raw polychromatic projection is first corrected (using the Full-liquid correction) by a default model (water). Basing on the reconstruction results, a new model will be carefully selected to do this again, unless the scanned liquid matches our correction model.

Gao, Hewei; Zhang, Li; Chen, Zhiqiang; Xing, Yuxiang; Cheng, Jianping; Yang, Yigang

2007-08-01

440

Exponential synchronization of discontinuous chaotic systems via delayed impulsive control and its application to secure communication  

NASA Astrophysics Data System (ADS)

This paper investigates drive-response synchronization of chaotic systems with discontinuous right-hand side. Firstly, a general model is proposed to describe most of known discontinuous chaotic system with or without time-varying delay. An uniform impulsive controller with multiple unknown time-varying delays is designed such that the response system can be globally exponentially synchronized with the drive system. By utilizing a new lemma on impulsive differential inequality and the Lyapunov functional method, several synchronization criteria are obtained through rigorous mathematical proofs. Results of this paper are universal and can be applied to continuous chaotic systems. Moreover, numerical examples including discontinuous chaotic Chen system, memristor-based Chua's circuit, and neural networks with discontinuous activations are given to verify the effectiveness of the theoretical results. Application of the obtained results to secure communication is also demonstrated in this paper.

Yang, Xinsong; Yang, Zhichun; Nie, Xiaobing

2014-05-01

441

Spiral System Implementation Methodology: Application of the Knowledge Web in the Security-Center Transformation Project.  

National Technical Information Service (NTIS)

This paper reports progress and practical experience in security- requirements engineering using the security center Knowledge Web (KWeb) as a case study. It describes the project, architecture, and the approach of the Spiral System Implementation Methodo...

J. Waters M. Stelmach M. Ceruti

2005-01-01

442

SECURORS (Security Officer Response Strategies) Application to a Generic Nuclear Power Plant.  

National Technical Information Service (NTIS)

The Security Officer Response Strategies (SECURORS) technique is applied to a nine-level generic nuclear power plant to determine security officer deployment locations within the facility subsequent to detection of adversary intrusion. Extensive use has b...

S. L. K. Rountree

1983-01-01

443

An appraisal of the Burr distribution for hydrological applications  

NASA Astrophysics Data System (ADS)

The extended three-parameter Burr XII is a probability distribution function rarely used in hydrology, while this distribution is more popular in other disciplines. The aim of this contribution is (i) to define the scope of this distribution in hydrological applications, (ii) to describe a simplified method to estimate the distribution parameters based on the sample L-moments, and (iii) to discuss an application aimed at representing the Flow Duration Curve (FDC) with the Burr distribution. Compared to other three-parameter distributions, the Burr is particularly appealing because its range covers positive values only, which of course is convenient when modeling streamflows; moreover, the distribution has two shape parameters, which allows it to be quite flexible and to adapt well to many different shapes of the frequency curves and FDC. The third parameter of the distribution is a scale factor. Despite in the literature the most important methods for parameter estimation have been already discussed, current approaches still require numerical solution of two joint non-linear equations to evaluate the shape parameters of the distribution. This can hamper the use of the Burr distribution in practical applications due to the difficulties in implementing and controlling the estimation procedure. These difficulties are particularly relevant in extensive applications, such as the mapping of the FDCs in many section of a river network, or when professionals without expertise in numerical computation are involved. In this work we develop a simplified, although accurate, set of explicit equations to compute the two shape parameters starting from the L-CV and the L-skewness coefficients. This goal is achieved by properly weighting a set of simple base functions over the domain of the Burr distribution in the L-CV vs L-skewness space. The Burr distribution has been applied to represent the FDC of an extensive set of data including about 120 time series from stations located in Northwestern Italy. The obtained results are very encouraging in terms of quality of the representation (smaller errors compared to other distributions) and capacity to represent the FDC also in the low-flows range; in fact, other three-parameter distributions have the problem that the lower bound can be either larger than the minimum observed value, which is inconsistent with the observations, or lower than zero, which implies non-null probability of having negative streamflows.

Ganora, Daniele; Laio, Francesco

2014-05-01

444

From Secure Memories to Smart Card Security  

Microsoft Academic Search

\\u000a Non-volatile memory is essential in most embedded security applications. It will store the key and other sensitive materials\\u000a for cryptographic and security applications. In this chapter, first an overview is given of current flash memory architectures.\\u000a Next the standard security features which form the basis of so-called secure memories are described in more detail. Smart\\u000a cards are a typical embedded

Helena Handschuh; Elena Trichina

2010-01-01

445

The Security Routing Research for WSN in the Application of Intelligent Transport System  

Microsoft Academic Search

Wireless sensor networks are threatened by many security attacks. The tradition security mechanisms are not suitable for the wireless sensor networks since the resource limitation in the sensor node. The routing security is especially important for the sensor networks. Because of the intermediate node need access the contents of the data message, there are many attacks towards the wireless sensor

Jia Xiangyu; Wang Chao

2006-01-01

446

49 CFR 1572.17 - Applicant information required for TWIC security threat assessment.  

Code of Federal Regulations, 2013 CFR

...conduct a security threat assessment to evaluate your suitability...completion of your security threat assessment. Routine Uses: Routine...relating to the security threat assessments; to appropriate governmental...reduce the risk of injury or damage to the facility or...

2013-10-01

447

49 CFR 1572.9 - Applicant information required for HME security threat assessment.  

Code of Federal Regulations, 2013 CFR

...conduct a security threat assessment to evaluate your suitability...completion of your security threat assessment. Routine Uses: Routine...relating to the security threat assessments; to appropriate governmental...reduce the risk of injury or damage to the facility or...

2013-10-01

448

A large surface neutron and photon detector for civil security applications  

Microsoft Academic Search

The security of ports and transportation is of utmost importance for the development of economy and the security of a nation. Among the necessary actions to ensure the security of ports and borders, the inspection of containers is one of the most time consuming and expensive procedures. Potential threats are the illegal traffic of radioactive materials that could be employed

R. De Vita; F. Ambi; M. Battaglieri; M. Osipenko; D. Piombo; G. Ricco; M. Ripani; M. Taiuti

2010-01-01

449

Security and gain improvement of a practical quantum key distribution using a gated single-photon source and probabilistic photon-number resolution  

SciTech Connect

We propose a high security quantum key distribution (QKD) scheme utilizing one mode of spontaneous parametric downconversion gated by a photon number resolving detector. This photon number measurement is possible by using single-photon detectors operating at room temperature and optical fibers. By post selection, the multiphoton probability in this scheme can be reduced to lower than that of a scheme using an attenuated coherent light resulting in improvement of security. Furthermore, if distillation protocol (error correction and privacy amplification) is performed, the gain will be increased. Hence a QKD system with higher security and bit rate than the laser-based QKD system can be attained using present available technologies.

Horikiri, Tomoyuki; Sasaki, Hideki; Wang, Haibo; Kobayashi, Takayoshi [Core Research for Evolutional Science and Technology (CREST), Japan Science and Technology Corporation (JST) and Department of Physics, Graduate School of Science, University of Tokyo, 7-3-1 Hongo, Bunkyo, Tokyo, 113-0033 (Japan)

2005-07-15

450

Information-theoretic secure key distribution based on common random-signal induced synchronization in unidirectionally-coupled cascades of semiconductor lasers.  

PubMed

It has been proposed that a secure key distribution scheme using correlated random bit sequences can be implemented using common random-signal induced synchronization of semiconductor laser systems. In this scheme it is necessary to use laser systems consisting of multiple cascaded lasers to be secure against a powerful eavesdropper. In this paper, we report the results of an experimental study that demonstrate that the common random-signal induced synchronization is possible in cascaded semiconductor laser systems. We also show that the correlated random bit sequences generated in the synchronized cascaded laser systems can be used to create an information-theoretically secure key between two legitimate users. PMID:23938660

Koizumi, Hayato; Morikatsu, Shinichiro; Aida, Hiroki; Nozawa, Takahiro; Kakesu, Izumi; Uchida, Atsushi; Yoshimura, Kazuyuki; Muramatsu, Jun; Davis, Peter

2013-07-29

451

GridSec: Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks  

Microsoft Academic Search

The USC GridSec project develops distributed security infrastructure and self-defense capabilities to secure wide-area networked resource sites participating in a Grid application. We report new developments in trust modeling, security-binding methodology, and defense architecture against intrusions, worms, and flooding attacks. We propose a novel architectural design of Grid security infrastructure, security binding for enhanced Grid efficiency, distributed collaborative IDS and

Kai Hwang; Yu-kwong Kwok; Shanshan Song; Min Cai Yu Chen; Ying Chen; Runfang Zhou; Xiaosong Lou

2005-01-01

452

Apple's Leopard Versus Microsoft's Windows XP: Experimental Evaluation of Apple's Leopard Operating System with Windows XP-SP2 under Distributed Denial of Service Security Attacks  

Microsoft Academic Search

Apple's iMac computers are promoted by Apple Inc. to be secure, safe, virus free, and fast computers. In this experimental paper, we evaluate the security offered by the iMac with its usual Leopard Operating System, against different Distributed Denial of Service (DDoS) attacks in a Gigabit LAN environment. We compared the effect of DDoS attacks on Leopard OS against those

Sirisha Surisetty; Sanjeev Kumar

2011-01-01

453

Stochastic load modelling for electric energy distribution applications  

Microsoft Academic Search

Summary  The problem of electric load modelling for low aggregation levels is addressed in this paper. The objective is to obtain good\\u000a “demand” and “response” behaviour models of any group of loads in an electric energy distribution system for any of the functional\\u000a applications that are beeing considered in the framework of the Distribution Management Systems, aimed to improve the energy

C. Álvarez; S. Arid

1994-01-01

454

A Component-based Programming Model for Composite, Distributed Applications  

NASA Technical Reports Server (NTRS)

The nature of scientific programming is evolving to larger, composite applications that are composed of smaller element applications. These composite applications are more frequently being targeted for distributed, heterogeneous networks of computers. They are most likely programmed by a group of developers. Software component technology and computational frameworks are being proposed and developed to meet the programming requirements of these new applications. Historically, programming systems have had a hard time being accepted by the scientific programming community. In this paper, a programming model is outlined that attempts to organize the software component concepts and fundamental programming entities into programming abstractions that will be better understood by the application developers. The programming model is designed to support computational frameworks that manage many of the tedious programming details, but also that allow sufficient programmer control to design an accurate, high-performance application.

Eidson, Thomas M.; Bushnell, Dennis M. (Technical Monitor)

2001-01-01

455

Research and Application of Distributed OSGi for Cloud Computing  

Microsoft Academic Search

With Java runtime-based application has been widely used in our enterprise application and mobile computing.We must maintain many machines in different types, like web server cluster,distributed database,virtual machines,hosting machines and so on.Cloud computing technology has been designed to manage those resources in efficiently way. Client agent can be installed in those host machines or virtual environment to monitor machine status.But

Chen Hang; Cao Can

2010-01-01

456

A Secure Data Fusion Algorithm Based on Behavior Trust in Wireless Sensor Networks  

Microsoft Academic Search

Secure data fusion is an important application of wireless sensor network. Previous works are implemented by authentication among neighboring sensors. Considering that in many cases, data fusion event is both spatially and temporally correlated, this paper proposes a distributed and localized secure data fusion algorithm based on behavior trust. The security and reliability of the algorithm are implemented by statistical

Zhu Cheng; Zhou Ming-Zheng; Xu Jin-Sheng; Ye Qing

2008-01-01

457

Protection and Interoperability for Mobile Agents: a Secure and Open Programming Environment  

Microsoft Academic Search

SUMMARY The Mobile Agent technology helps in the de- velopment of applications in open, distributed and heterogeneous environments such as the Internet and the Web, but it has to answer to the requirements of security and interoperability to achieve wide acceptance. The paper focuses on security and in- teroperability, and describes a Secure and Open Mobile Agent (SOMA) programming environment

Paolo Bellavista; Antonio Corradi; Cesare Stefanelli

2000-01-01

458

Mass-producible microtags for security applications: calculated fabrication tolerances by rigorous coupled-wave analysis  

SciTech Connect

We develop a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. An 8{times}8 cell phase-only and an 8{times}8 cell phase-and-amplitude microtag design are fabricated in photoresist using an extreme ultraviolet (13.4-nm) lithography (EUVL) tool. Each microtag measures 80{times}160{mu}m and contains features 0.2 {mu}m wide. Fraunhofer-zone diffraction patterns can be obtained from fabricated microtags without any intervening optics and compare very favorably with predicted diffraction patterns [Descour {ital et al.} (1996)]. We present the results of a rigorous coupled-wave analysis (RCWA) of microtags. Microtags are modeled as consisting of subwavelength gratings of a trapezoidal profile. Transverse-electric (TE) and TM readout polarizations are modeled. The analysis concerns the determination of optimal microtag-grating design parameter values and tolerances on those parameters. The parameters are grating wall-slope angle, grating duty cycle, grating depth, and metal coating thickness. Optimal microtag-grating parameter values result in maximum diffraction efficiency, which is calculated at 16{percent} for microtag gratings in air and 12{percent} for microtag gratings underneath a protective dielectric coating, within fabrication constraints. TM-polarized readout illumination is diffracted with higher efficiency than TE-polarized illumination by microtag gratings. {copyright} {ital 1998 Society of Photo-Optical Instrumentation Engineers.}{ital Key words:} computer-generated holograms; security and anticounterfeiting devices; grating fabrication tolerances; rigorous coupled-wave analysis. {copyright} {ital 1998} {ital Society of Photo-Optical Instrumentation Engineers}

Descour, M.R. [University of Arizona, Optical Sciences Center, Tucson, Arizona85721 (United States) michael.descour (at) opt-sci.arizona.edu] [University of Arizona, Optical Sciences Center, Tucson, Arizona85721 (United States) michael.descour (at) opt-sci.arizona.edu; Sweatt, W.C.; Krenz, K.D. [Sandia National Laboratories, Albuquerque, New Mexico87185, and Livermore, California94550 (United States)] [Sandia National Laboratories, Albuquerque, New Mexico87185, and Livermore, California94550 (United States)

1998-04-01

459

System-on-chip-centric unattended embedded sensors in homeland security and defense applications  

NASA Astrophysics Data System (ADS)

System-on-chip (SoC) single-die electronic integrated circuit (IC) integration has recently been attracting a great deal of attention, due to its high modularity, universality, and relatively low fabrication cost. The SoC also has low power consumption and it is naturally suited to being a base for integration of embedded sensors. Such sensors can run unattended, and can be either commercial off-the-shelf (COTS) electronic, COTS microelectromechanical systems (MEMS), or optical-COTS or produced in house (i.e., at Physical Optics Corporation, POC). In the version with the simplest electronic packaging, they can be integrated with low-power wireless RF that can communicate with a central processing unit (CPU) integrated in-house and installed on the specific platform of interest. Such a platform can be a human body (for e-clothing), unmanned aerial vehicle (UAV), unmanned ground vehicle (UGV), or many others. In this paper we discuss SoC-centric embedded unattended sensors in Homeland Security and military applications, including specific application scenarios (or CONOPS). In one specific example, we analyze an embedded polarization optical sensor produced in house, including generalized Lambertian light-emitting diode (LED) sources and secondary nonimaging optics (NIO).

Jannson, Tomasz; Forrester, Thomas; Degrood, Kevin; Shih, Min-Yi; Walter, Kevin; Lee, Kang; Gans, Eric; Esterkin, Vladimir

2009-05-01

460

Current state of commercial radiation detection equipment for homeland security applications.  

SciTech Connect

With the creation of the U.S. Department of Homeland Security (DHS) came the increased concern that terrorist groups would attempt to manufacture and use an improvised nuclear device or radiological dispersal device. As such, a primary mission of DHS is to protect the public against the use of these devices and to assist state and local responders in finding, locating, and identifying these types of devices and materials used to manufacture these devices. This assistance from DHS to state and local responders comes in the form of grant money to procure radiation detection equipment. In addition to this grant program, DHS has supported the development of American National Standards Institute standards for radiation detection equipment and has conducted testing of commercially available instruments. This paper identifies the types and kinds of commercially available equipment that can be used to detect and identify radiological material - for use in traditional search applications as well as primary and secondary screening of personnel, vehicles, and cargo containers. In doing so, key considerations for the conduct of operations are described as well as critical features of the instruments for specific applications. The current state of commercial instruments is described for different categories of detection equipment including personal radiation detectors, radioisotope identifiers, man-portable detection equipment, and radiation portal monitors. In addition, emerging technologies are also discussed, such as spectroscopic detectors and advanced spectroscopic portal monitors.

Klann, R. T.; Shergur, J.; Mattesich, G.; Nuclear Engineering Division; DHS

2009-10-01

461

Robust Wigner distribution with application to the instantaneous frequency estimation  

Microsoft Academic Search

The Wigner distribution (WD) produces highly concentrated time-frequency (TF) representation of nonstationary signals. It may be used as an efficient signal analysis tool, including the cases of frequency modulated signals corrupted with the Gaussian noise. In some applications, a significant amount of impulse noise is present. Then, the WD fails to produce satisfactory results. The robust periodogram has been introduced

I. Djurovic; L. Stankovic

2001-01-01

462

Electrical power distribution system operating experience review for fusion applications  

Microsoft Academic Search

This paper describes safety research on electrical distribution systems applicable to fusion facilities. Electrical power has many uses in both magnetic and inertial fusion experiments; it is the most important support system for any fusion experiment. Electricity powers a wide variety of plant equipment, including vacuum pumps, magnets, coolant pumps, air handlers, compressors, and either plasma heating or target implosion

L. C Cadwallader

2002-01-01

463

A Development Environment for Complex Distributed Real-Time Applications  

Microsoft Academic Search

Engineering of complex distributed real-time applications is one of the hardest tasks faced by the software profession today. All aspects of the process, from design to implementation, are made more difficult by the interaction of behavioral and platform constraints. Providing tools for this task is likewise not without major challenges. In this paper, we discuss a tool suite which supports

Alexander D. Stoyen; Thomas J. Marlowe; Mohamed F. Younis; Plamen V. Petrov

1999-01-01

464

Survey on SCADA / Distributed Control System Current Security Development and Studies.  

National Technical Information Service (NTIS)

Supervisory Control and Data Acquisition (SCADA) systems and other distributed control systems, are widely used in critical infrastructure and industrial plants. In recent times, many distinguished newspapers, magazines and reports publicized successful i...

A. Ozbilen I. Colak S. Sagiroglu

2010-01-01

465

On the Privacy of Peer-Assisted Distribution of Security Patches  

Microsoft Academic Search

When a host discovers that it has a software vulnerability that is susceptible to an attack, the host needs to obtain and install a patch. Because centralized distribution of patches may not scale well, peer-to-peer (P2P) approaches have recently been suggested. There is, however, a serious privacy problem with peer-assisted patch distribution: when a peer A requests a patch from

Di Wu; Cong Tang; Prithula Dhungel; Nitesh Saxena; Keith W. Ross

2010-01-01

466

Heritability across the distribution: an application of quantile regression.  

PubMed

We introduce a new method for analyzing twin data called quantile regression. Through the application presented here, quantile regression is able to assess the genetic and environmental etiology of any skill or ability, at multiple points in the distribution of that skill or ability. This method is compared to the Cherny et al. (Behav Genet 22:153-162, 1992) method in an application to four different reading-related outcomes in 304 pairs of first-grade same sex twins enrolled in the Western Reserve Reading Project. Findings across the two methods were similar; both indicated some variation across the distribution of the genetic and shared environmental influences on non-word reading. However, quantile regression provides more details about the location and size of the measured effect. Applications of the technique are discussed. PMID:21877231

Logan, Jessica A R; Petrill, Stephen A; Hart, Sara A; Schatschneider, Christopher; Thompson, Lee A; Deater-Deckard, Kirby; DeThorne, Laura S; Bartlett, Christopher

2012-03-01

467

Quantum circuit for the proof of the security of quantum key distribution without encryption of error syndrome and noisy processing  

SciTech Connect

One of the simplest security proofs of quantum key distribution is based on the so-called complementarity scenario, which involves the complementarity control of an actual protocol and a virtual protocol [M. Koashi, e-print arXiv:0704.3661 (2007)]. The existing virtual protocol has a limitation in classical postprocessing, i.e., the syndrome for the error-correction step has to be encrypted. In this paper, we remove this limitation by constructing a quantum circuit for the virtual protocol. Moreover, our circuit with a shield system gives an intuitive proof of why adding noise to the sifted key increases the bit error rate threshold in the general case in which one of the parties does not possess a qubit. Thus, our circuit bridges the simple proof and the use of wider classes of classical postprocessing.

Tamaki, Kiyoshi; Kato, Go [NTT Basic Research Laboratories, NTT Corporation, 3-1, Morinosato Wakamiya Atsugi-Shi, Kanagawa, 243-0198 (Japan) and CREST, JST Agency, 4-1-8 Honcho, Kawaguchi, Saitama, 332-0012 (Japan); NTT Communication Science Laboratories, NTT Corporation, 3-1, Morinosato Wakamiya Atsugi-Shi, Kanagawa, 243-0198 (Japan)

2010-02-15

468

Chaos Generated from the Fractional-Order Complex Chen System and its Application to Digital Secure Communication  

NASA Astrophysics Data System (ADS)

In this paper, a novel dynamic system, the fractional-order complex Chen system, is presented for the first time. Dynamic behaviors of system are studied analytically and numerically. Different routes to chaos are shown, and diverse kinds of motions are identified and exhibited by means of bifurcation diagram, portrait phase and the largest Lyapunov exponent. Secondly, an application to digital secure communication based on the novel system is proposed, in which security is enhanced by continually switching different orders of derivative in an irregular pattern. Furthermore, making full use of the advantage of high-capacity transmission of complex system, the improved digital secure communication scheme is achieved based on hybrid synchronization in coupled fractional-order complex Chen system, that means anti-synchronization in real part of state variables and projective synchronization in imaginary part, respectively. The corresponding numerical simulations demonstrate the effectiveness and feasibility of the proposed schemes.

Luo, Chao; Wang, Xingyuan

2013-04-01

469

Feasibility studies on explosive detection and homeland security applications using a neutron and x-ray combined computed tomography system  

NASA Astrophysics Data System (ADS)

The successful creation and operation of a neutron and X-ray combined computed tomography (NXCT) system has been demonstrated by researchers at the Missouri University of Science and Technology. The NXCT system has numerous applications in the field of material characterization and object identification in materials with a mixture of atomic numbers represented. Presently, the feasibility studies have been performed for explosive detection and homeland security applications, particularly in concealed material detection and determination of the light atomic number materials. These materials cannot be detected using traditional X-ray imaging. The new system has the capability to provide complete structural and compositional information due to the complementary nature of X-ray and neutron interactions with materials. The design of the NXCT system facilitates simultaneous and instantaneous imaging operation, promising enhanced detection capabilities of explosive materials, low atomic number materials and illicit materials for homeland security applications. In addition, a sample positioning system allowing the user to remotely and automatically manipulate the sample makes the system viable for commercial applications. Several explosives and weapon simulants have been imaged and the results are provided. The fusion algorithms which combine the data from the neutron and X-ray imaging produce superior images. This paper is a compete overview of the NXCT system for feasibility studies of explosive detection and homeland security applications. The design of the system, operation, algorithm development, and detection schemes are provided. This is the first combined neutron and X-ray computed tomography system in operation. Furthermore, the method of fusing neutron and X-ray images together is a new approach which provides high contrast images of the desired object. The system could serve as a standardized tool in nondestructive testing of many applications, especially in explosives detection and homeland security research.

Sinha, V.; Srivastava, A.; Lee, H. K.; Liu, X.

2013-05-01

470

Enabling distributed simulation multilevel security using virtual machine and virtual private network technology  

NASA Astrophysics Data System (ADS)

Increasing the accuracy of the portrayal of all of the elements of a simulation environment has long been a prime goal of the modeling and simulation community; a goal that has remained far out of reach for many reasons. One of the greatest hurdles facing simulation developers in the effort to increase simulation accuracy is the need to segregate information across the entire simulation environment according to access restrictions in order to insure the integrity, security, and reliability requirements imposed on the data. However, this need for segregation does not mean that those with the highest access permissions should be forced to use multiple computers and displays to integrate the information that they need or that intelligent agents should be restricted in their access to the information that they need in order to adequately assist their human operators. In this paper, we present a potential solution to the problem of integrating and segregating data, which is the use of virtual machine and virtual private network technology in order to maintain segregation of data, control access, and control intercommunication.

Stytz, Martin R.; Banks, Sheila B.

2007-04-01

471

Lightweight and Compromise Resilient Storage Outsourcing with Distributed Secure Accessibility in Mobile Cloud Computing  

Microsoft Academic Search

Mobile Cloud Computing usually consists of front-end users who possess mobile devices and back-end cloud servers. This paradigm empowers users to pervasively access a large volume of storage resources with portable devices in a distributed and cooperative manner. During the period between uploading and downloading files (data), the privacy and integrity of files need to be guaranteed. To this end,

Wei Ren; Linchen Yu; Ren Gao; Feng Xiong

2011-01-01

472

Ponder: A Language for Specifying Security and Management Policies for Distributed Systems  

Microsoft Academic Search

This document defines a declarative, object-oriented language for specifying policies for the securityand management of distributed systems. The language includes constructs for specifying thefollowing basic policy types: authorisation policies that define permitted actions; event-triggeredobligation policies that define actions to be performed by manager agents; refrain policies that defineactions that subjects must refrain from performing; and delegation policies that define what...

Nicodemos Damianou; Naranker Dulay; Emil Lupu; Morris Sloman

2000-01-01

473

The Mobile Agent Security Enhanced by Trusted Computing Technology  

Microsoft Academic Search

The mobile agent (MA) technology has been widely used to archive plenty of applications in distributed systems. The mobile agents are completely exposed in different hosts and easy to be attacked by different adversaries. In this paper, the requirements for security of MA are analyzed. Considering the security and safety problems both in software and hardware, we construct a way

Xiaoping Wu; Zhidong Shen; Huanguo Zhang

2006-01-01

474

From Secure Memories to Smart Card Security  

NASA Astrophysics Data System (ADS)

Non-volatile memory is essential in most embedded security applications. It will store the key and other sensitive materials for cryptographic and security applications. In this chapter, first an overview is given of current flash memory architectures. Next the standard security features which form the basis of so-called secure memories are described in more detail. Smart cards are a typical embedded application that is very vulnerable to attacks and that at the same time has a high need for secure non-volatile memory. In the next part of this chapter, the secure memories of so-called flash-based high-density smart cards are described. It is followed by a detailed analysis of what the new security challenges for such objects are.

Handschuh, Helena; Trichina, Elena

475

Final Report and Documentation for the Security Enabled Programmable Switch for Protection of Distributed Internetworked Computers LDRD.  

National Technical Information Service (NTIS)

An increasing number of corporate security policies make it desirable to push security closer to the desktop. It is not practical or feasible to place security and monitoring software on all computing devices (e.g. printers, personal digital assistants, c...

B. D. Kucera J. A. Van Randwyk L. G. Pierson N. A. Durgin P. J. Robertson T. J. Toole

2010-01-01

476

Extensible Operating System Security.  

National Technical Information Service (NTIS)

The EXOS project investigated the practical application of security to extensible operating systems. The project leaders investigated how security policies should be represented and supported in extensible systems, concluding that classical policy models ...

D. Hollingworth T. Redmond R. Rice

2002-01-01

477

Compact Dielectric Wall Accelerator Development For Intensity Modulated Proton Therapy And Homeland Security Applications  

SciTech Connect

Compact dielectric wall (DWA) accelerator technology is being developed at the Lawrence Livermore National Laboratory. The DWA accelerator uses fast switched high voltage transmission lines to generate pulsed electric fields on the inside of a high gradient insulating (HGI) acceleration tube. Its high electric field gradients are achieved by the use of alternating insulators and conductors and short pulse times. The DWA concept can be applied to accelerate charge particle beams with any charge to mass ratio and energy. Based on the DWA system, a novel compact proton therapy accelerator is being developed. This proton therapy system will produce individual pulses that can be varied in intensity, energy and spot width. The system will be capable of being sited in a conventional linac vault and provide intensity modulated rotational therapy. The status of the developmental new technologies that make the compact system possible will be reviewed. These include, high gradient vacuum insulators, solid dielectric materials, SiC photoconductive switches and compact proton sources. Applications of the DWA accelerator to problems in homeland security will also be discussed.

Chen, Y -; Caporaso, G J; Guethlein, G; Sampayan, S; Akana, G; Anaya, R; Blackfield, D; Cook, E; Falabella, S; Gower, E; Harris, J; Hawkins, S; Hickman, B; Holmes, C; Horner, A; Nelson, S; Paul, A; Pearson, D; Poole, B; Richardson, R; Sanders, D; Stanley, J; Sullivan, J; Wang, L; Watson, J; Weir, J

2009-06-17

478

Through-barrier detection of explosive components for security screening applications  

NASA Astrophysics Data System (ADS)

The detection of materials through containers is a vital capability for security screening applications at high risk locations, such as airports and checkpoints. Current detection procedures require suspect containers to be opened and the contents sampled, which is laborious and potentially hazardous to the operator. The capability to detect through-barrier would overcome these issues. Spatially Offset Raman Spectroscopy (SORS) is an innovative spectroscopic technique that avoids fluorescence and Raman scatter from containers, which can mask the Raman signature from the sample. This novel approach enables noninvasive detection of hazardous and benign materials through a wider range of container materials than is possible using conventional Raman spectroscopy. SORS spectra were acquired from explosive compounds and benign materials within a range of coloured glass and plastic containers. The SORS spectra were compared to the reference Raman signatures of the materials studied. Two data analysis methods were then applied to the resultant data to investigate the ability of SORS to detect the target materials through the barriers tested. Furthermore, the potential for reduction of sample fluorescence was investigated by using longer excitation wavelength (1064 nm) than is typically used in commercially available Raman instruments that use silicon detector technology. For some fluorescent samples, Raman spectral features that were masked by fluorescence at 785 nm were revealed at 1064 nm.

Lee, Linda; Frisby, Alex; Mansson, Ralph; Hopkins, Rebecca J.

2011-10-01

479

MAINTAINING HIGH RESOLUTION MASS SPECTROMETRY CAPABILITIES FOR NATIONAL NUCLEAR SECURITY ADMINISTRATION APPLICATIONS  

Microsoft Academic Search

The Department of Energy (DOE) National Nuclear Security Administration (NNSA) has a specialized need for analyzing low mass gas species at very high resolutions. The currently preferred analytical method is electromagnetic sector mass spectrometry. This method allows the NNSA Nuclear Security Enterprise (NSE) to resolve species of similar masses down to acceptable minimum detection limits (MDLs). Some examples of these

S. Wyrick; J. Cordaro; G. Reeves; J. Mcintosh; C. Mauldin; K. Tietze; D. Varble

2011-01-01

480

An Enhanced Secure and Scalable Model for Enterprise Applications using Automated Monitoring  

Microsoft Academic Search

E-Business must be highly secured and scalable to provide efficient services to millions of clients on the web. This paper proposes a new approach based on shared objects to improve security and mobile agents to improve scalability. The e-business uses shared objects and mobile agents to update the clients automatically with new information. The agent that resides in the database

A. Kannammal; V. Ramachandran; N. Ch. S. N. Iyengar

2006-01-01

481

The Application of Existing Simulation Systems To Emerging Homeland Security Training Needs  

Microsoft Academic Search

Following the events of September 11, 2001, many countries began new efforts targeted at improving the security of their nation. These have included additional security at border entry points, new procedures for screening materials entering the country, a increased focus on intelligence information gathered at home and abroad, and the preparation of emergency response personnel who must deal with terrorist

Roger Smith

482

Modeling and simulation for cyber-physical system security research, development and applications  

Microsoft Academic Search

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research

Guylaine M. Pollock; William Dee Atkins; Moses Daniel Schwartz; Adrian R. Chavez; Jorge Mario Urrea; Nicholas Pattengale; Michael James McDonald; Regis H. Cassidy; Ronald D. Halbgewachs; Bryan T. Richardson; John C. Mulder

2010-01-01

483

A whitebox approach for automated security testing of Android applications on the cloud  

Microsoft Academic Search

By changing the way software is delivered to end-users, markets for mobile apps create a false sense of security: apps are downloaded from a market that can potentially be regulated. In practice, this is far from truth and instead, there has been evidence that security is not one of the primary design tenets for the mobile app stores. Recent studies

Naeem Esfahani; Thabet Kacem; Nariman Mirzaei; Sam Malek; Angelos Stavrou

2012-01-01

484

Using Application Servers to Build Distributed Data Systems  

NASA Astrophysics Data System (ADS)

Space and Earth scientists increasingly require data products from multiple sensors. Frequently these data are widely distributed and each source may have very different types of data products. For instance a single space science research project can require data from more than one instrument on more than one spacecraft, data from Earth based sensors and results from theoretical models. These data and model results are housed at many locations around the world. The location of the data may change with time as spacecraft are complete their missions. Unless care is taken in providing access to these data, using them will require a great deal of effort on the part of individual scientists. Today's data system designers are challenged to link these distributed sources and make them work together as one. One approach to providing universal support is to base the core functionality of each data provider on common technology. An emerging technology platform is Sun's Java Application Server. With an application server approach all services offered by the data center are provided through Java servlets that can be invoked through the