Science.gov

Sample records for secure web applications

  1. Lecture 3: Web Application Security

    E-print Network

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  2. From client-side encryption to secure web applications

    E-print Network

    Stark, Emily (Emily Margarete)

    2013-01-01

    This thesis presents an approach for designing secure web applications that use client-side encryption to keep user data private in the face of arbitrary web server compromises, as well as a set of tools, called CryptFrame, ...

  3. Web Application Security Standards and Practices Page 1 of 14 Web Application Security Standard Operating Environment (SOE) V1.3

    E-print Network

    Columbia University

    Web Application Security Standards and Practices Page 1 of 14 Web Application Security Standard Operating Environment (SOE) V1.3 Columbia University Web Application Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Application Security Standards and Practices

  4. Ripley: Automatically Securing Distributed Web Applications

    E-print Network

    Livshits, Ben

    , adjust their quantities, add coupons, compute the shopping cart totals, etc. When run on the clientScript-based shopping cart within a typical e-commerce retail site such as Amazon.com that allows the user to add items, this application can be compromised in a variety of ways. For instance, coupon validation checks can be dodged

  5. Web-Based Training Applications in Safeguards and Security

    SciTech Connect

    Lopez, R.L.

    1999-05-21

    The U.S. Department of Energy (DOE) requires all employees who hold a security clearance and have access to classified information and/or special nuclear material to be trained in the area of Safeguards and Security. Since the advent of the World Wide Web, personnel who are responsible for training have capitalized on this communication medium to develop and deliver Web-based training. Unlike traditional computer based training where the student was required to find a workstation where the training program resided, one of Web-based training strongest advantage is that the training can be delivered right to the workers desk top computer. This paper will address reasons for the driving forces behind the utilization of Web-based training at the Laboratory with a brief explanation of the different types of training conducted. Also discussed briefly is the different types of distance learning used in conjunction with Web-based training. The implementation strategy will be addressed and how the Laboratory utilized a Web-Based Standards Committee to develop standards for Web-based training applications. Web-based problems resulting from little or no communication between training personnel across the Laboratory will be touched on and how this was solved. Also discussed is the development of a ''Virtual Training Center'' where personnel can shop on-line for their training needs. Web-based training programs within the Safeguards and Security arena will be briefly discussed. Specifically, Web-based training in the area of Materials Control and Accountability will be explored. A Web-based example of what a student would experience during a training session is also discussed. A short closing statement of what the future of Web-based Training holds in the future is offered.

  6. Security Analysis and Improvement Model for Web-based Applications 

    E-print Network

    Wang, Yong

    2010-01-14

    be conceptually expressed in the discrete states of (web_client_good; web_server_good, web_server_vulnerable, web_server_attacked, web_server_security_failed; database_server_good, database_server_vulnerable, database_server_attacked, database...

  7. Simultaneous Scalability and Security for Data-Intensive Web Applications

    E-print Network

    Service Provider (DSSP) that caches application data and supplies query answers on behalf about security. However, if all data passing through a DSSP is encrypted to enhance security, then data impacting scalability. Experiments over a prototype DSSP system show the effectiveness of our static

  8. Simultaneous Scalability and Security for DataIntensive Web Applications

    E-print Network

    Service Provider (DSSP) that caches application data and supplies query answers on behalf about security. However, if all data passing through a DSSP is encrypted to enhance security, then data impacting scalability. Experiments over a prototype DSSP system show the e#ectiveness of our static analysis

  9. Practical security for multi-user web application databases

    E-print Network

    Redfield, Catherine M. S

    2012-01-01

    Online web applications are continuously vulnerable to attacks on their users' data. Outside adversaries can gain unauthorized access by exploiting unknown vulnerabilities; curious or malicious database administrators can ...

  10. End-to-end Web Application Security Ulfar Erlingsson Benjamin Livshits

    E-print Network

    Livshits, Ben

    relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client-to-end security, Web clients must be enhanced. We introduce Mutation-Event Trans- forms: an easy-to-use client of attractive, new security poli- cies that demonstrate the advantages of end-to-end Web application security

  11. Simultaneous Scalability and Security for Data-Intensive Web Applications

    E-print Network

    Tomasic, Anthony

    be provided by a third-party Database Scalability Service Provider (DSSP) that caches application data applications, inevitably raising concerns about security. However, if all data passing through a DSSP of the database that can be encrypted without impacting scalability. Exper- iments over a prototype DSSP system

  12. Towards a Pattern Language for Security Risk Analysis of Web Applications

    E-print Network

    Stølen, Ketil

    development life cycle. Categories and Subject Descriptors: D.D.9 [Software Engineering]: Management a security requirements pattern, a web application design pattern and a risk analysis model patternTowards a Pattern Language for Security Risk Analysis of Web Applications Yan Li, SINTEF ICT

  13. Simultaneous Scalability and Security for Data-Intensive Web Applications

    E-print Network

    Maggs, Bruce M.

    -party Database Scalability Service Provider (DSSP) that caches application data and supplies query answers, inevitably raising concerns about security. However, if all data passing through a DSSP is encrypted of the database that can be encrypted without impacting scalability. Exper- iments over a prototype DSSP system

  14. Inlined Monitors for Security Policy Enforcement in Web Applications

    E-print Network

    Katsaros, Panagiotis

    . INTRODUCTION Web Application vulnerabilities such as cross-site script- ing (XSS) and SQL injection are caused that may be not adequate for all types of SQL injections and XSS attacks. If the application incorporates a reference monitor inlining ap- proach that treats input injection vulnerabilities as a cross- cutting

  15. Supporting secure programming in web applications through interactive static analysis.

    PubMed

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2014-07-01

    Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

  16. Supporting secure programming in web applications through interactive static analysis

    PubMed Central

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2013-01-01

    Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

  17. Securing Web Applications with Static and Dynamic Information Flow Tracking

    E-print Network

    Lam, Monica

    Microsoft Research livshits@microsoft.com John Whaley Moka5, Inc. jwhaley@moka5.com Abstract SQL injection, Reliability Keywords pattern matching, web applications, SQL injection, cross-site scripting, static analysis, which an at- tacker will turn to unexpected purposes. SQL injection is one of the top five external

  18. An Analysis Framework for Security in Web Applications Gary Wassermann Zhendong Su

    E-print Network

    Su, Zhendong

    in the context of web applica- tions. In particular, we study how to prevent the class of SQL command injection. The source language is Java or Perl, and the target language is SQL. 1.1 SQL Command Injection For web applications, one common class of security prob- lems is the so-called SQL command injection attacks [9,23]. We

  19. On Security Analysis of PHP Web Applications David Hauzar and Jan Kofron

    E-print Network

    , and missing authorization. The most common programming language used at the server side is PHP [13]. PHPOn Security Analysis of PHP Web Applications David Hauzar and Jan Kofron Faculty of Mathematics-application development, such as PHP, suffer from a relatively high false-positive rate and low coverage of real errors

  20. Teaching Web Security Using Portable Virtual Labs

    ERIC Educational Resources Information Center

    Chen, Li-Chiou; Tao, Lixin

    2012-01-01

    We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

  1. A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application

    SciTech Connect

    Curtis, Darren S.; Peterson, Elena S.; Oehmen, Chris S.

    2008-05-04

    This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroic effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster.

  2. MasteringWeb Services Security MasteringWeb Services Security

    E-print Network

    for ASP.NET Web Services Planning and building secure Web Service systems ­ Architectural and policy to secure today ­ simple WS systems Java and (ASP).NET ­ complex WS systems for large enterprises Describe+, .NET, EJB Securing (ASP).NET and Java Web Services 3. Advanced Topics Interoperability Administration

  3. A case for avoiding security-enhanced HTTP tools to improve security for Web-based applications

    SciTech Connect

    Wood, B.

    1996-03-01

    This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show how one can treat HTTP browsers and servers as untrusted elements in the network so that one can rely on other mechanisms to achieve better overall security than can be attained through today`s security-enhanced HTTP tools.

  4. Finding security bugs in web applications using domain-specific static analysis

    E-print Network

    Near, Joseph P. (Joseph Paul)

    2015-01-01

    This thesis proposes new techniques for finding and eliminating application-specific bugs in web applications. We demonstrate three approaches to finding these bugs, each representing one position in the compromise between ...

  5. DIRAC: Secure web user interface

    NASA Astrophysics Data System (ADS)

    Casajus Ramo, A.; Sapunov, M.

    2010-04-01

    Traditionally the interaction between users and the Grid is done with command line tools. However, these tools are difficult to use by non-expert users providing minimal help and generating outputs not always easy to understand especially in case of errors. Graphical User Interfaces are typically limited to providing access to the monitoring or accounting information and concentrate on some particular aspects failing to cover the full spectrum of grid control tasks. To make the Grid more user friendly more complete graphical interfaces are needed. Within the DIRAC project we have attempted to construct a Web based User Interface that provides means not only for monitoring the system behavior but also allows to steer the main user activities on the grid. Using DIRAC's web interface a user can easily track jobs and data. It provides access to job information and allows performing actions on jobs such as killing or deleting. Data managers can define and monitor file transfer activity as well as check requests set by jobs. Production managers can define and follow large data productions and react if necessary by stopping or starting them. The Web Portal is build following all the grid security standards and using modern Web 2.0 technologies which allow to achieve the user experience similar to the desktop applications. Details of the DIRAC Web Portal architecture and User Interface will be presented and discussed.

  6. AUTOMATICALLY HARDENING WEB APPLICATIONS USING PRECISE TAINTING

    E-print Network

    Nguyen-Tuong, Anh

    words: web security; web vulnerabilities; SQL injection; PHP; cross-site scripting attacks; precise classes of web application security vulnerabilities: command injection (including script and SQL injection security vulnerabilities. The simple and natural ways of creating a web application are prone to SQL

  7. Dynamic Multi-Process Information Flow Tracking for Web Application Security

    E-print Network

    Chiueh, Tzi-cker

    to protect them from the most common two types of web application attacks: SQL- and script-injection attack operational WASC prototype show that it can indeed stop all SQL/script injection attacks that we have tested. For example, the SQL injection attack [4] takes advantage of such lack of sanity check to alter the semantics

  8. IT Security: Target: The Web

    ERIC Educational Resources Information Center

    Waters, John K.

    2009-01-01

    In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

  9. AUTOMATICALLY HARDENING WEB APPLICATIONS USING PRECISE TAINTING

    E-print Network

    Evans, David

    words: web security; web vulnerabilities; SQL injection; PHP; cross-site scripting attacks; precise contain security vulnerabilities (e.g., Listings 11-3 and 12-2 allow SQL injection, and Listing 12 application security vulnerabilities: command injection (including script and SQL injection) and cross

  10. Vulnerability Analysis of Web-based Applications

    E-print Network

    Vigna, Giovanni

    , and a second line of defense is represented by auditing the application code for possible security problems point for the compromise of computer networks. Second, web-based applications of- ten interface

  11. Engineering Adaptive Web Applications

    E-print Network

    Dolog, Peter

    Engineering Adaptive Web Applications Von Fakultät für Elektrotechnik und Informatik der Peter Dolog Engineering Adaptive Web Applications Dr. rer. nat. Dissertation 2006 #12;#12;Zusammenfassung: Nutzer von Web-Anwendungen stammen sich aus verschiedensten Nut- zergruppen, die sich in ihrem

  12. Introducing Web Application Development

    E-print Network

    Ding, Wei

    Introducing Web Application Development Instructor: Dr Wei Ding Development Instructor: Dr.Wei Ding Fall 2009 1CS 437/637 Database-BackedWeb Sites andWeb Services Introduction: Internet vs. World Wide Web Internet is an interconnected network of thousands ofInternet is an interconnected network

  13. To appear in Proceedings of the 16th USENIX Security Symposium (Security '07) SIF: Enforcing Confidentiality and Integrity in Web Applications

    E-print Network

    Myers, Andrew C.

    Science, Cornell University Abstract SIF (Servlet Information Flow) is a novel software framework flows, providing stronger security assurance [28]. Therefore, we have developed Servlet Information Flow applications, in exchange for trust in the servlet framework and the Jif 3.0 compiler--a good bargain be- cause

  14. Security for Web-Based Tests.

    ERIC Educational Resources Information Center

    Shermis, Mark D.; Averitt, Jason

    The purpose of this paper is to enumerate a series of security steps that might be taken by those researchers or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations here…

  15. Designing, Implementing, and Evaluating Secure Web Browsers

    ERIC Educational Resources Information Center

    Grier, Christopher L.

    2009-01-01

    Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

  16. Web Mining: Machine Learning for Web Applications.

    ERIC Educational Resources Information Center

    Chen, Hsinchun; Chau, Michael

    2004-01-01

    Presents an overview of machine learning research and reviews methods used for evaluating machine learning systems. Ways that machine-learning algorithms were used in traditional information retrieval systems in the "pre-Web" era are described, and the field of Web mining and how machine learning has been used in different Web mining applications

  17. Factsheets Web Application

    SciTech Connect

    VIGIL,FRANK; REEDER,ROXANA G.

    2000-10-30

    The Factsheets web application was conceived out of the requirement to create, update, publish, and maintain a web site with dynamic research and development (R and D) content. Before creating the site, a requirements discovery process was done in order to accurately capture the purpose and functionality of the site. One of the high priority requirements for the site would be that no specialized training in web page authoring would be necessary. All functions of uploading, creation, and editing of factsheets needed to be accomplished by entering data directly into web form screens generated by the application. Another important requirement of the site was to allow for access to the factsheet web pages and data via the internal Sandia Restricted Network and Sandia Open Network based on the status of the input data. Important to the owners of the web site would be to allow the published factsheets to be accessible to all personnel within the department whether or not the sheets had completed the formal Review and Approval (R and A) process. Once the factsheets had gone through the formal review and approval process, they could then be published both internally and externally based on their individual publication status. An extended requirement and feature of the site would be to provide a keyword search capability to search through the factsheets. Also, since the site currently resides on both the internal and external networks, it would need to be registered with the Sandia search engines in order to allow access to the content of the site by the search engines. To date, all of the above requirements and features have been created and implemented in the Factsheet web application. These have been accomplished by the use of flat text databases, which are discussed in greater detail later in this paper.

  18. Building fast and secure Web services with OKWS

    E-print Network

    Krohn, Maxwell (Maxwell N.)

    2005-01-01

    OKWS is a Web server specialized for secure and fast delivery of dynamic content. It provides Web developers with a small set of tools powerful enough to build complex Web-based systems. Despite its emphasis on security, ...

  19. FPA Depot - Web Application

    NASA Technical Reports Server (NTRS)

    Avila, Edwin M. Martinez; Muniz, Ricardo; Szafran, Jamie; Dalton, Adam

    2011-01-01

    Lines of code (LOC) analysis is one of the methods used to measure programmer productivity and estimate schedules of programming projects. The Launch Control System (LCS) had previously used this method to estimate the amount of work and to plan development efforts. The disadvantage of using LOC as a measure of effort is that one can only measure 30% to 35% of the total effort of software projects involves coding [8]. In the application, instead of using the LOC we are using function point for a better estimation of hours in each software to develop. Because of these disadvantages, Jamie Szafran of the System Software Branch of Control And Data Systems (NE-C3) at Kennedy Space Canter developed a web application called Function Point Analysis (FPA) Depot. The objective of this web application is that the LCS software architecture team can use the data to more accurately estimate the effort required to implement customer requirements. This paper describes the evolution of the domain model used for function point analysis as project managers continually strive to generate more accurate estimates.

  20. Application Security Automation

    ERIC Educational Resources Information Center

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  1. Improving web site security with data flow management

    E-print Network

    Yip, Alexander Siumann, 1979-

    2009-01-01

    This dissertation describes two systems, RESIN and BFLow, whose goal is to help Web developers build more secure Web sites. RESIN and BFLOW use data flow management to help reduce the security risks of using buggy or ...

  2. Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications

    E-print Network

    - curred in many high-profile applications, such as IIS [10] and WordPress [31], as well as 14% of surveyed of existing security tools, such as DIFT analy- ses for SQL injection prevention, by providing runtime in the complete compromise of a web application. Designing a secure authentication and access control system

  3. Privacy and Security in the Location-enhanced World Wide Web

    E-print Network

    Tygar, Doug

    Privacy and Security in the Location-enhanced World Wide Web Jason I. Hong1 , Gaetano Boriello2 to bootstrap the location-enhanced web. Keywords Location-aware, context-aware, WiFi hotspot, World Wide Web applications are rarely used by the general population, despite advances by the research community. We believe

  4. MedlinePlus Connect: Web Application

    MedlinePLUS

    ... nih.gov/medlineplus/connect/application.html MedlinePlus Connect: Web Application To use the sharing features on this ... please see our guidelines and instructions on linking. Web Application Overview The API for the Web application ...

  5. Security Data Warehouse Application

    NASA Technical Reports Server (NTRS)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  6. How to Make Personalized Web Browsing Simple, Secure, and Anonymous

    E-print Network

    Gibbons, Phillip B.

    How to Make Personalized Web Browsing Simple, Secure, and Anonymous Eran Gabber, Phillip B. Gibbons/her identity, for each web-site. The user may also desire mechanisms for anonymous e-mail. Besides mechanism. This paper describes the Janus Personalized Web Anonymizer, which makes personalized web browsing

  7. Information SecurityInformation Security--Applications andApplications and

    E-print Network

    Ahmed, Farid

    ScenariosApplication Scenarios Secure ProgrammingSecure Programming Multimedia Data Security using DWMMultimedia Data Security using DWM Research AgendasResearch Agendas Security Awareness, Training of Information SecuritySecurity Network SecurityNetwork Security PGP, SSL,PGP, SSL, IPsecIPsec Data SecurityData

  8. Project Assessment Skills Web Application

    NASA Technical Reports Server (NTRS)

    Goff, Samuel J.

    2013-01-01

    The purpose of this project is to utilize Ruby on Rails to create a web application that will replace a spreadsheet keeping track of training courses and tasks. The goal is to create a fast and easy to use web application that will allow users to track progress on training courses. This application will allow users to update and keep track of all of the training required of them. The training courses will be organized by group and by user, making readability easier. This will also allow group leads and administrators to get a sense of how everyone is progressing in training. Currently, updating and finding information from this spreadsheet is a long and tedious task. By upgrading to a web application, finding and updating information will be easier than ever as well as adding new training courses and tasks. Accessing this data will be much easier in that users just have to go to a website and log in with NDC credentials rather than request the relevant spreadsheet from the holder. In addition to Ruby on Rails, I will be using JavaScript, CSS, and jQuery to help add functionality and ease of use to my web application. This web application will include a number of features that will help update and track progress on training. For example, one feature will be to track progress of a whole group of users to be able to see how the group as a whole is progressing. Another feature will be to assign tasks to either a user or a group of users. All of these together will create a user friendly and functional web application.

  9. Qos-Security Metrics Based on ITIL and COBIT Standard for Measurement Web Services

    E-print Network

    Qos-Security Metrics Based on ITIL and COBIT Standard for Measurement Web Services Pattama information system standards, COBIT and ITIL, as a result of which new Qos-SM are developed. In order to prove facilitating its application in the organization. Keywords: Quality of service, ITIL, COBIT, Security Metrics

  10. A Framework for Migrating Web Applications to Web Services

    E-print Network

    Cordy, James R.

    A Framework for Migrating Web Applications to Web Services Asil A. Almonaies, Manar H. Alalfi-automatically migrat- ing monolithic legacy web applications to service oriented architecture (SOA) by separating potentially reusable features as web services. Software design re- covery and source transformation techniques

  11. Web 2.0 Technologies and Social Networking Security Fears in Enterprises

    E-print Network

    Almeida, Fernando

    2012-01-01

    Web 2.0 systems have drawn the attention of corporation, many of which now seek to adopt Web 2.0 technologies and transfer its benefits to their organizations. However, with the number of different social networking platforms appearing, privacy and security continuously has to be taken into account and looked at from different perspectives. This paper presents the most common security risks faced by the major Web 2.0 applications. Additionally, it introduces the most relevant paths and best practices to avoid these identified security risks in a corporate environment.

  12. Web Cube: a Programming Model for Reliable Web Applications

    E-print Network

    Utrecht, Universiteit

    Web Cube: a Programming Model for Reliable Web Applications I.S.W.B. Prasetya, T.E.J. Vos, S UU-CS-2005-002 www.cs.uu.nl #12;Web Cube: a Programming Model for Reliable Web Applications I@cs.uu.nl, tanja@iti.upv.es, doaitse@cs.uu.nl, bela@cs.ui.ac.id Abstract Web Cube is a server side programming

  13. Secure Web-Site Access with Tickets and Message-Dependent Digests

    USGS Publications Warehouse

    Donato, David I.

    2008-01-01

    Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

  14. Finding Bugs In Dynamic Web Applications

    E-print Network

    Artzi, Shay

    2008-02-06

    Web script crashes and malformed dynamically-generated web pages are common errors, and they seriously impact usability of web applications. Currenttools for web-page validation cannot handle the dynamically-generatedpages ...

  15. Intelligent and Adaptive Crawling of Web Applications for Web Archiving

    E-print Network

    Senellart, Pierre

    Intelligent and Adaptive Crawling of Web Applications for Web Archiving Muhammad Faheem1 and Pierre Kong, Hong Kong firstname.lastname@telecom.paristech.fr Abstract. Web sites are dynamic in nature with content and structure changing overtime. Many pages on the Web are produced by content management systems

  16. Turning Access™ into a web-enabled secure information system for clinical trials

    PubMed Central

    Chen, Dongquan; Chen, Wei-Bang; Soong, Mayhue; Soong, Seng-Jaw; Orthner, Helmuth F.

    2010-01-01

    Background Organizations that have limited resources need to conduct clinical studies in a cost-effective, but secure way. Clinical data residing in various individual databases need to be easily accessed and secured. Although widely available, digital certification, encryption, and secure web server, have not been implemented as widely, partly due to a lack of understanding of needs and concerns over issues such as cost and difficulty in implementation. Purpose The objective of this study was to test the possibility of centralizing various databases and to demonstrate ways of offering an alternative to a large-scale comprehensive and costly commercial product, especially for simple phase I and II trials, with reasonable convenience and security. Methods We report a working procedure to transform and develop a standalone Access™ database into a secure Web-based secure information system. Results For data collection and reporting purposes, we centralized several individual databases; developed, and tested a web-based secure server using self-issued digital certificates. Limitations The system lacks audit trails. The cost of development and maintenance may hinder its wide application. Conclusions The clinical trial databases scattered in various departments of an institution could be centralized into a web-enabled secure information system. The limitations such as the lack of a calendar and audit trail can be partially addressed with additional programming. The centralized Web system may provide an alternative to a comprehensive clinical trial management system. PMID:19625330

  17. Security Requirements for Social Networks in Web 2.0

    NASA Astrophysics Data System (ADS)

    Fernandez, Eduardo B.; Marin, Carolina; Petrie, Maria M. Larrondo

    A social network is a structure of individuals or organizations, which are connected by one or more types of interdependency, such as friendship, affinity, common interests or knowledge. Social networks use now web 2.0 technology and the users may need to follow a series of restrictions or conditions to join or add contents. We look here at their context and threats, in order to ascertain their needs for security. We propose the use of patterns to specify these requirements in a precise way and we present two specific patterns. A pattern is an encapsulated solution to a software problem in a given context. We present here the Participation-Collaboration Pattern, which describes the functionality of the collaboration between users in applications and the Collaborative Tagging Pattern, which is useful to share content using keywords to tag bookmarks, photographs and other contents. We also discuss possible improvements to the current situation.

  18. Information flow control for secure web sites

    E-print Network

    Krohn, Maxwell N. (Maxwell Norman)

    2008-01-01

    Sometimes Web sites fail in the worst ways. They can reveal private data that can never be retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt data to users [27]. Blame can fall on ...

  19. Providing caching abstractions for web applications

    E-print Network

    Gupta, Priya, S.M. Massachusetts Institute of Technology

    2010-01-01

    Web-based applications are used by millions of users daily, and as a result a key challenge facing web application designers is scaling their applications to handle this load. A crucial component of this challenge is scaling ...

  20. Session management for web-based healthcare applications.

    PubMed

    Wei, L; Sengupta, S

    1999-01-01

    In health care systems, users may access multiple applications during one session of interaction with the system. However, users must sign on to each application individually, and it is difficult to maintain a common context among these applications. We are developing a session management system for web-based applications using LDAP directory service, which will allow single sign-on to multiple web-based applications, and maintain a common context among those applications for the user. This paper discusses the motivations for building this system, the system architecture, and the challenges of our approach, such as the session objects management for the user, and session security. PMID:10566511

  1. Secure password-based authenticated key exchange for web services

    SciTech Connect

    Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

    2004-11-22

    This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

  2. Security Encryption Scheme for Communication of Web Based Control Systems

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

  3. Reliability, Compliance, and Security in Web-Based Course Assessments

    ERIC Educational Resources Information Center

    Bonham, Scott

    2008-01-01

    Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage…

  4. Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2007-01-01

    This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

  5. INSTITUTE FOR CYBER SECURITY Application-Centric Security

    E-print Network

    Sandhu, Ravi

    Data Collection for Innovation Analysis 1 Centric Security: How to Get There Prof. Ravi SandhuINSTITUTE FOR CYBER SECURITY Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio

  6. Automated intrusion recovery for web applications

    E-print Network

    Chandra, Ramesh, Ph. D. Massachusetts Institute of Technology

    2013-01-01

    In this dissertation, we develop recovery techniques for web applications and demonstrate that automated recovery from intrusions and user mistakes is practical as well as effective. Web applications play a critical role ...

  7. Reverse Engineering of Web Applications: A

    E-print Network

    Coenen, Frans

    Reverse Engineering of Web Applications: A Technical Review Reshma Patel1 Frans Coenen1 Russell/July 2007 #12;2Reverse Engineering of Web Applications: A Technical Report REVERSE ENGINEEING OF WEB, Wirral, CH62 3NX lawson@transglobalexpress.co.uk Abstract The World Wide Web (WWW) has become one

  8. Homeland Security and Defense Applications

    SciTech Connect

    2014-11-06

    Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

  9. Homeland Security and Defense Applications

    ScienceCinema

    None

    2015-01-09

    Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

  10. Secure, web-accessible call rosters for academic radiology departments.

    PubMed

    Nguyen, A V; Tellis, W M; Avrin, D E

    2000-05-01

    Traditionally, radiology department call rosters have been posted via paper and bulletin boards. Frequently, changes to these lists are made by multiple people independently, but often not synchronized, resulting in confusion among the house staff and technical staff as to who is on call and when. In addition, multiple and disparate copies exist in different sections of the department, and changes made would not be propagated to all the schedules. To eliminate such difficulties, a paperless call scheduling application was developed. Our call scheduling program allowed Java-enabled web access to a database by designated personnel from each radiology section who have privileges to make the necessary changes. Once a person made a change, everyone accessing the database would see the modification. This eliminates the chaos resulting from people swapping shifts at the last minute and not having the time to record or broadcast the change. Furthermore, all changes to the database were logged. Users are given a log-in name and password and can only edit their section; however, all personnel have access to all sections' schedules. Our applet was written in Java 2 using the latest technology in database access. We access our Interbase database through the DataExpress and DB Swing (Borland, Scotts Valley, CA) components. The result is secure access to the call rosters via the web. There are many advantages to the web-enabled access, mainly the ability for people to make changes and have the changes recorded and propagated in a single virtual location and available to all who need to know. PMID:10847414

  11. A Lightweight Approach to Web Application Integrity Per A. Hallgren

    E-print Network

    Sabelfeld, Andrei

    GlassTube A Lightweight Approach to Web Application Integrity Per A. Hallgren Keyflow AB & Chalmers: either no security guarantees with HTTP or both confidentiality and integrity with HTTPS. How- ever, in many scenarios confidentiality is not necessary and even undesired, while integrity is essential

  12. SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card

    E-print Network

    Li, Mo

    SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card Applying for a Social Security Card is easy AND it is FREE! If you DO NOT follow these instructions, we CANNOT process your the items as they apply to that person. 2. Show an address where you can receive the card 10 to 14 days from

  13. XMM-Newton Mobile Web Application

    NASA Astrophysics Data System (ADS)

    Ibarra, A.; Kennedy, M.; Rodríguez, P.; Hernández, C.; Saxton, R.; Gabriel, C.

    2013-10-01

    We present the first XMM-Newton web mobile application, coded using new web technologies such as HTML5, the Query mobile framework, and D3 JavaScript data-driven library. This new web mobile application focuses on re-formatted contents extracted directly from the XMM-Newton web, optimizing the contents for mobile devices. The main goals of this development were to reach all kind of handheld devices and operating systems, while minimizing software maintenance. The application therefore has been developed as a web mobile implementation rather than a more costly native application. New functionality will be added regularly.

  14. Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance.

    PubMed

    Kamel Boulos, Maged N; Sanfilippo, Antonio P; Corley, Courtney D; Wheeler, Steve

    2010-10-01

    This paper explores Technosocial Predictive Analytics (TPA) and related methods for Web "data mining" where users' posts and queries are garnered from Social Web ("Web 2.0") tools such as blogs, micro-blogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people's collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks. PMID:20236725

  15. Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance

    SciTech Connect

    Kamel Boulos, Maged; Sanfilippo, Antonio P.; Corley, Courtney D.; Wheeler, Steve

    2010-03-17

    This paper explores techno-social predictive analytics (TPA) and related methods for Web “data mining” where users’ posts and queries are garnered from Social Web (“Web 2.0”) tools such as blogs, microblogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people’s collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks.

  16. Linked data platform for web applications

    E-print Network

    Presbrey, Joe (Joseph Warren)

    2014-01-01

    Most of today's web applications are tightly coupled to proprietary server backends that store and control all user data. This thesis presents Linked Data as a decentralized web app platform, eliminating vendor lock-in, ...

  17. Survey of Technologies for Web Application Development

    E-print Network

    Doyle, Barry

    2008-01-01

    Web-based application developers face a dizzying array of platforms, languages, frameworks and technical artifacts to choose from. We survey, classify, and compare technologies supporting Web application development. The classification is based on (1) foundational technologies; (2)integration with other information sources; and (3) dynamic content generation. We further survey and classify software engineering techniques and tools that have been adopted from traditional programming into Web programming. We conclude that, although the infrastructure problems of the Web have largely been solved, the cacophony of technologies for Web-based applications reflects the lack of a solid model tailored for this domain.

  18. Bachelor Project StockHome -Web Application

    E-print Network

    Lanza, Michele

    Bachelor Project StockHome - Web Application User interface for a financial analysis tool Gilad and assisting us during dark times. Last but not least, I would like to thank my friends who spent those long . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 iii #12;Gilad Geron StockHome - Web Application A Technologies 31 A.1 Ruby

  19. MedIT Solutions Web application development

    E-print Network

    MacMillan, Andrew

    MedIT Solutions Web application development MedIT can create a customized web app unique to you- ports, pull metrics and much more. Virtual server hosting On a grant budget? MedIT provides vir- tual infrastructure. Virtual desktop and applications MedIT offers a complete remote office, giving you access to all

  20. Multimedia Security System for Security and Medical Applications

    ERIC Educational Resources Information Center

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  1. Data mining approach to web application intrusions detection

    NASA Astrophysics Data System (ADS)

    Kalicki, Arkadiusz

    2011-10-01

    Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

  2. Web services synchronization health care application

    E-print Network

    Limam, Hela

    2011-01-01

    With the advance of Web Services technologies and the emergence of Web Services into the information space, tremendous opportunities for empowering users and organizations appear in various application domains including electronic commerce, travel, intelligence information gathering and analysis, health care, digital government, etc. In fact, Web services appear to be s solution for integrating distributed, autonomous and heterogeneous information sources. However, as Web services evolve in a dynamic environment which is the Internet many changes can occur and affect them. A Web service is affected when one or more of its associated information sources is affected by schema changes. Changes can alter the information sources contents but also their schemas which may render Web services partially or totally undefined. In this paper, we propose a solution for integrating information sources into Web services. Then we tackle the Web service synchronization problem by substituting the affected information sources....

  3. Access Control of Web- and Java-Based Applications

    NASA Technical Reports Server (NTRS)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  4. A specialized framework for data retrieval Web applications

    SciTech Connect

    Jerzy Nogiec; Kelley Trombly-Freytag; Dana Walbridge

    2004-07-12

    Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.

  5. Web Application Software for Ground Operations Planning Database (GOPDb) Management

    NASA Technical Reports Server (NTRS)

    Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

    2013-01-01

    A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

  6. Access Control of Web and Java Based Applications

    NASA Technical Reports Server (NTRS)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  7. VOGCLUSTERS: An Example of DAME Web Application

    NASA Astrophysics Data System (ADS)

    Castellani, M.; Brescia, M.; Mancini, E.; Pellecchia, L.; Longo, G.

    2012-07-01

    We present the alpha release of the VOGCLUSTERS web application, specialized for data and text mining on globular clusters. It is one of the web2.0 technology based services of Data Mining &Exploration (DAME) Program, devoted to mine and explore heterogeneous information related to globular clusters data.

  8. Web-Based Software Vendor Management Application

    E-print Network

    Puppala, Naresh

    2010-05-14

    and troubleshooting. The following is the list of software used to develop the web-based application. • My SQL 5.1 • Java 5.0 • JQuery and Hibernate framework • Web services Business Database User Interface Figure 8: VMS Data Flow 33 • Apache Tomcat web..., SQL Server, MS Access, etc. 4.5.3 Quality Software Is Reusable The object-oriented language Java was chosen due to platform portability, making it easy to be plugged into other systems. Application programs were modularized by breaking 39 them...

  9. Schedule Estimation for Web Application Development

    E-print Network

    Fernando, Lake

    2008-05-16

    Klynveld, Peat, Marvick, and Goerdeler 7 Term/Phrase Definition JSP Java Server Pages API Servlet A Java Servlet is a web application component which is deployed in a web server and services web request from a browser. HTML HyperText Markup Language...-View- Controller (MVC) design pattern. • Java 5 Standard Edition – Java SE • Java 5 Enterprise Edition – Java EE • JRE version 5 • JSP version 2.0 • Servlet version 2.5 • Struts version 1.2.9 • Apache Tomcat Web Server • HTML 38 • JavaScript • Ant...

  10. A PKI-BASED SECURE AUDIT WEB SERVICE Wensheng Xu, David Chadwick, Sassa Otenko

    E-print Network

    Kent, University of

    A PKI-BASED SECURE AUDIT WEB SERVICE Wensheng Xu, David Chadwick, Sassa Otenko Computing Laboratory in secure log files for intrusion and misuse detection or system audit purposes. Because the log files may from the log files. In this paper we propose a secure audit web service (SAWS) which can provide

  11. Secure coprocessing applications and research issues

    SciTech Connect

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  12. ReSTful OSGi Web Applications Tutorial

    NASA Technical Reports Server (NTRS)

    Shams, Khawaja; Norris, Jeff

    2008-01-01

    This slide presentation accompanies a tutorial on the ReSTful (Representational State Transfer) web application. Using Open Services Gateway Initiative (OSGi), ReST uses HTTP protocol to enable developers to offer services to a diverse variety of clients: from shell scripts to sophisticated Java application suites. It also uses Eclipse for the rapid development, the Eclipse debugger, the test application, and the ease of export to production servers.

  13. Software Protection and Application Security: Understanding the Battleground ?

    E-print Network

    Van Oorschot, Paul

    in today's Internet has resulted in a vast array of new security threats and challenges. Indeed, it is diSoftware Protection and Application Security: Understanding the Battleground ? A. Main 1 P.C. van. The relationship between application security and data security, network security, and software security

  14. Software Protection and Application Security: Understanding the Battleground

    E-print Network

    Van Oorschot, Paul

    in today's Internet has resulted in a vast array of new security threats and challenges. IndeedSoftware Protection and Application Security: Understanding the Battleground A. Main1 P.C. van. The relationship between application security and data security, network security, and software security

  15. Rigorous and Automatic Testing of Web Applications Xiaoping Jia and Hongming Liu

    E-print Network

    Jia, Xiaoping

    , security and performance of a web application, a test engine can au- tomatically generate test cases using a formal specification language. A test engine will take the specification as the input to the test engine is a formal specifica- tion in XML syntax which specifies the functionality, security

  16. Capturing Trust in Social Web Applications

    NASA Astrophysics Data System (ADS)

    O'Donovan, John

    The Social Web constitutes a shift in information flow from the traditional Web. Previously, content was provided by the owners of a website, for consumption by the end-user. Nowadays, these websites are being replaced by Social Web applications which are frameworks for the publication of user-provided content. Traditionally, Web content could be `trusted' to some extent based on the site it originated from. Algorithms such as Google's PageRank were (and still are) used to compute the importance of a website, based on analysis of underlying link topology. In the Social Web, analysis of link topology merely tells us about the importance of the information framework which hosts the content. Consumers of information still need to know about the importance/reliability of the content they are reading, and therefore about the reliability of the producers of that content. Research into trust and reputation of the producers of information in the Social Web is still very much in its infancy. Every day, people are forced to make trusting decisions about strangers on the Web based on a very limited amount of information. For example, purchasing a product from an eBay seller with a `reputation' of 99%, downloading a file from a peer-to-peer application such as Bit-Torrent, or allowing Amazon.com tell you what products you will like. Even something as simple as reading comments on a Web-blog requires the consumer to make a trusting decision about the quality of that information. In all of these example cases, and indeed throughout the Social Web, there is a pressing demand for increased information upon which we can make trusting decisions. This chapter examines the diversity of sources from which trust information can be harnessed within Social Web applications and discusses a high level classification of those sources. Three different techniques for harnessing and using trust from a range of sources are presented. These techniques are deployed in two sample Social Web applications—a recommender system and an online auction. In all cases, it is shown that harnessing an increased amount of information upon which to make trust decisions greatly enhances the user experience with the Social Web application.

  17. A taxonomy and business analysis for mobile web applications

    E-print Network

    Liu, Kevin H

    2009-01-01

    Mobile web applications refer to web applications on mobile devices, aimed at personalizing, integrating, and discovering mobile contents in user contexts. This thesis presents a comprehensive study of mobile web applications ...

  18. Semantic-Web Technology: Applications at NASA

    NASA Technical Reports Server (NTRS)

    Ashish, Naveen

    2004-01-01

    We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical applications. Indeed there are several ongoing 0 endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific information gathering and integration to aviation safety decision support We provide a brief overview of many applications and ongoing work with the goal of informing the external community of these NASA endeavors.

  19. Secure voice for mobile satellite applications

    NASA Technical Reports Server (NTRS)

    Vaisnys, Arvydas; Berner, Jeff

    1990-01-01

    The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

  20. Automatically Hardening Web Applications Using Precise Tainting

    E-print Network

    Huang, Wei

    - ties. The simple and natural ways of creating a web application are prone to SQL injection attacks vulnerabilities (e.g., Listings 11-3 and 12-2 allow SQL injection, and Listing 12-4 allows cross-site scripting SQL injection) and cross-site scripting. Our solution involves replacing the standard PHP interpreter

  1. Where Did All the Data Go? Internet Security for Web-Based Assessments.

    ERIC Educational Resources Information Center

    Shermis, Mark D.; Averitt, Jason

    The purpose of this paper is to enumerate a series of security steps that might be taken by those individuals or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations focus…

  2. Using The GSM/UMTS SIM to Secure Web Services John A. MacDonald

    E-print Network

    Mitchell, Chris

    -constrained Mobile Station, comprising mo- bile device and service-enabling SIM card connected to a GPRS or UMTSUsing The GSM/UMTS SIM to Secure Web Services John A. MacDonald Information Security Group Royal utilising readily available J2ME, Java Card, J2SE and J2EE platforms, Web Services tools from Apache

  3. Design Automation Conference, 1998. Data Security for Web-based CAD

    E-print Network

    Hauck, Scott

    Design Automation Conference, 1998. Data Security for Web-based CAD Scott Hauck, Stephen Knol-performance computing, including VLSI CAD. In this paper we consider the ramifications of the Internet on electronics design, and develop two models for Web-based CAD. We also investigate the security of these systems

  4. Applications for cyber security - System and application monitoring

    SciTech Connect

    Marron, J. E.

    2006-07-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  5. Implementing a secure client/server application

    SciTech Connect

    Kissinger, B.A.

    1994-08-01

    There is an increasing rise in attacks and security breaches on computer systems. Particularly vulnerable are systems that exchange user names and passwords directly across a network without encryption. These kinds of systems include many commercial-off-the-shelf client/server applications. A secure technique for authenticating computer users and transmitting passwords through the use of a trusted {open_quotes}broker{close_quotes} and public/private keys is described in this paper.

  6. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Executive.ics.utsa.edu Institute for Cyber Security The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real-World Impact! The Data and Application Security

  7. Robust image obfuscation for privacy protection in Web 2.0 applications

    NASA Astrophysics Data System (ADS)

    Poller, Andreas; Steinebach, Martin; Liu, Huajian

    2012-03-01

    We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

  8. Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing

    E-print Network

    International Association for Cryptologic Research (IACR)

    Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing Mihir) and secure outsourcing (Gennaro, Gentry, Parno 2010)-- need adaptive security, where x may depend on F. We identify gaps in proofs from these papers with regard to adaptive security and suggest the need of a better

  9. Web API Fragility: How Robust Is Your Mobile Application?

    E-print Network

    Zaidman, Andy

    Web API Fragility: How Robust Is Your Mobile Application? Tiago Espinha Delft University-Gerhard.Gross@hs-esslingen.de Abstract--Web APIs provide a systematic and extensible ap- proach for application-to-application interaction. A large number of mobile applications makes use of web APIs to integrate services into apps. Each

  10. MEMS and MOEMS for national security applications

    NASA Astrophysics Data System (ADS)

    Scott, Marion W.

    2003-01-01

    Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

  11. The Bioverse API and Web Application

    SciTech Connect

    Guerquin, Michal; McDermott, Jason E.; Frazier, Zach; Samudrala, Ram

    2009-04-20

    The Bioverse is a framework for creating, warehousing and presenting biological information based on hierarchical levels of organisation. The framework is guided by a deeper philosophy of desiring to represent all relationships between all components of biological systems towards the goal of a wholistic picture of organismal biology. Data from various sources is combined into a single repository and a uniform interface is exposed to access it. The power of the approach of the Bioverse is that, due to its inclusive nature, patterns emerge from the acquired data and new predictions are made. The implementation of this repository (beginning with acquisition of source data, processing in a pipeline and concluding with storage in a relational database) and interfaces to the data contained in it, from a programmatic application interface to a user friendly web application, are discussed

  12. Using the World Wide Web: Applications for Marketing Educators.

    ERIC Educational Resources Information Center

    Stull, William A.; And Others

    1996-01-01

    This article introduces potential uses of the World Wide Web for marketing education, presents tips for navigating the web, and provides a sample of useful applications. Also provides suggestions for monitoring student use of the web. (JOW)

  13. Terahertz Imaging and Security Applications

    NASA Astrophysics Data System (ADS)

    Grossman, Erich

    2005-03-01

    Imaging at millimeter-wave and terahertz frequencies could vastly improve the security of personnel checkpoints, because of the penetration through clothing and spatial resolution available in this spectral range. Since 9/11, the social need for improved checkpoint screening has been obvious and great. However, although efforts to develop such imagers had been underway for many years before that, practical low-cost systems, analogous to IR uncooled imagers, still don't exist. An emphasis on purely passive imaging places very stringent sensitivity requirements on such imagers. A number of long-term efforts, which I briefly mention, are underway to improve the sensitivity of such passive imagers. However, most of the emphasis in our program is on active imaging. With this approach, much simpler and lower-cost detectors, such as (uncooled) antenna-coupled microbolometers can be used, at the expense of incorporating slightly more complex optics and illumination components. I discuss several tradeoffs presented in the design of active imaging systems for the 100 to 1000 GHz frequency range, describe how we have addressed them in the design of a scanning, 95 GHz, bolometer-based imager for concealed weapons detection that is nearing completion, and describe how the system architecture can be modified to scale the operating frequency to the 650 GHz atmospheric window. Co-authors: Arttu Luukanen and Aaron Miller

  14. Virtual real-time inspection of nuclear material via VRML and secure web pages

    SciTech Connect

    Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

    1997-04-01

    Sandia National Laboratories` Straight Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight Line`s efforts is to create a system to securely disseminate this data on the Internet`s World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight Line secure 3-D web page. A discussion of the ``pros and cons`` of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at the following address: http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended.

  15. Poster: Community-Based Security and Privacy Protection During Web Browsing

    E-print Network

    first ideas of a community based approach known from rating systems in online shopping to provide othersPoster: Community-Based Security and Privacy Protection During Web Browsing [Poster Abstract] Max. Internet users however do not see the protection of their privacy or security as the pri- mary goal

  16. Web 2.0 Security Position Paper: "JavaScript Breaks Free"

    E-print Network

    million people) have a broadband Internet connection at home, and 43% of those people are online for two or more hours per day [4]. Mostly, these people are browsing the web for news, shopping, blogging potentially escape past the browser as an emulator and cause serious security concerns. Security Concerns. One

  17. Learning DFA representations of HTTP for protecting web applications

    E-print Network

    New Mexico, University of

    Learning DFA representations of HTTP for protecting web applications Kenneth L. Ingham a,*, Anil by secu- rity threats. Protecting web server-based applications using intrusion detection is challenging). Web applications are difficult to protect because they are large, complex, highly customized

  18. Web Page Segmentation with Structured Prediction and its Application in Web Page Classification

    E-print Network

    Murphy, Robert F.

    Web Page Segmentation with Structured Prediction and its Application in Web Page Classification perform Web page seg- mentation with a structured prediction approach. It formu- lates the segmentation task as a structured labeling prob- lem on a transformed Web page segmentation graph (WPS- graph). WPS

  19. Web Application for Modeling Global Antineutrinos

    E-print Network

    Barna, Andrew

    2015-01-01

    Electron antineutrinos stream freely from rapidly decaying fission products within nuclear reactors and from long-lived radioactivity within Earth. Those with energy greater than 1.8 MeV are regularly observed by several kiloton-scale underground detectors. These observations estimate the amount of terrestrial radiogenic heating, monitor the operation of nuclear reactors, and measure the fundamental properties of neutrinos. The analysis of antineutrino observations at operating detectors or the planning of projects with new detectors requires information on the expected signal and background rates. We present a web application for modeling global antineutrino energy spectra and detection rates for any surface location. Antineutrino sources include all registered nuclear reactors as well as the crust and mantle of Earth. Visitors to the website may model the location and power of a hypothetical nuclear reactor, copy energy spectra, and analyze the significance of a selected signal relative to background.

  20. Web Application for Modeling Global Antineutrinos

    E-print Network

    Andrew Barna; Steve Dye

    2015-10-19

    Electron antineutrinos stream freely from rapidly decaying fission products within nuclear reactors and from long-lived radioactivity within Earth. Those with energy greater than 1.8 MeV are regularly observed by several kiloton-scale underground detectors. These observations estimate the amount of terrestrial radiogenic heating, monitor the operation of nuclear reactors, and measure the fundamental properties of neutrinos. The analysis of antineutrino observations at operating detectors or the planning of projects with new detectors requires information on the expected signal and background rates. We present a web application for modeling global antineutrino energy spectra and detection rates for any surface location. Antineutrino sources include all registered nuclear reactors as well as the crust and mantle of Earth. Visitors to the website may model the location and power of a hypothetical nuclear reactor, copy energy spectra, and analyze the significance of a selected signal relative to background.

  1. Rubicon: Bounded Verification of Web Applications Joseph P. Near, Daniel Jackson

    E-print Network

    Jackson, Daniel

    , a popular customer relationship management system. Keywords Formal methods, programming languages, web than a few seconds per specification. In the largest of these applications, a customer relationship management system called Fat Free CRM, Ru- bicon's analysis uncovered a previously unknown security bug

  2. Static Enforcement of Web Application Integrity Through Strong Typing William Robertson

    E-print Network

    Vigna, Giovanni

    security vulnerabilities present in web applications are cross-site scripting (XSS) and SQL injection credentials or to install malware, among other nefarious objectives. SQL injections occur when malicious input this approach can automatically prevent the introduction of both server-side cross-site scripting and SQL

  3. A Study of CAPTCHAs for Securing Web Services

    E-print Network

    Banday, M Tariq

    2011-01-01

    Atomizing various Web activities by replacing human to human interactions on the Internet has been made indispensable due to its enormous growth. However, bots also known as Web-bots which have a malicious intend and pretending to be humans pose a severe threat to various services on the Internet that implicitly assume a human interaction. Accordingly, Web service providers before allowing access to such services use various Human Interaction Proof's (HIPs) to authenticate that the user is a human and not a bot. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a class of HIPs tests and are based on Artificial Intelligence. These tests are easier for humans to qualify and tough for bots to simulate. Several Web services use CAPTCHAs as a defensive mechanism against automated Web-bots. In this paper, we review the existing CAPTCHA schemes that have been proposed or are being used to protect various Web services. We classify them in groups and compare them with each other i...

  4. Building Trust Through Secure Web Sites. The Systems Librarian

    ERIC Educational Resources Information Center

    Breeding, Marshall

    2005-01-01

    Who can be trusted on the Web? These days, with identity theft seemingly rampant, it's more important than ever to take all possible measures to protect privacy and to shield personal information from those who might not have good intentions. Today, librarians also have to take reasonable precautions to ensure that the online services that they…

  5. Web-Based Resources and Applications: Quality and Influence

    ERIC Educational Resources Information Center

    Liu, Leping; Johnson, D. Lamont

    2005-01-01

    This paper evaluates the quality of two major types of Web resources for K-12 education --information for research, and interactive applications for teaching and learning. It discusses an evaluation on the quality of 1,025 pieces of Web information (articles, research reports, news, and statistics) and 900 Web applications (tutorials, drills,…

  6. Building Web Applications with Servlets and JavaServer Pages

    E-print Network

    Janzen, David

    Building Web Applications with Servlets and JavaServer Pages David Janzen Assistant Professor ­ cgi, php, asp, jsp, Servlets · active html ­ html contains a program that runs at the client inside within a web-browser · Java Servlets ­ applications that run within a web-server · JavaScript ­ scripts

  7. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Institute.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real The Data and Application Security and Privacy (DASPY-relationship) vis a vis data ., B trees) Cyber Security Research Status ., B trees) 5 Leading Research with Real

  8. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Institute.profsandhu.com www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real The Data and Application Security-relationship) vis a vis data ., B trees) Cyber Security Research Status ., B trees) 5 Leading Research with Real

  9. 33 CFR 125.55 - Outstanding Port Security Card Applications.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Outstanding Port Security Card... WATERFRONT FACILITIES OR VESSELS § 125.55 Outstanding Port Security Card Applications. A person who has filed an application for a Coast Guard Port Security Card and who did not receive such a document prior...

  10. 33 CFR 125.55 - Outstanding Port Security Card Applications.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Outstanding Port Security Card... WATERFRONT FACILITIES OR VESSELS § 125.55 Outstanding Port Security Card Applications. A person who has filed an application for a Coast Guard Port Security Card and who did not receive such a document prior...

  11. Evaluation of Classifiers: Practical Considerations for Security Applications

    E-print Network

    Baras, John S.

    Evaluation of Classifiers: Practical Considerations for Security Applications Alvaro A. C, biometrics and multimedia forensics. Measur- ing the security performance of these classifiers is an essential part for facilitating decision making, deter- mining the viability of the product

  12. Power laser application for security glass production

    NASA Astrophysics Data System (ADS)

    Abashkin, Vladimir; Achimova, Elena

    2009-09-01

    Modern glass application needs to move from traditional tempering with only average controlled fragmentation of security glass to computerized controlled fragmentation by developing engineered stress profiles in glass article. The new treatment methods of soda-lime float glass using irradiation by power Nd:YAG laser which is moved by robot will be discussed. The transparency of glass for laser wavelength is one of the problems of glass treatment by laser. Noncontact stress control by light scattering will be shown. The two main objectives of this work will be discussed: 1. Glass treatment by power laser beam directed to secure glass production; 2. Control methods of residual stress into float glasses treated by laser.

  13. Power laser application for security glass production

    NASA Astrophysics Data System (ADS)

    Abashkin, Vladimir; Achimova, Elena

    2010-05-01

    Modern glass application needs to move from traditional tempering with only average controlled fragmentation of security glass to computerized controlled fragmentation by developing engineered stress profiles in glass article. The new treatment methods of soda-lime float glass using irradiation by power Nd:YAG laser which is moved by robot will be discussed. The transparency of glass for laser wavelength is one of the problems of glass treatment by laser. Noncontact stress control by light scattering will be shown. The two main objectives of this work will be discussed: 1. Glass treatment by power laser beam directed to secure glass production; 2. Control methods of residual stress into float glasses treated by laser.

  14. Seaweed : a Web application for designing economic games

    E-print Network

    Chilton, Lydia B

    2009-01-01

    Seaweed is a web application for experimental economists with no programming background to design two-player symmetric games in a visual-oriented interface. Games are automatically published to the web where players can ...

  15. Authoring and Maintaining of Educational Applications on the Web.

    ERIC Educational Resources Information Center

    Helic, Denis; Maurer, Hermann; Scherbakov, Nick

    This paper discusses problems concerning the design of educational applications in general, as well as specific problems connected with educational applications meant to be published on the Web. A new approach to the authoring and maintaining of Web-based educational applications is proposed which is based on the concept of hypermedia composites.…

  16. Use of a secure Internet Web site for collaborative medical research.

    PubMed

    Marshall, W W; Haley, R W

    2000-10-11

    Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849. PMID:11025839

  17. WIRM: An Open Source Toolkit for Building Biomedical Web Applications

    PubMed Central

    Jakobovits, Rex M.; Rosse, Cornelius; Brinkley, James F.

    2002-01-01

    This article describes an innovative software toolkit that allows the creation of web applications that facilitate the acquisition, integration, and dissemination of multimedia biomedical data over the web, thereby reducing the cost of knowledge sharing. There is a lack of high-level web application development tools suitable for use by researchers, clinicians, and educators who are not skilled programmers. Our Web Interfacing Repository Manager (WIRM) is a software toolkit that reduces the complexity of building custom biomedical web applications. WIRM’s visual modeling tools enable domain experts to describe the structure of their knowledge, from which WIRM automatically generates full-featured, customizable content management systems. PMID:12386108

  18. APFEL Web: a web-based application for the graphical visualization of parton distribution functions

    E-print Network

    Stefano Carrazza; Alfio Ferrara; Daniele Palazzo; Juan Rojo

    2015-02-26

    We present APFEL Web, a web-based application designed to provide a flexible user-friendly tool for the graphical visualization of parton distribution functions (PDFs). In this note we describe the technical design of the APFEL Web application, motivating the choices and the framework used for the development of this project. We document the basic usage of APFEL Web and show how it can be used to provide useful input for a variety of collider phenomenological studies. Finally we provide some examples showing the output generated by the application.

  19. WAFA: Fine-grained Dynamic Analysis of Web Applications Manar H. Alalfi James R. Cordy Thomas R. Dean

    E-print Network

    Cordy, James R.

    such as web ap- plications. Most web application security vulnerabilities, such as SQL injection and broken of embedded or constructed SQL state- ments. The identification and analysis of these embedded statements ap- plications, allowing us to reason not only about the SQL embedded system, but also about page

  20. Accelerators for Discovery Science and Security applications

    NASA Astrophysics Data System (ADS)

    Todd, A. M. M.; Bluem, H. P.; Jarvis, J. D.; Park, J. H.; Rathke, J. W.; Schultheiss, T. J.

    2015-05-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15-50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 ? mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 ?s. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug-cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

  1. A Web of Things Application Architecture -Integrating the Real-World into the Web

    E-print Network

    for a Common Internet of Things Application Architecture Application development with smart things: Requires of Internet of Things applications and bring it closer to non-specialists?» 15.08.2011 4Dominique Guinard [Mot Development in the Internet of Things [flickr.com/photos/docman] #12;Web of Things Application Architecture 15

  2. Passive terahertz imaging for security application

    NASA Astrophysics Data System (ADS)

    Guo, Lan-tao; Deng, Chao; Zhao, Yuan-meng; Zhang, Cun-lin

    2013-08-01

    The passive detection is safe for passengers and operators as no radiation. Therefore, passive terahertz (THz) imaging can be applied to human body security check. Imaging in the THz band offers the unique property of being able to identify object through a range of materials. Therefore passive THz imaging is meaningful for security applications. This attribute has always been of interest to both the civil and military marks with applications. We took advantage of a single THz detector and a trihedral scanning mirror to propose another passive THz beam scanning imaging method. This method overcame the deficiencies of the serious decline in image quality due to the movement of the focused mirror. We exploited a THz scanning mirror with a trihedral scanning mirror and an ellipsoidal mirror to streamline the structure of the system and increase the scanning speed. Then the passive THz beam scanning imaging system was developed based on this method. The parameters were set as follows: the best imaging distance was 1.7m, the image height was 2m, the image width was 1m, the minimum imaging time of per frame was 8s, and the minimum resolution was 4cm. We imaged humans with different objects hidden under their clothes, such as fruit knife, belt buckle, mobile phone, screwdriver, bus cards, keys and other items. All the tested stuffs could be detected and recognized from the image.

  3. Video performance for high security applications.

    SciTech Connect

    Connell, Jack C.; Norman, Bradley C.

    2010-06-01

    The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

  4. WebViz: A web browser based application for collaborative analysis of 3D data

    NASA Astrophysics Data System (ADS)

    Ruegg, C. S.

    2011-12-01

    In the age of high speed Internet where people can interact instantly, scientific tools have lacked technology which can incorporate this concept of communication using the web. To solve this issue a web application for geological studies has been created, tentatively titled WebViz. This web application utilizes tools provided by Google Web Toolkit to create an AJAX web application capable of features found in non web based software. Using these tools, a web application can be created to act as piece of software from anywhere in the globe with a reasonably speedy Internet connection. An application of this technology can be seen with data regarding the recent tsunami from the major japan earthquakes. After constructing the appropriate data to fit a computer render software called HVR, WebViz can request images of the tsunami data and display it to anyone who has access to the application. This convenience alone makes WebViz a viable solution, but the option to interact with this data with others around the world causes WebViz to be taken as a serious computational tool. WebViz also can be used on any javascript enabled browser such as those found on modern tablets and smart phones over a fast wireless connection. Due to the fact that WebViz's current state is built using Google Web Toolkit the portability of the application is in it's most efficient form. Though many developers have been involved with the project, each person has contributed to increase the usability and speed of the application. In the project's most recent form a dramatic speed increase has been designed as well as a more efficient user interface. The speed increase has been informally noticed in recent uses of the application in China and Australia with the hosting server being located at the University of Minnesota. The user interface has been improved to not only look better but the functionality has been improved. Major functions of the application are rotating the 3D object using buttons. These buttons have been replaced with a new layout that is easier to understand the function and is also easy to use with mobile devices. With these new changes, WebViz is easier to control and use for general use.

  5. Semantic Web Application Areas , C. Bussler2

    E-print Network

    Menczer, Filippo

    potential". Tim Berners-Lee, Director of the World Wide Web Consortium, referred to the future that extends far beyond current capabilities ([Berners-Lee et al., 2001], [Fensel & Musen, 2001]). The explicit

  6. Big Ideas Paper: Enforcing End-to-end Application Security

    E-print Network

    Cambridge, University of

    's address space. To see why this is necessary, consider healthcare data. These may be sensitive for a humanBig Ideas Paper: Enforcing End-to-end Application Security in the Cloud Jean Bacon1 , David Evans1-to-end secure, distributed software by means of thorough, relentless tagging of the security meaning of data

  7. Data Mining Applications for Fraud Detection in Securities Market

    E-print Network

    Zaiane, Osmar R.

    Data Mining Applications for Fraud Detection in Securities Market Koosha Golmohammadi, Osmar R}@ualberta.ca This paper presents an overview of fraud detection in securities market as well as a comprehensive literature for future research works accordingly. Keywords: data mining, fraud detection, securities market, market

  8. External Insider Threat: a Real Security Challenge in Enterprise Value Webs

    E-print Network

    Wieringa, Roel

    insiders, external insiders are not subjected to as many internal controls enforced by the organization control structures, and business-to-business contracts are often insufficiently detailed to establishExternal Insider Threat: a Real Security Challenge in Enterprise Value Webs Virginia N. L

  9. Where Did All the Data Go? Internet Security for Web-based Assessments.

    ERIC Educational Resources Information Center

    Shermis, Mark D.; Averitt, Jason

    2002-01-01

    Outlines a series of security steps that might be taken by researchers or organizations that are contemplating Web-based tests and performance assessments. Focuses on what can be done to avoid the loss, compromising, or modification of data collected by or stored through the Internet. (SLD)

  10. Specification Patent Management for Web Application Platform Ecosystem

    NASA Astrophysics Data System (ADS)

    Fukami, Yoshiaki; Isshiki, Masao; Takeda, Hideaki; Ohmukai, Ikki; Kokuryo, Jiro

    Diversified usage of web applications has encouraged disintegration of web platform into management of identification and applications. Users make use of various kinds of data linked to their identity with multiple applications on certain social web platforms such as Facebook or MySpace. There has emerged competition among web application platforms. Platformers can design relationship with developers by controlling patent of their own specification and adopt open technologies developed external organizations. Platformers choose a way to open according to feature of the specification and their position. Patent management of specification come to be a key success factor to build competitive web application platforms. Each way to attract external developers such as standardization, open source has not discussed and analyzed all together.

  11. Radiation Detection for Homeland Security Applications

    NASA Astrophysics Data System (ADS)

    Ely, James

    2008-05-01

    In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will be reviewed. Opportunities for further research and development to improve the current equipment and methodologies for radiation detection for the important task of homeland security will be the final topic to be discussed.

  12. Creating Web-Based Scientific Applications Using Java Servlets

    NASA Technical Reports Server (NTRS)

    Palmer, Grant; Arnold, James O. (Technical Monitor)

    2001-01-01

    There are many advantages to developing web-based scientific applications. Any number of people can access the application concurrently. The application can be accessed from a remote location. The application becomes essentially platform-independent because it can be run from any machine that has internet access and can run a web browser. Maintenance and upgrades to the application are simplified since only one copy of the application exists in a centralized location. This paper details the creation of web-based applications using Java servlets. Java is a powerful, versatile programming language that is well suited to developing web-based programs. A Java servlet provides the interface between the central server and the remote client machines. The servlet accepts input data from the client, runs the application on the server, and sends the output back to the client machine. The type of servlet that supports the HTTP protocol will be discussed in depth. Among the topics the paper will discuss are how to write an http servlet, how the servlet can run applications written in Java and other languages, and how to set up a Java web server. The entire process will be demonstrated by building a web-based application to compute stagnation point heat transfer.

  13. Students as Designers of Semantic Web Applications

    ERIC Educational Resources Information Center

    Tracy, Fran; Jordan, Katy

    2012-01-01

    This paper draws upon the experience of an interdisciplinary research group in engaging undergraduate university students in the design and development of semantic web technologies. A flexible approach to participatory design challenged conventional distinctions between "designer" and "user" and allowed students to play a role in developing…

  14. Application of laser technology to introduce security features on security documents in order to reduce counterfeiting

    NASA Astrophysics Data System (ADS)

    Hospel, Will G. J. M.

    1998-04-01

    The use of laser technology for application of security features into security documents is introduced and specifically the security features which are applied directly into the security documents itself are covered. This innovative way of working creates effective deterrents to counterfeit and forgery. Laser applied security features become an integral part of the documents and its characteristics are unique and well-distinguishable. Together with the high levels of fineness and accuracy which can be achieved, this makes laser applied security features virtually impossible to reproduce with other means. Furthermore lasers can create first line security features which the public can easily verify with the naked eye. An introduction into laser technology gives better insight into the use of lasers in security documents. The laser offers high flexibility as the security features are created one by one under control of computer programs. As result a laser system can produce unique and personalised security features which can be applied automatically during one of the last production stages of the document. Laser applied security features are at this moment used on banknotes, passports and cheques. Examples of such applications will be shown. Also new types of laser applied security features will be introduced.

  15. Finding Application Errors and Security Flaws Using PQL

    E-print Network

    Livshits, Ben

    stores (API violations)Bad session stores (API violations) SQL injections (security flaws)SQL injections Example: SQL Injection Unvalidated user input passed to aUnvalidated user input passed to a database flawsOne of the top web security flaws #12;SQL Injection 1 HttpServletRequest req = /* ... */;Http

  16. Web Application Design Using Server-Side JavaScript

    SciTech Connect

    Hampton, J.; Simons, R.

    1999-02-01

    This document describes the application design philosophy for the Comprehensive Nuclear Test Ban Treaty Research & Development Web Site. This design incorporates object-oriented techniques to produce a flexible and maintainable system of applications that support the web site. These techniques will be discussed at length along with the issues they address. The overall structure of the applications and their relationships with one another will also be described. The current problems and future design changes will be discussed as well.

  17. WebCORE: A Web application for Collaborative Ontology Reuse and Evaluation

    E-print Network

    Cantador, Iván

    ; modifications on the automatic ontology retrieval strategies; and a collaborative framework to find potential developed, such as as ontology search engines [6] represent an important first step towards automaticallyWebCORE: A Web application for Collaborative Ontology Reuse and Evaluation Iván Cantador, Miriam

  18. Demonstration of the Web-based Interspecies Correlation Estimation (Web-ICE) modeling application

    EPA Science Inventory

    The Web-based Interspecies Correlation Estimation (Web-ICE) modeling application is available to the risk assessment community through a user-friendly internet platform (http://epa.gov/ceampubl/fchain/webice/). ICE models are log-linear least square regressions that predict acute...

  19. Development of Standardized Clinical Training Cases for Diagnosis of Sexual Abuse using a Secure Telehealth Application

    ERIC Educational Resources Information Center

    Frasier, Lori D.; Thraen, Ioana; Kaplan, Rich; Goede, Patricia

    2012-01-01

    Objectives: The training of physicians, nurse examiners, social workers and other health professional on the evidentiary findings of sexual abuse in children is challenging. Our objective was to develop peer reviewed training cases for medical examiners of child sexual abuse, using a secure web based telehealth application (TeleCAM). Methods:…

  20. Machine intelligence applications to securities production

    SciTech Connect

    Johnson, C.K.

    1987-01-01

    The production of security documents provides a cache of interesting problems ranging across a broad spectrum. Some of the problems do not have rigorous scientific solutions available at this time and provide opportunities for less structured approaches such as AI. AI methods can be used in conjunction with traditional scientific and computational methods. The most productive applications of AI occur when this marriage of methods can be carried out without motivation to prove that one method is better than the other. Fields such as ink chemistry and technology, and machine inspection of graphic arts printing offer interesting challenges which will continue to intrigue current and future generations of researchers into the 21st century.

  1. Security Applications Of Computer Motion Detection

    NASA Astrophysics Data System (ADS)

    Bernat, Andrew P.; Nelan, Joseph; Riter, Stephen; Frankel, Harry

    1987-05-01

    An important area of application of computer vision is the detection of human motion in security systems. This paper describes the development of a computer vision system which can detect and track human movement across the international border between the United States and Mexico. Because of the wide range of environmental conditions, this application represents a stringent test of computer vision algorithms for motion detection and object identification. The desired output of this vision system is accurate, real-time locations for individual aliens and accurate statistical data as to the frequency of illegal border crossings. Because most detection and tracking routines assume rigid body motion, which is not characteristic of humans, new algorithms capable of reliable operation in our application are required. Furthermore, most current detection and tracking algorithms assume a uniform background against which motion is viewed - the urban environment along the US-Mexican border is anything but uniform. The system works in three stages: motion detection, object tracking and object identi-fication. We have implemented motion detection using simple frame differencing, maximum likelihood estimation, mean and median tests and are evaluating them for accuracy and computational efficiency. Due to the complex nature of the urban environment (background and foreground objects consisting of buildings, vegetation, vehicles, wind-blown debris, animals, etc.), motion detection alone is not sufficiently accurate. Object tracking and identification are handled by an expert system which takes shape, location and trajectory information as input and determines if the moving object is indeed representative of an illegal border crossing.

  2. Web-based application for voice telediagnostics

    NASA Astrophysics Data System (ADS)

    Lusawa, Adam; Grzanka, Antoni

    2006-10-01

    This paper presents a web-based system for distance acoustic investigation of human voice. The system is dedicated to diagnosis of speech disorders, and can also be used in evaluating voice rehabilitation results. The fundamental part of the paper contains an extensive description of the system for voice telediagnostics. The paper also presents a review of presently applied technologies and methods of voice transmission over the Internet.

  3. Reliability, Compliance and Security of Web-based Pre/Post-testing

    NASA Astrophysics Data System (ADS)

    Bonham, Scott

    2007-01-01

    Pre/post testing is an important tool for improving science education. Standard in-class administration has drawbacks such as `lost' class time and converting data into electronic format. These are not issues for unproctored web-based administration, but there are concerns about assessment validity, compliance rates, and instrument security. A preliminary investigation compared astronomy students taking pre/post tests on paper to those taking the same tests over the web. The assessments included the Epistemological Beliefs Assessment for Physical Science and a conceptual assessment developed for this study. Preliminary results on validity show no significant difference on scores or on most individual questions. Compliance rates were similar between web and paper on the pretest and much better for web on the posttest. Remote monitoring of student activity during the assessments recorded no clear indication of any copying, printing or saving of questions, and no widespread use of the web to search for answers.

  4. Weaving a Secure Web around Education: A Guide to Technology Standards and Security.

    ERIC Educational Resources Information Center

    National Forum on Education Statistics (ED/OERI), Washington, DC.

    The purpose of this guidebook is to assist education agencies and organizations--which include state education agencies or state departments of education, school districts, and schools--in the development, maintenance, and standardization of effective Web sites. Also included is a detailed examination of the procedures necessary to provide…

  5. On enabling secure applications through off-line biometric identification

    SciTech Connect

    Davida, G.I.; Frankel, Y.; Matt, B.J.

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

  6. SIGMA WEB INTERFACE FOR REACTOR DATA APPLICATIONS

    SciTech Connect

    Pritychenko,B.; Sonzogni, A.A.

    2010-05-09

    We present Sigma Web interface which provides user-friendly access for online analysis and plotting of the evaluated and experimental nuclear reaction data stored in the ENDF-6 and EXFOR formats. The interface includes advanced browsing and search capabilities, interactive plots of cross sections, angular distributions and spectra, nubars, comparisons between evaluated and experimental data, computations for cross section data sets, pre-calculated integral quantities, neutron cross section uncertainties plots and visualization of covariance matrices. Sigma is publicly available at the National Nuclear Data Center website at http://www.nndc.bnl.gov/sigma.

  7. Intrusion recovery for database-backed web applications

    E-print Network

    Chandra, Ramesh

    Warp is a system that helps users and administrators of web applications recover from intrusions such as SQL injection, cross-site scripting, and clickjacking attacks, while preserving legitimate user changes. Warp repairs ...

  8. Ajax and Firefox: New Web Applications and Browsers

    ERIC Educational Resources Information Center

    Godwin-Jones, Bob

    2005-01-01

    Alternative browsers are gaining significant market share, and both Apple and Microsoft are releasing OS upgrades which portend some interesting changes in Web development. Of particular interest for language learning professionals may be new developments in the area of Web browser based applications, particularly using an approach dubbed "Ajax."…

  9. Development and evaluation of a dynamic web-based application.

    PubMed

    Hsieh, Yichuan; Brennan, Patricia Flatley

    2007-01-01

    Traditional consumer health informatics (CHI) applications that were developed for lay public on the Web were commonly written in a Hypertext Markup Language (HTML). As genetics knowledge rapidly advances and requires updating information in a timely fashion, a different content structure is therefore needed to facilitate information delivery. This poster will present the process of developing a dynamic database-driven Web CHI application. PMID:18694081

  10. Recent applications of thermal imagers for security assessment

    SciTech Connect

    Bisbee, T.L.

    1997-06-01

    This paper discusses recent applications by Sandia National Laboratories of cooled and uncooled thermal infrared imagers to wide-area security assessment systems. Thermal imagers can solve many security assessment problems associated with the protection of high-value assets at military bases, secure installations, and commercial facilities. Thermal imagers can provide surveillance video from security areas or perimeters both day and night without expensive security lighting. Until fairly recently, thermal imagers required open-loop cryogenic cooling to operate. The high cost of these systems and associated maintenance requirements restricted their widespread use. However, recent developments in reliable, closed-loop, linear drive cryogenic coolers and uncooled infrared imagers have dramatically reduced maintenance requirements, extended MTBF, and are leading to reduced system cost. These technology developments are resulting in greater availability and practicality for military as well as civilian security applications.

  11. SmartNotes: Application of Crowdsourcing to the Detection of Web Threats

    E-print Network

    Fink, Eugene

    detects security threats related to web browsing, such as Internet scams, deceptive sales of substandard--Crowdsourcing, Machine Learning, Web Security. I. INTRODUCTION Cybersecurity threats can be broadly divided to two high-level types. The first type is the threats caused by factors outside the end user's control, such as security

  12. Secure Web-based Ground System User Interfaces over the Open Internet

    NASA Technical Reports Server (NTRS)

    Langston, James H.; Murray, Henry L.; Hunt, Gary R.

    1998-01-01

    A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

  13. A Voice Web Application Based on Dynamic Navigation of VXML

    NASA Astrophysics Data System (ADS)

    Bhingarkar, Sukhada P.

    2010-11-01

    Voice Web, as the name suggests, accesses web resources via voice. VoiceXML is the markup language used to develop speech applications. VoiceXML is interactive and allows voice input to be received and processed by voice browser. Unfortunately, the navigation of VoiceXML document is completely controlled by application developer. Also, the user does not have flexibility to utter random word from currently executing dialog. The aim of the paper is to address the weakness of VoiceXML and develop an application, which dynamically detects recognition candidates in user content, in contrast with recognition candidates of the existing voice web, which depend on the application developer. In this application, a news service is implemented along with dictionary of IT-specific terms and dictionary of words from currently executing news.

  14. Development of a Web-based financial application System

    NASA Astrophysics Data System (ADS)

    Hasan, M. R.; Ibrahimy, M. I.; Motakabber, S. M. A.; Ferdaus, M. M.; Khan, M. N. H.; Mostafa, M. G.

    2013-12-01

    The paper describes a technique to develop a web based financial system, following latest technology and business needs. In the development of web based application, the user friendliness and technology both are very important. It is used ASP .NET MVC 4 platform and SQL 2008 server for development of web based financial system. It shows the technique for the entry system and report monitoring of the application is user friendly. This paper also highlights the critical situations of development, which will help to develop the quality product.

  15. Recent advancements on the development of web-based applications for the implementation of seismic analysis and surveillance systems

    NASA Astrophysics Data System (ADS)

    Friberg, P. A.; Luis, R. S.; Quintiliani, M.; Lisowski, S.; Hunter, S.

    2014-12-01

    Recently, a novel set of modules has been included in the Open Source Earthworm seismic data processing system, supporting the use of web applications. These include the Mole sub-system, for storing relevant event data in a MySQL database (see M. Quintiliani and S. Pintore, SRL, 2013), and an embedded webserver, Moleserv, for serving such data to web clients in QuakeML format. These modules have enabled, for the first time using Earthworm, the use of web applications for seismic data processing. These can greatly simplify the operation and maintenance of seismic data processing centers by having one or more servers providing the relevant data as well as the data processing applications themselves to client machines running arbitrary operating systems.Web applications with secure online web access allow operators to work anywhere, without the often cumbersome and bandwidth hungry use of secure shell or virtual private networks. Furthermore, web applications can seamlessly access third party data repositories to acquire additional information, such as maps. Finally, the usage of HTML email brought the possibility of specialized web applications, to be used in email clients. This is the case of EWHTMLEmail, which produces event notification emails that are in fact simple web applications for plotting relevant seismic data.Providing web services as part of Earthworm has enabled a number of other tools as well. One is ISTI's EZ Earthworm, a web based command and control system for an otherwise command line driven system; another is a waveform web service. The waveform web service serves Earthworm data to additional web clients for plotting, picking, and other web-based processing tools. The current Earthworm waveform web service hosts an advanced plotting capability for providing views of event-based waveforms from a Mole database served by Moleserve.The current trend towards the usage of cloud services supported by web applications is driving improvements in JavaScript, css and HTML, as well as faster and more efficient web browsers, including mobile. It is foreseeable that in the near future, web applications are as powerful and efficient as native applications. Hence the work described here has been the first step towards bringing the Open Source Earthworm seismic data processing system to this new paradigm.

  16. Writing Web 2.0 applications for science archives

    NASA Astrophysics Data System (ADS)

    Roby, William

    2010-07-01

    Writing these sorts of science archive web applications is now possible because of some significant breakthroughs in web technology over the last four years. The Web browser is no longer a glorified batch processing terminal, but an interactive environment that allows the user to have a similar experience as one might expect with an installed desktop application. Taking advantage of this technology requires a significant amount of UI design and advanced interactions with the web server. There are new levels of sophistication required to effectively develop this sort of web application. The IRSA group (NASA/IPAC Infrared Science Archive) is developing web-based software that equally takes advantage of modern technology and is designed to be reused easily. This way we can add new missions and data sets without a large programming effort while keeping the advanced interface. We can now provide true web-based FITS viewing, data overlays, and interaction without any plugins. Our tabular display allows us to filter, sort, and interact with large amounts data in ways that take advantage of the browser's power. This talk will show how we can us AJAX technology, the Google Web Toolkit (GWT), and Java to develop a data archive that is both well designed and creates a truly interactive experience.

  17. COEUS: “semantic web in a box” for biomedical applications

    PubMed Central

    2012-01-01

    Background As the “omics” revolution unfolds, the growth in data quantity and diversity is bringing about the need for pioneering bioinformatics software, capable of significantly improving the research workflow. To cope with these computer science demands, biomedical software engineers are adopting emerging semantic web technologies that better suit the life sciences domain. The latter’s complex relationships are easily mapped into semantic web graphs, enabling a superior understanding of collected knowledge. Despite increased awareness of semantic web technologies in bioinformatics, their use is still limited. Results COEUS is a new semantic web framework, aiming at a streamlined application development cycle and following a “semantic web in a box” approach. The framework provides a single package including advanced data integration and triplification tools, base ontologies, a web-oriented engine and a flexible exploration API. Resources can be integrated from heterogeneous sources, including CSV and XML files or SQL and SPARQL query results, and mapped directly to one or more ontologies. Advanced interoperability features include REST services, a SPARQL endpoint and LinkedData publication. These enable the creation of multiple applications for web, desktop or mobile environments, and empower a new knowledge federation layer. Conclusions The platform, targeted at biomedical application developers, provides a complete skeleton ready for rapid application deployment, enhancing the creation of new semantic information systems. COEUS is available as open source at http://bioinformatics.ua.pt/coeus/. PMID:23244467

  18. NGL Viewer: a web application for molecular visualization.

    PubMed

    Rose, Alexander S; Hildebrand, Peter W

    2015-07-01

    The NGL Viewer (http://proteinformatics.charite.de/ngl) is a web application for the visualization of macromolecular structures. By fully adopting capabilities of modern web browsers, such as WebGL, for molecular graphics, the viewer can interactively display large molecular complexes and is also unaffected by the retirement of third-party plug-ins like Flash and Java Applets. Generally, the web application offers comprehensive molecular visualization through a graphical user interface so that life scientists can easily access and profit from available structural data. It supports common structural file-formats (e.g. PDB, mmCIF) and a variety of molecular representations (e.g. 'cartoon, spacefill, licorice'). Moreover, the viewer can be embedded in other web sites to provide specialized visualizations of entries in structural databases or results of structure-related calculations. PMID:25925569

  19. NGL Viewer: a web application for molecular visualization

    PubMed Central

    Rose, Alexander S.; Hildebrand, Peter W.

    2015-01-01

    The NGL Viewer (http://proteinformatics.charite.de/ngl) is a web application for the visualization of macromolecular structures. By fully adopting capabilities of modern web browsers, such as WebGL, for molecular graphics, the viewer can interactively display large molecular complexes and is also unaffected by the retirement of third-party plug-ins like Flash and Java Applets. Generally, the web application offers comprehensive molecular visualization through a graphical user interface so that life scientists can easily access and profit from available structural data. It supports common structural file-formats (e.g. PDB, mmCIF) and a variety of molecular representations (e.g. ‘cartoon, spacefill, licorice’). Moreover, the viewer can be embedded in other web sites to provide specialized visualizations of entries in structural databases or results of structure-related calculations. PMID:25925569

  20. 78 FR 4393 - Applications for New Awards; Minorities and Retirement Security Program

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-22

    ... SOCIAL SECURITY ADMINISTRATION Applications for New Awards; Minorities and Retirement Security Program... Policy, Social Security Administration. ACTION: Notice. Overview Information: Minorities and Retirement... Education (ED or the Department) and the United States Social Security Administration (SSA). The MRS...

  1. Cloud-enabled Web Applications for Environmental Modelling

    NASA Astrophysics Data System (ADS)

    Vitolo, C.; Buytaert, W.; El-khatib, Y.; Gemmell, A. L.; Reaney, S. M.; Beven, K.

    2012-12-01

    In order to integrate natural and social science, especially in the light of current environmental legislation, efficient management and decision making requires environmental modelling to be easily accessible, portable and flexible. Deploying models as web applications is a feasible solution to some of the above issues. However migrating desktop-based modelling platforms to web based applications is not trivial. The framework in which the models are deployed should comply with worldwide accepted web standards to allow interoperability and ease exchange of information with external sources. Also the chosen models should guarantee a certain degree of flexibility to adapt the modelling exercise to different purposes. In this study we propose an innovative approach to web-modelling, developed as part of the NERC's Environmental Virtual Observatory pilot (EVOp) project for the UK. The proposed approach combines the use of Google Maps APIs to explore available data and the PyWPS implementation of the Open Geospatial Consortium Web Processing Service standard (OGC-WPS) to deploy models implemented in programming languages such as R and Python. As proof-of-concept, a web application was implemented, on the EVOp portal, to assist local communities with local flooding in the Eden catchment in Cumbria (UK). The application simulates the impact of land-use scenarios using the hydrological model Topmodel (Beven and Kirkby, 1979) implemented as a web service using the aforementioned approach. Current developments include the implementation of web applications for diffuse pollution, which adopts the Export Coefficient Model (Jones, 1996), and national flooding which utilises the hydrological model ensemble FUSE (Clark et al., 2008). Topmodel and FUSE are already exposed as stateless OGC-compliant web services. In the future we also aim to produce tools to help manage drought impacts and ecosystem services. The authors would like to thank the valuable contributions of the whole EVOp team.

  2. Runtime Protection and Recovery from Web Application Vulnerabilities

    E-print Network

    Livshits, Ben

    overruns are now far outnumbered by Web application vulnerabilities such as SQL injections and cross. Manipulate applications using malicious data. Common methods used include: · SQL injection: pass input that parameter tampering, SQL injection, and cross-site scripting attacks account for more than a third of all

  3. Secure positioning of wireless devices with application to sensor networks

    E-print Network

    Capkun, Srdjan

    1 Secure positioning of wireless devices with application to sensor networks Srdjan Capkun and Jean Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor the proximity of two devices connected by a wired link. Sastry, Shankar and Wagner [22] propose a new distance

  4. Hardware Enforcement of Application Security Policies Using Tagged Memory

    E-print Network

    Hardware Enforcement of Application Security Policies Using Tagged Memory Nickolai Zeldovich , Hari are notoriously insecure, in part because ap- plication security policies do not map well onto tradi- tional- plication policies can be expressed in terms of informa- tion flow restrictions and enforced in an OS kernel

  5. Big Data Applications in Cloud and Cyber Security

    E-print Network

    Sandhu, Ravi

    Big Data Applications in Cloud and Cyber Security Prof. Ravi Sandhu Executive Director and Endowed Professor UTSA COB Symposium on Big Data, Big Challenges March 17, 2015 ravi.sandhu@utsa.edu www Security 1 #12;© Ravi Sandhu 2 World-Leading Research with Real-World Impact! Big Data Volume Variety

  6. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  7. Spidergl: a Graphics Library for 3d Web Applications

    NASA Astrophysics Data System (ADS)

    Di Benedetto, M.; Corsini, M.; Scopigno, R.

    2011-09-01

    The recent introduction of the WebGL API for leveraging the power of 3D graphics accelerators within Web browsers opens the possibility to develop advanced graphics applications without the need for an ad-hoc plug-in. There are several contexts in which this new technology can be exploited to enhance user experience and data fruition, like e-commerce applications, games and, in particular, Cultural Heritage. In fact, it is now possible to use the Web platform to present a virtual reconstruction hypothesis of ancient pasts, to show detailed 3D models of artefacts of interests to a wide public, and to create virtual museums. We introduce SpiderGL, a JavaScript library for developing 3D graphics Web applications. SpiderGL provides data structures and algorithms to ease the use of WebGL, to define and manipulate shapes, to import 3D models in various formats, and to handle asynchronous data loading. We show the potential of this novel library with a number of demo applications and give details about its future uses in the context of Cultural Heritage applications.

  8. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... How do I file an application for Social Security benefits? (a)...

  9. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... Applications and other forms used in Social Security Administration programs. 422...Section 422.501 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION... Applications and other forms used in Social Security Administration programs....

  10. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... Applications and other forms used in Social Security Administration programs. 422...Section 422.501 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION... Applications and other forms used in Social Security Administration programs....

  11. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... How do I file an application for Social Security benefits? (a)...

  12. Web services in the U.S. geological survey streamstats web application

    USGS Publications Warehouse

    Guthrie, J.D.; Dartiguenave, C.; Ries, Kernell G., III

    2009-01-01

    StreamStats is a U.S. Geological Survey Web-based GIS application developed as a tool for waterresources planning and management, engineering design, and other applications. StreamStats' primary functionality allows users to obtain drainage-basin boundaries, basin characteristics, and streamflow statistics for gaged and ungaged sites. Recently, Web services have been developed that provide the capability to remote users and applications to access comprehensive GIS tools that are available in StreamStats, including delineating drainage-basin boundaries, computing basin characteristics, estimating streamflow statistics for user-selected locations, and determining point features that coincide with a National Hydrography Dataset (NHD) reach address. For the state of Kentucky, a web service also has been developed that provides users the ability to estimate daily time series of drainage-basin average values of daily precipitation and temperature. The use of web services allows the user to take full advantage of the datasets and processes behind the Stream Stats application without having to develop and maintain them. ?? 2009 IEEE.

  13. A microwave imaging spectrometer for security applications

    NASA Astrophysics Data System (ADS)

    Jirousek, Matthias; Peichl, Markus; Suess, Helmut

    2010-04-01

    In recent years the security of people and critical infrastructures is of increasing interest. Passive microwave sensors in the range of 1 - 100 GHz are suitable for the detection of concealed objects and wide-area surveillance through poor weather and at day and night time. The enhanced extraction of significant information about an observed object is enabled by the use of a spectral sensitive system. For such a spectral radiometer in the microwave range also some depth information can be extracted. The usable frequency range is thereby dependent on the application. For through-wall imaging or detection of covert objects such as for example landmines, the lower microwave range is best suited. On the other hand a high spatial resolution requires higher frequencies or instruments with larger physical dimensions. The drawback of a large system is the required movement of a mirror or a deflecting plate in the case of a mechanical scanner system, or a huge amount of receivers in a fully-electronic instrument like a focal plane array. An innovative technique to overcome these problems is the application of aperture synthesis using a highly thinned array. The combination of spectral radiometric measurements within a wide frequency band, at a high resolution, and requiring a minimum of receivers and only minor moving parts led to the development of the ANSAS instrument (Abbildendes Niederfrequenz-Spektrometer mit Apertursynthese). ANSAS is a very flexible aperture synthesis technology demonstrator for the analysis of main features and interactions concerning high spatial resolution and spectral sensing within a wide frequency range. It consists of a rotated linear thinned array and thus the spatial frequency spectrum is measured on concentric circles. Hence the number of receivers and correlators is reduced considerably compared to a fully two-dimensional array, and measurements still can be done in a reasonable time. In this paper the basic idea of ANSAS and its setup are briefly introduced. Some first imaging results showing the basic capabilities are illustrated. Possible error sources and their impacts are discussed by simulation and compared to the measured data.

  14. Neutron detection alternatives to 3He for national security applications

    NASA Astrophysics Data System (ADS)

    Kouzes, Richard T.; Ely, James H.; Erikson, Luke E.; Kernan, Warnick J.; Lintereur, Azaree T.; Siciliano, Edward R.; Stephens, Daniel L.; Stromswold, David C.; Van Ginhoven, Renee M.; Woodring, Mitchell L.

    2010-11-01

    One of the main uses for 3He is in gas proportional counters for neutron detection. Large radiation detection systems deployed for homeland security and proliferation detection applications use such systems. Due to the large increase in use of 3He for homeland security and basic research, the supply has dwindled, and can no longer meet the demand. This has led to the search for an alternative technology to replace the use of 3He-based neutron detectors. In this paper, we review the testing of currently commercially available alternative technologies for neutron detection in large systems used in various national security applications.

  15. Neutron Detection Alternatives to 3He for National Security Applications

    SciTech Connect

    Kouzes, Richard T.; Ely, James H.; Erikson, Luke E.; Kernan, Warnick J.; Lintereur, Azaree T.; Siciliano, Edward R.; Stephens, Daniel L.; Stromswold, David C.; Van Ginhoven, Renee M.; Woodring, Mitchell L.

    2010-11-21

    One of the main uses for 3He is in gas proportional counters for neutron detection. Large radiation detection systems deployed for homeland security and proliferation detection applications use such systems. Due to the large increase in use of 3He for homeland security and basic research, the supply has dwindled, and can no longer meet the demand. This has led to the search for an alternative technology to replace the use of 3He-based neutron detectors. In this paper, we review the testing of currently commercially available alternative technologies for neutron detection in large systems used in various national security applications.

  16. 77 FR 74278 - Proposed Information Collection (Internet Student CPR Web Registration Application); Comment Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-12-13

    ...Information Collection (Internet Student CPR Web Registration Application); Comment Request...information needed to establish an online web registration application. DATES: Written...technology. Title: Internet Student CPR Web Registration Application, VA Form...

  17. Towards a Framework to Measure Security Expertise in Requirements Analysis

    E-print Network

    Breaux, Travis D.

    cyber security risks report in 2011 presents many popular attacks against web applications, such as SQL injection attacks [14]. In addition, the OWASP Top 101 web application security vulnerabilities and the SANS

  18. Data Mining for Security Applications Bhavani Thuraisingham, Latifur Khan, Mohammad M. Masud, Kevin W. Hamlen

    E-print Network

    Hamlen, Kevin W.

    Data Mining for Security Applications Bhavani Thuraisingham, Latifur Khan, Mohammad M. Masud, Kevin, is a growing concern. Security and defense networks, proprietary research, intellectual property, and data to detect security breaches. Data mining has many applications in security including in national security (e

  19. Communicating Health Risks under Pressure: Homeland Security Applications

    SciTech Connect

    Garrahan, K.G.; Collie, S.L.

    2006-07-01

    The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to customization to include radioactive waste management or responses to catastrophic releases of radioactive material due to terrorist actions. (authors)

  20. Web Services Provide Access to SCEC Scientific Research Application Software

    NASA Astrophysics Data System (ADS)

    Gupta, N.; Gupta, V.; Okaya, D.; Kamb, L.; Maechling, P.

    2003-12-01

    Web services offer scientific communities a new paradigm for sharing research codes and communicating results. While there are formal technical definitions of what constitutes a web service, for a user community such as the Southern California Earthquake Center (SCEC), we may conceptually consider a web service to be functionality provided on-demand by an application which is run on a remote computer located elsewhere on the Internet. The value of a web service is that it can (1) run a scientific code without the user needing to install and learn the intricacies of running the code; (2) provide the technical framework which allows a user's computer to talk to the remote computer which performs the service; (3) provide the computational resources to run the code; and (4) bundle several analysis steps and provide the end results in digital or (post-processed) graphical form. Within an NSF-sponsored ITR project coordinated by SCEC, we are constructing web services using architectural protocols and programming languages (e.g., Java). However, because the SCEC community has a rich pool of scientific research software (written in traditional languages such as C and FORTRAN), we also emphasize making existing scientific codes available by constructing web service frameworks which wrap around and directly run these codes. In doing so we attempt to broaden community usage of these codes. Web service wrapping of a scientific code can be done using a "web servlet" construction or by using a SOAP/WSDL-based framework. This latter approach is widely adopted in IT circles although it is subject to rapid evolution. Our wrapping framework attempts to "honor" the original codes with as little modification as is possible. For versatility we identify three methods of user access: (A) a web-based GUI (written in HTML and/or Java applets); (B) a Linux/OSX/UNIX command line "initiator" utility (shell-scriptable); and (C) direct access from within any Java application (and with the correct API interface from within C++ and/or C/Fortran). This poster presentation will provide descriptions of the following selected web services and their origin as scientific application codes: 3D community velocity models for Southern California, geocoordinate conversions (latitude/longitude to UTM), execution of GMT graphical scripts, data format conversions (Gocad to Matlab format), and implementation of Seismic Hazard Analysis application programs that calculate hazard curve and hazard map data sets.

  1. An Effective Regression Testing Approach for PHP Web Applications

    E-print Network

    Do, Hyunsook

    , and in particular, focusing on PHP programs. Our approach identifies the affected areas by code changes using impactAn Effective Regression Testing Approach for PHP Web Applications Aaron Marback, Hyunsook Do analysis and generates new test cases for the impacted areas by changes using program slices considering

  2. Identifying information disclosure in web applications with retroactive auditing

    E-print Network

    still overlook alerts [13], inadvertently disclosing confidential data. Dealing with data leaks can for building web applications that can precisely identify inappropriately disclosed data after a vulnerability with previous inputs once the vulnerability is fixed, to determine what data should have been disclosed. A key

  3. Science gateways for semantic-web-based life science applications.

    PubMed

    Ardizzone, Valeria; Bruno, Riccardo; Calanducci, Antonio; Carrubba, Carla; Fargetta, Marco; Ingrà, Elisa; Inserra, Giuseppina; La Rocca, Giuseppe; Monforte, Salvatore; Pistagna, Fabrizio; Ricceri, Rita; Rotondo, Riccardo; Scardaci, Diego; Barbera, Roberto

    2012-01-01

    In this paper we present the architecture of a framework for building Science Gateways supporting official standards both for user authentication and authorization and for middleware-independent job and data management. Two use cases of the customization of the Science Gateway framework for Semantic-Web-based life science applications are also described. PMID:22942003

  4. An Exploration of Errors in Web Applications in the Context

    E-print Network

    Weimer, Westley

    ;4 The shopping cart #12;5 What is going on · Problem: faults in web applications cause losses of revenueD Dissertation Defense Kinga Dobolyi April 2, 2010 #12;2 The shopping cart #12;3 The shopping cart #12 in Internet retail sales annually · Global online B2B transactions total several $trillions annually · One

  5. The Adversarial Route Analysis Tool: A Web Application

    SciTech Connect

    Casson, William H. Jr.

    2012-08-02

    The Adversarial Route Analysis Tool is a type of Google maps for adversaries. It's a web-based Geospatial application similar to Google Maps. It helps the U.S. government plan operations that predict where an adversary might be. It's easily accessible and maintainble and it's simple to use without much training.

  6. Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications

    SciTech Connect

    Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

    2010-05-24

    This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

  7. Securing a web-based teleradiology platform according to German law and "best practices".

    PubMed

    Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

    2009-01-01

    The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data. PMID:19745407

  8. Interactive, Secure Web-enabled Aircraft Engine Simulation Using XML Databinding Integration

    NASA Technical Reports Server (NTRS)

    Lin, Risheng; Afjeh, Abdollah A.

    2003-01-01

    This paper discusses the detailed design of an XML databinding framework for aircraft engine simulation. The framework provides an object interface to access and use engine data. while at the same time preserving the meaning of the original data. The Language independent representation of engine component data enables users to move around XML data using HTTP through disparate networks. The application of this framework is demonstrated via a web-based turbofan propulsion system simulation using the World Wide Web (WWW). A Java Servlet based web component architecture is used for rendering XML engine data into HTML format and dealing with input events from the user, which allows users to interact with simulation data from a web browser. The simulation data can also be saved to a local disk for archiving or to restart the simulation at a later time.

  9. 17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

  10. 17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

  11. Accessing multimedia content from mobile applications using semantic web technologies

    NASA Astrophysics Data System (ADS)

    Kreutel, Jörn; Gerlach, Andrea; Klekamp, Stefanie; Schulz, Kristin

    2014-02-01

    We describe the ideas and results of an applied research project that aims at leveraging the expressive power of semantic web technologies as a server-side backend for mobile applications that provide access to location and multimedia data and allow for a rich user experience in mobile scenarios, ranging from city and museum guides to multimedia enhancements of any kind of narrative content, including e-book applications. In particular, we will outline a reusable software architecture for both server-side functionality and native mobile platforms that is aimed at significantly decreasing the effort required for developing particular applications of that kind.

  12. Illinois State University Web Privacy Notice and Practices December 2010 Illinois State University is committed to providing a safe and secure Web presence for the campus

    E-print Network

    Branoff, Theodore J.

    is committed to providing a safe and secure Web presence for the campus community, prospective students identifiable information sent is used only for the purpose indicated. Once submitted, visitors can have from surveys may be shared with external third parties in ways that do not compromise privacy. Cookies

  13. 69 FR 497 - Filing of Applications and Related Forms

    Federal Register 2010, 2011, 2012, 2013, 2014

    2004-01-06

    ...Internet applications on our Web site for several types of Social Security benefits. These...1-800-325-0778 or visit our Internet Web site, Social Security Online at http...Internet services on SSA's Web site, Social Security Online...

  14. A semantic sensor web for environmental decision support applications.

    PubMed

    Gray, Alasdair J G; Sadler, Jason; Kit, Oles; Kyzirakos, Kostis; Karpathiotakis, Manos; Calbimonte, Jean-Paul; Page, Kevin; García-Castro, Raúl; Frazer, Alex; Galpin, Ixent; Fernandes, Alvaro A A; Paton, Norman W; Corcho, Oscar; Koubarakis, Manolis; De Roure, David; Martinez, Kirk; Gómez-Pérez, Asunción

    2011-01-01

    Sensing devices are increasingly being deployed to monitor the physical world around us. One class of application for which sensor data is pertinent is environmental decision support systems, e.g., flood emergency response. For these applications, the sensor readings need to be put in context by integrating them with other sources of data about the surrounding environment. Traditional systems for predicting and detecting floods rely on methods that need significant human resources. In this paper we describe a semantic sensor web architecture for integrating multiple heterogeneous datasets, including live and historic sensor data, databases, and map layers. The architecture provides mechanisms for discovering datasets, defining integrated views over them, continuously receiving data in real-time, and visualising on screen and interacting with the data. Our approach makes extensive use of web service standards for querying and accessing data, and semantic technologies to discover and integrate datasets. We demonstrate the use of our semantic sensor web architecture in the context of a flood response planning web application that uses data from sensor networks monitoring the sea-state around the coast of England. PMID:22164110

  15. A Semantic Sensor Web for Environmental Decision Support Applications

    PubMed Central

    Gray, Alasdair J. G.; Sadler, Jason; Kit, Oles; Kyzirakos, Kostis; Karpathiotakis, Manos; Calbimonte, Jean-Paul; Page, Kevin; García-Castro, Raúl; Frazer, Alex; Galpin, Ixent; Fernandes, Alvaro A. A.; Paton, Norman W.; Corcho, Oscar; Koubarakis, Manolis; De Roure, David; Martinez, Kirk; Gómez-Pérez, Asunción

    2011-01-01

    Sensing devices are increasingly being deployed to monitor the physical world around us. One class of application for which sensor data is pertinent is environmental decision support systems, e.g., flood emergency response. For these applications, the sensor readings need to be put in context by integrating them with other sources of data about the surrounding environment. Traditional systems for predicting and detecting floods rely on methods that need significant human resources. In this paper we describe a semantic sensor web architecture for integrating multiple heterogeneous datasets, including live and historic sensor data, databases, and map layers. The architecture provides mechanisms for discovering datasets, defining integrated views over them, continuously receiving data in real-time, and visualising on screen and interacting with the data. Our approach makes extensive use of web service standards for querying and accessing data, and semantic technologies to discover and integrate datasets. We demonstrate the use of our semantic sensor web architecture in the context of a flood response planning web application that uses data from sensor networks monitoring the sea-state around the coast of England. PMID:22164110

  16. Web application for detailed real-time database transaction monitoring for CMS condition data

    NASA Astrophysics Data System (ADS)

    de Gruttola, Michele; Di Guida, Salvatore; Innocente, Vincenzo; Pierro, Antonio

    2012-12-01

    In the upcoming LHC era, database have become an essential part for the experiments collecting data from LHC, in order to safely store, and consistently retrieve, a wide amount of data, which are produced by different sources. In the CMS experiment at CERN, all this information is stored in ORACLE databases, allocated in several servers, both inside and outside the CERN network. In this scenario, the task of monitoring different databases is a crucial database administration issue, since different information may be required depending on different users' tasks such as data transfer, inspection, planning and security issues. We present here a web application based on Python web framework and Python modules for data mining purposes. To customize the GUI we record traces of user interactions that are used to build use case models. In addition the application detects errors in database transactions (for example identify any mistake made by user, application failure, unexpected network shutdown or Structured Query Language (SQL) statement error) and provides warning messages from the different users' perspectives. Finally, in order to fullfill the requirements of the CMS experiment community, and to meet the new development in many Web client tools, our application was further developed, and new features were deployed.

  17. 77 FR 74278 - Proposed Information Collection (Internet Student CPR Web Registration Application); Comment Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-12-13

    ... AFFAIRS Proposed Information Collection (Internet Student CPR Web Registration Application); Comment... solicits comments on information needed to establish an online web registration application. DATES: Written... use of other forms of information technology. Title: Internet Student CPR Web Registration...

  18. Finding Bugs in Web Applications Using Dynamic Test Generation and Explicit State Model Checking

    E-print Network

    Tip, Frank

    2009-03-26

    Web script crashes and malformed dynamically-generated web pages are common errors, and they seriously impact the usability of web applications. Current tools for web-page validation cannot handle the dynamically generated ...

  19. Economics Definitions, Methods, Models, and Analysis Procedures for Homeland Security Applications

    E-print Network

    Economics Definitions, Methods, Models, and Analysis Procedures for Homeland Security Applications Prepared for The Science and Technology Directorate, U.S. Department of Homeland Security Chemical Sector #12;3 Economics Definitions, Methods, Models, and Analysis Procedures for Homeland Security

  20. Database security and encryption technology research and application

    NASA Astrophysics Data System (ADS)

    Zhu, Li-juan

    2013-03-01

    The main purpose of this paper is to discuss the current database information leakage problem, and discuss the important role played by the message encryption techniques in database security, As well as MD5 encryption technology principle and the use in the field of website or application. This article is divided into introduction, the overview of the MD5 encryption technology, the use of MD5 encryption technology and the final summary. In the field of requirements and application, this paper makes readers more detailed and clearly understood the principle, the importance in database security, and the use of MD5 encryption technology.

  1. An open source Java web application to build self-contained Web GIS sites

    NASA Astrophysics Data System (ADS)

    Zavala Romero, O.; Ahmed, A.; Chassignet, E.; Zavala-Hidalgo, J.

    2014-12-01

    This work describes OWGIS, an open source Java web application that creates Web GIS sites by automatically writing HTML and JavaScript code. OWGIS is configured by XML files that define which layers (geographic datasets) will be displayed on the websites. This project uses several Open Geospatial Consortium standards to request data from typical map servers, such as GeoServer, and is also able to request data from ncWMS servers. The latter allows for the displaying of 4D data stored using the NetCDF file format (widely used for storing environmental model datasets). Some of the features available on the sites built with OWGIS are: multiple languages, animations, vertical profiles and vertical transects, color palettes, color ranges, and the ability to download data. OWGIS main users are scientists, such as oceanographers or climate scientists, who store their data in NetCDF files and want to analyze, visualize, share, or compare their data using a website.

  2. Photonics applications and web engineering: WILGA Summer 2015

    NASA Astrophysics Data System (ADS)

    Romaniuk, Ryszard S.

    2015-09-01

    Wilga Summer 2015 Symposium on Photonics Applications and Web Engineering was held on 23-31 May. The Symposium gathered over 350 participants, mainly young researchers active in optics, optoelectronics, photonics, electronics technologies and applications. There were presented around 300 presentations in a few main topical tracks including: bio-photonics, optical sensory networks, photonics-electronics-mechatronics co-design and integration, large functional system design and maintenance, Internet of Thins, and other. The paper is an introduction the 2015 WILGA Summer Symposium Proceedings, and digests some of the Symposium chosen key presentations.

  3. Application of WebGIS in CATV basic network

    NASA Astrophysics Data System (ADS)

    Li, Zhao; Liu, Nan; Liu, Renyi; Bao, Weizheng

    2006-10-01

    This paper analyzes the necessity of the application of WebGIS in CATV basic network. There was almost no research in using WebGIS to manage CATV basic network data in China. This paper briefly introduces how to construct an integrated transaction management system of CATV basic network based on WebGIS, and it forms a database of pivotal points, lines and buildings. CATV basic network based on WebGIS has very great superiority to traditional GIS, anybody can visit the system in anyplace by wired or wireless connection. Therefore it can satisfy the managers who want to query information about network, equipment and customers or response on. In this way the routine network and equipment maintenance becomes easily and fleetly. But WebGIS also has bottle-necks such as vector graphic editing. The editing of vector graphic and attribute play important roles in GIS, especially in CATV basic network management, because equipment, cable and fiber-optic change frequently. This paper develops Zhejiang Jiangshan broadcasting and TV station geographic information system on the basis of ArcIMS platform, and making use of the capability of reading and writing spatial data of ArcSDE to solve vector graphic editing problem.

  4. Specification and Verification of Web Applications in Rewriting Logic

    NASA Astrophysics Data System (ADS)

    Alpuente, María; Ballis, Demis; Romero, Daniel

    This paper presents a Rewriting Logic framework that formalizes the interactions between Web servers and Web browsers through a communicating protocol abstracting HTTP. The proposed framework includes a scripting language that is powerful enough to model the dynamics of complex Web applications by encompassing the main features of the most popular Web scripting languages (e.g. PHP, ASP, Java Servlets). We also provide a detailed characterization of browser actions (e.g. forward/backward navigation, page refresh, and new window/tab openings) via rewrite rules, and show how our models can be naturally model-checked by using the Linear Temporal Logic of Rewriting (LTLR), which is a Linear Temporal Logic specifically designed for model-checking rewrite theories. Our formalization is particularly suitable for verification purposes, since it allows one to perform in-depth analyses of many subtle aspects related to Web interaction. Finally, the framework has been completely implemented in Maude, and we report on some successful experiments that we conducted by using the Maude LTLR model-checker.

  5. Muon Fluence Measurements for Homeland Security Applications

    SciTech Connect

    Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

    2010-08-10

    This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

  6. Social Security Number (SSN) Application Instructions A Social Security Number (SSN) is a unique, 9-digit identification number issued by the US Social Security Administration (SSA).

    E-print Network

    Murphy, Robert F.

    6/2015 Social Security Number (SSN) Application Instructions A Social Security Number (SSN) is a unique, 9-digit identification number issued by the US Social Security Administration (SSA). An SSN to the government. Your SSN and Student ID number are different. When you are asked for these numbers, be clear

  7. Circuits Resilient to Additive Attacks with Applications to Secure Computation

    E-print Network

    International Association for Cryptologic Research (IACR)

    Circuits Resilient to Additive Attacks with Applications to Secure Computation Daniel Genkin arithmetic circuits against additive attacks, which can add an arbitrary fixed value to each wire in the circuit. This extends the notion of algebraic manipulation detection (AMD) codes, which protect

  8. Mobile RFID Applications and Security Konidala M. Divyan, Kwangjo Kim

    E-print Network

    Kim, Kwangjo

    Mobile RFID Applications and Security Challenges Konidala M. Divyan, Kwangjo Kim InformationDong, Daejeon 305732, Republic of Korea {divyan, kkj}@icu.ac.kr Abstract. With mobile RFID technology, handheld portable devices like mobile phones and PDAs, also behave as RFID readers and RFID tags. As RFID readers

  9. Gate-Level Characterization: Foundations and Hardware Security Applications

    E-print Network

    Potkonjak, Miodrag

    hardware intellectual property, and even untrusted members of the design team. Gate-level characterization and manifestation properties. It is a key step in the IC applications regarding cryptography, security, and digital rights management. However, GLC is challenging due to the existence of manufacturing variability (MV

  10. Fully Simulatable Quantum-Secure Coin-Flipping and Applications

    E-print Network

    International Association for Cryptologic Research (IACR)

    of cryptographic protocols in the quan- tum world means, of course, that quantum computation does not jeopardizeFully Simulatable Quantum-Secure Coin-Flipping and Applications Carolin Lunemann and Jesper Buus against poly-sized quantum adver- saries on both sides. It can be implemented with quantum

  11. Share conversion, pseudorandom secretsharing and applications to secure computation

    E-print Network

    Ishai, Yuval

    Share conversion, pseudorandom secret­sharing and applications to secure computation Ronald Cramer@cs.technion.ac.il) Abstract. We present a method for converting shares of a secret into shares of the same secret in a di#erent secret­sharing scheme using only local computation and no communication between players. In particular

  12. Wireless structural monitoring for homeland security applications

    NASA Astrophysics Data System (ADS)

    Kiremidjian, Garo K.; Kiremidjian, Anne S.; Lynch, Jerome P.

    2004-07-01

    This paper addresses the development of a robust, low-cost, low power, and high performance autonomous wireless monitoring system for civil assets such as large facilities, new construction, bridges, dams, commercial buildings, etc. The role of the system is to identify the onset, development, location and severity of structural vulnerability and damage. The proposed system represents an enabling infrastructure for addressing structural vulnerabilities specifically associated with homeland security. The system concept is based on dense networks of "intelligent" wireless sensing units. The fundamental properties of a wireless sensing unit include: (a) interfaces to multiple sensors for measuring structural and environmental data (such as acceleration, displacements, pressure, strain, material degradation, temperature, gas agents, biological agents, humidity, corrosion, etc.); (b) processing of sensor data with embedded algorithms for assessing damage and environmental conditions; (c) peer-to-peer wireless communications for information exchange among units(thus enabling joint "intelligent" processing coordination) and storage of data and processed information in servers for information fusion; (d) ultra low power operation; (e) cost-effectiveness and compact size through the use of low-cost small-size off-the-shelf components. An integral component of the overall system concept is a decision support environment for interpretation and dissemination of information to various decision makers.

  13. (Preliminary field evaluation of solid state cameras for security applications)

    SciTech Connect

    Not Available

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. In general, all-solid-state cameras need to be improved in four areas before they can be used as wholesale replacements for tube cameras in exterior security applications: resolution, sensitivity, contrast, and smear. However, with careful design some of the higher performance cameras can be used for perimeter security systems, and all of the cameras have applications where they are uniquely qualified. Many of the cameras are well suited for interior assessment and surveillance uses, and several of the cameras are well designed as robotics and machine vision devices.

  14. Concept Mapping Your Web Searches: A Design Rationale and Web-Enabled Application

    ERIC Educational Resources Information Center

    Lee, Y.-J.

    2004-01-01

    Although it has become very common to use World Wide Web-based information in many educational settings, there has been little research on how to better search and organize Web-based information. This paper discusses the shortcomings of Web search engines and Web browsers as learning environments and describes an alternative Web search environment…

  15. Noble Gas Excimer Detectors for Security and Safeguards Applications

    SciTech Connect

    Hynes, Michael V.; Lanza, Richard; Chandra, Rico; Davatz, Giovanna

    2011-12-13

    Noble gas excimer detectors are a technology that is common in particle physics research and less common in applications for security and international safeguards. These detectors offer the capability to detect gammas with an energy resolution similar to NaI and to detect neutrons with good energy resolution as well. Depending on the noble gas selected and whether or not it is in a gaseous or liquid state, the sensitivity to gammas and neutrons can be tuned according to the needs of the application. All of this flexibility can be available at a significant cost saving over alternative technologies. This paper will review this detector technology and its applicability to security and safeguards.

  16. A New Security Scheme for Integration of Mobile Agents and Web Services Junqi Zhang, Yan Wang and Vijay Varadharajan

    E-print Network

    Wang, Yan

    type and struc- ture. Additionally, Web services technologies bridge any operating system, hardware technology can reduce the bandwidth requirement and tolerate the network faults - able to operate without is infeasible for mobile agent, and gives an alternative method to current security mech- anism without using

  17. A widget library for creating policy-aware semantic Web applications

    E-print Network

    Hollenbach, James Dylan

    2010-01-01

    In order to truly reap the benefits of the Semantic Web, there must be adequate tools for writing Web applications that aggregate, view, and edit the widely varying data the Semantic Web makes available. As a step toward ...

  18. Finding Bugs in Web Applications Using Dynamic Test Generation and Explicit-State

    E-print Network

    Ernst, Michael

    million domains as of April 2007, including large, well-known websites such as Wikipedia and WordPress serious is that browsers' attempts to compensate for malformed web- pages may lead to crashes and security

  19. Application of web-GIS approach for climate change study

    NASA Astrophysics Data System (ADS)

    Okladnikov, Igor; Gordov, Evgeny; Titov, Alexander; Bogomolov, Vasily; Martynova, Yuliya; Shulgina, Tamara

    2013-04-01

    Georeferenced datasets are currently actively used in numerous applications including modeling, interpretation and forecast of climatic and ecosystem changes for various spatial and temporal scales. Due to inherent heterogeneity of environmental datasets as well as their huge size which might constitute up to tens terabytes for a single dataset at present studies in the area of climate and environmental change require a special software support. A dedicated web-GIS information-computational system for analysis of georeferenced climatological and meteorological data has been created. It is based on OGC standards and involves many modern solutions such as object-oriented programming model, modular composition, and JavaScript libraries based on GeoExt library, ExtJS Framework and OpenLayers software. The main advantage of the system lies in a possibility to perform mathematical and statistical data analysis, graphical visualization of results with GIS-functionality, and to prepare binary output files with just only a modern graphical web-browser installed on a common desktop computer connected to Internet. Several geophysical datasets represented by two editions of NCEP/NCAR Reanalysis, JMA/CRIEPI JRA-25 Reanalysis, ECMWF ERA-40 Reanalysis, ECMWF ERA Interim Reanalysis, MRI/JMA APHRODITE's Water Resources Project Reanalysis, DWD Global Precipitation Climatology Centre's data, GMAO Modern Era-Retrospective analysis for Research and Applications, meteorological observational data for the territory of the former USSR for the 20th century, results of modeling by global and regional climatological models, and others are available for processing by the system. And this list is extending. Also a functionality to run WRF and "Planet simulator" models was implemented in the system. Due to many preset parameters and limited time and spatial ranges set in the system these models have low computational power requirements and could be used in educational workflow for better understanding of basic climatological and meteorological processes. The Web-GIS information-computational system for geophysical data analysis provides specialists involved into multidisciplinary research projects with reliable and practical instruments for complex analysis of climate and ecosystems changes on global and regional scales. Using it even unskilled user without specific knowledge can perform computational processing and visualization of large meteorological, climatological and satellite monitoring datasets through unified web-interface in a common graphical web-browser. This work is partially supported by the Ministry of education and science of the Russian Federation (contract #8345), SB RAS project VIII.80.2.1, RFBR grant #11-05-01190a, and integrated project SB RAS #131.

  20. Application distribution model and related security attacks in VANET

    NASA Astrophysics Data System (ADS)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  1. Practical Pocket PC Application w/Biometric Security

    NASA Technical Reports Server (NTRS)

    Logan, Julian

    2004-01-01

    I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

  2. Potential National Security Applications of Nuclear Resonance Fluorescence Methods

    SciTech Connect

    Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

    2009-06-09

    The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

  3. Build great web search applications quickly with Solr and Blacklight

    NASA Astrophysics Data System (ADS)

    DuPlain, Ron; Balser, Dana S.; Radziwill, Nicole M.

    2010-07-01

    The NRAO faced performance and usability issues after releasing a single-search-box ("Google-like") web application to query data across all NRAO telescope archives. Running queries with several relations across multiple databases proved to be very expensive in compute resources. An investigation for a better platform led to Solr and Blacklight, a solution stack which allows in-house development to focus on in-house problems. Solr is an Apache project built on Lucene to provide a modern search server with a rich set of features and impressive performance. Blacklight is a web user interface (UI) for Solr primarily developed by libraries at the University of Virginia and Stanford University. Though Blacklight targets libraries, it is highly adaptable for many types of search applications which benefit from the faceted searching and browsing, minimal configuration, and flexible query parsing of Solr and Lucene. The result: one highly reused codebase provides for millisecond response times and a flexible UI. Not just for observational data, NRAO is rolling out Solr and Blacklight across domains of library databases, telescope proposals, and more -- in addition to telescope data products, where integration with the Virtual Observatory is on-going.

  4. PUBLISHED IN IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2014 1 Between Worlds: Securing Mixed

    E-print Network

    Hamlen, Kevin W.

    PUBLISHED IN IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2014 1 Between Worlds: Securing. Although Flash and JavaScript security has been examined extensively, the security of un- trusted content, outlining several practical sce- narios that threaten the security of web applications. The severity

  5. StreamStats: A Water Resources Web Application

    USGS Publications Warehouse

    Ries, Kernell G., III; Guthrie, John G.; Rea, Alan H.; Steeves, Peter A.; Stewart, David W.

    2008-01-01

    Streamflow statistics, such as the 1-percent flood, the mean flow, and the 7-day 10-year low flow, are used by engineers, land managers, biologists, and many others to help guide decisions in their everyday work. For example, estimates of the 1-percent flood (the flow that is exceeded, on average, once in 100 years and has a 1-percent chance of being exceeded in any year, sometimes referred to as the 100-year flood) are used to create flood-plain maps that form the basis for setting insurance rates and land-use zoning. This and other streamflow statistics also are used for dam, bridge, and culvert design; water-supply planning and management; water-use appropriations and permitting; wastewater and industrial discharge permitting; hydropower facility design and regulation; and the setting of minimum required streamflows to protect freshwater ecosystems. In addition, researchers, planners, regulators, and others often need to know the physical and climatic characteristics of the drainage basins (basin characteristics) and the influence of human activities, such as dams and water withdrawals, on streamflow upstream from locations of interest to understand the mechanisms that control water availability and quality at those locations. Knowledge of the streamflow network and downstream human activities also is necessary to adequately determine whether an upstream activity, such as a water withdrawal, can be allowed without adversely affecting downstream activities. Streamflow statistics could be needed at any location along a stream. Most often, streamflow statistics are needed at ungaged sites, where no streamflow data are available to compute the statistics. At U.S. Geological Survey (USGS) streamflow data-collection stations, which include streamgaging stations, partial-record stations, and miscellaneous-measurement stations, streamflow statistics can be computed from available data for the stations. Streamflow data are collected continuously at streamgaging stations. Streamflow measurements are collected systematically over a period of years at partial-record stations to estimate peak-flow or low-flow statistics. Streamflow measurements usually are collected at miscellaneous-measurement stations for specific hydrologic studies with various objectives. StreamStats is a Web-based Geographic Information System (GIS) application (fig. 1) that was created by the USGS, in cooperation with Environmental Systems Research Institute, Inc. (ESRI)1, to provide users with access to an assortment of analytical tools that are useful for water-resources planning and management. StreamStats functionality is based on ESRI's ArcHydro Data Model and Tools, described on the Web at http://support.esri.com/index.cfm?fa=downloads.dataModels.filteredGateway&dmid=15. StreamStats allows users to easily obtain streamflow statistics, basin characteristics, and descriptive information for USGS data-collection stations and user-selected ungaged sites. It also allows users to identify stream reaches that are upstream and downstream from user-selected sites, and to identify and obtain information for locations along the streams where activities that may affect streamflow conditions are occurring. This functionality can be accessed through a map-based user interface that appears in the user's Web browser (fig. 1), or individual functions can be requested remotely as Web services by other Web or desktop computer applications. StreamStats can perform these analyses much faster than historically used manual techniques. StreamStats was designed so that each state would be implemented as a separate application, with a reliance on local partnerships to fund the individual applications, and a goal of eventual full national implementation. Idaho became the first state to implement StreamStats in 2003. By mid-2008, 14 states had applications available to the public, and 18 other states were in various stages of implementation.

  6. Supporting Case-Based Learning in Information Security with Web-Based Technology

    ERIC Educational Resources Information Center

    He, Wu; Yuan, Xiaohong; Yang, Li

    2013-01-01

    Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security

  7. Secure web-based access to radiology: forms and databases for fast queries

    NASA Astrophysics Data System (ADS)

    McColl, Roderick W.; Lane, Thomas J.

    2002-05-01

    Currently, Web-based access to mini-PACS or similar databases commonly utilizes either JavaScript, Java applets or ActiveX controls. Many sites do not permit applets or controls or other binary objects for fear of viruses or worms sent by malicious users. In addition, the typical CGI query mechanism requires several parameters to be sent with the http GET/POST request, which may identify the patient in some way; this in unacceptable for privacy protection. Also unacceptable are pages produced by server-side scripts which can be cached by the browser, since these may also contain sensitive information. We propose a simple mechanism for access to patient information, including images, which guarantees security of information, makes it impossible to bookmark the page, or to return to the page after some defined length of time. In addition, this mechanism is simple, therefore permitting rapid access without the need to initially download an interface such as an applet or control. In addition to image display, the design of the site allows the user to view and save movies of multi-phasic data, or to construct multi-frame datasets from entire series. These capabilities make the site attractive for research purposes such as teaching file preparation.

  8. Custom HL7 V3 message provider using web services security features.

    PubMed

    Voos, Javier; Riva, Guillermo; Zerbini, Carlos; Centeno, Carlos; Gonzalez, Eduardo

    2010-01-01

    Due the availability of new data transmission technologies and new standards for medical studies development, e-health systems have had a sustained adoption in recent years. In this scenario, the health systems are incorporating and increasing the health services offering in response to their needs. This paper presents a system able to transmit medical studies using different communication channels providing an effective use of the medical equipment, the data transmission networks and the human resources availability. This system is based on service oriented architecture (SOA) to propose different alternatives in terms of which data needs to be transmitted for the acquired medical study, in order to attend different medical diagnosis providing an efficient use of the available communication channels. About the security implemented for the data transmission, there are different configurations available for encryption and signing at message level, to ensure that messages cannot be changed without detection during the transmission. For message definition, the HL7 V3 standard is implemented and the medical studies are stored in a centralized database located in a web server accessible via Internet to enable second medical opinion from other specialists. PMID:21097078

  9. Using the PL/SQL Cartridge of the Oracle Application Server to Deploy Web Applications

    SciTech Connect

    Begovich, C.L.

    1999-06-14

    Deploying business applications on the internal Web is a priority at Oak Ridge National Laboratory (Lockheed Martin Energy Research) and Lockheed Martin Energy Systems, Inc. as with most corporations. Three separate applications chose the Oracle Application Server (OAS), using the PL/SQL cartridge as a Web deployment method. This method was chosen primarily because the data was already stored in Oracle tables and developers knew HJSQL or at least SQL. The Database Support group had the responsibility of installing, testing, and determining standard methods for interfacing with the PL/SQL cartridge of the OAS. Note that the term Web Application Server was used for version 3, but in this discussion, OAS will be used for both version 3 and version 4.

  10. A Streamflow Statistics (StreamStats) Web Application for Ohio

    USGS Publications Warehouse

    Koltun, G.F.; Kula, Stephanie P.; Puskas, Barry M.

    2006-01-01

    A StreamStats Web application was developed for Ohio that implements equations for estimating a variety of streamflow statistics including the 2-, 5-, 10-, 25-, 50-, 100-, and 500-year peak streamflows, mean annual streamflow, mean monthly streamflows, harmonic mean streamflow, and 25th-, 50th-, and 75th-percentile streamflows. StreamStats is a Web-based geographic information system application designed to facilitate the estimation of streamflow statistics at ungaged locations on streams. StreamStats can also serve precomputed streamflow statistics determined from streamflow-gaging station data. The basic structure, use, and limitations of StreamStats are described in this report. To facilitate the level of automation required for Ohio's StreamStats application, the technique used by Koltun (2003)1 for computing main-channel slope was replaced with a new computationally robust technique. The new channel-slope characteristic, referred to as SL10-85, differed from the National Hydrography Data based channel slope values (SL) reported by Koltun (2003)1 by an average of -28.3 percent, with the median change being -13.2 percent. In spite of the differences, the two slope measures are strongly correlated. The change in channel slope values resulting from the change in computational method necessitated revision of the full-model equations for flood-peak discharges originally presented by Koltun (2003)1. Average standard errors of prediction for the revised full-model equations presented in this report increased by a small amount over those reported by Koltun (2003)1, with increases ranging from 0.7 to 0.9 percent. Mean percentage changes in the revised regression and weighted flood-frequency estimates relative to regression and weighted estimates reported by Koltun (2003)1 were small, ranging from -0.72 to -0.25 percent and -0.22 to 0.07 percent, respectively.

  11. Neutron resonance radiography for security applications

    NASA Astrophysics Data System (ADS)

    Lanza, Richard C.

    2002-11-01

    Fast Neutron Resonance Radiography (NRR) has been devised as an elemental imaging method, with applications such as contraband detection and mineral analysis. In the NRR method, a 2-D elemental mapping of hydrogen, carbon, nitrogen, oxygen and the sum of other elements is obtained from fast neutron radiographic images taken at different neutron energies chosen to cover the resonance cross section features of one or more elements. Images are formed using a lens-coupled plastic scintillator-CCD combination. In preliminary experiments, we have produced NRR images of various simulants using a variable energy neutron beam based on the Li(p,n)Be reaction and a variable energy proton beam. In order to overcome practical limitations to this method, we have studied NRR imaging using the D-D reaction at a fixed incident D energy and scanning through various neutron energies by using the angular variation in neutron energy. The object-detector assembly rotates around the neutron source and different energy (2-6 MeV) neutrons can be obtained at different angles from a D-D neutron source. The radiographic image provides a 2-D mapping of the sum of elemental contents (weighted by the attenuation coefficients). Transmission measurements taken at different neutron energies (angles) form a set of linear equations, which can then be solved to map individual elemental contents.

  12. The research of network database security technology based on web service

    NASA Astrophysics Data System (ADS)

    Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

    2013-03-01

    Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

  13. NEUTRON AND GAMMA RAY DETECTION FOR BORDER SECURITY APPLICATIONS

    SciTech Connect

    Kouzes, Richard T.

    2010-05-21

    Countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments in the U.S. and in a number of other countries by governments and international organizations. Most deployed radiation portal monitor systems are based on plastic scintillator for gamma-ray detection and 3He tubes for neutron detection. The approach to this homeland security application, and lessons learned, are discussed.

  14. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Registration of securities information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR...

  15. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Registration of securities... MARGIN REQUIREMENTS FOR SECURITY FUTURES Regulation Nms-Regulation of the National Market System § 242.609 Registration of securities information processors: form of application and amendments. (a)...

  16. Enhanced Chosen-Ciphertext Security and Applications Dana Dachman-Soled1

    E-print Network

    International Association for Cryptologic Research (IACR)

    Enhanced Chosen-Ciphertext Security and Applications Dana Dachman-Soled1 Georg Fuchsbauer2 Payman Mohassel3 Adam O'Neill4 Abstract We introduce and study a new notion of enhanced chosen-ciphertext security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3 Enhanced Chosen-Ciphertext Security 5 4 Constructions of ECCA-Secure PKE 8 4.1 Adaptivity

  17. 49 CFR 1572.9 - Applicant information required for HME security threat assessment.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Applicant information required for HME security threat assessment. 1572.9 Section 1572.9 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY CREDENTIALING...

  18. 49 CFR 1572.17 - Applicant information required for TWIC security threat assessment.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Applicant information required for TWIC security threat assessment. 1572.17 Section 1572.17 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY CREDENTIALING...

  19. Submitted to IEEE Transactions on Design Automation of Electronic Systems. A previous version appeared in DAC'98 Data Security for Web-based CAD

    E-print Network

    Hauck, Scott

    appeared in DAC'98 Data Security for Web-based CAD Scott Hauck, Stephen Knol Department of Electrical, including VLSI CAD. In this paper we consider the ramifications of the Internet on electronics design within two models for Web-based CAD. We investigate the security of these systems, and propose methods

  20. Advancements in web-database applications for rabies surveillance

    PubMed Central

    2011-01-01

    Background Protection of public health from rabies is informed by the analysis of surveillance data from human and animal populations. In Canada, public health, agricultural and wildlife agencies at the provincial and federal level are responsible for rabies disease control, and this has led to multiple agency-specific data repositories. Aggregation of agency-specific data into one database application would enable more comprehensive data analyses and effective communication among participating agencies. In Québec, RageDB was developed to house surveillance data for the raccoon rabies variant, representing the next generation in web-based database applications that provide a key resource for the protection of public health. Results RageDB incorporates data from, and grants access to, all agencies responsible for the surveillance of raccoon rabies in Québec. Technological advancements of RageDB to rabies surveillance databases include 1) automatic integration of multi-agency data and diagnostic results on a daily basis; 2) a web-based data editing interface that enables authorized users to add, edit and extract data; and 3) an interactive dashboard to help visualize data simply and efficiently, in table, chart, and cartographic formats. Furthermore, RageDB stores data from citizens who voluntarily report sightings of rabies suspect animals. We also discuss how sightings data can indicate public perception to the risk of racoon rabies and thus aid in directing the allocation of disease control resources for protecting public health. Conclusions RageDB provides an example in the evolution of spatio-temporal database applications for the storage, analysis and communication of disease surveillance data. The database was fast and inexpensive to develop by using open-source technologies, simple and efficient design strategies, and shared web hosting. The database increases communication among agencies collaborating to protect human health from raccoon rabies. Furthermore, health agencies have real-time access to a wide assortment of data documenting new developments in the raccoon rabies epidemic and this enables a more timely and appropriate response. PMID:21810215

  1. Web application for automatic prediction of gene translation elongation efficiency.

    PubMed

    Sokolov, Vladimir; Zuraev, Bulat; Lashin, Sergei; Matushkin, Yury

    2015-01-01

    Expression efficiency is one of the major characteristics describing genes in various modern investigations. Expression efficiency of genes is regulated at various stages: transcription, translation, posttranslational protein modification and others. In this study, a special EloE (Elongation Efficiency) web application is described. The EloE sorts the organism's genes in a descend order on their theoretical rate of the elongation stage of translation based on the analysis of their nucleotide sequences. Obtained theoretical data have a significant correlation with available experimental data of gene expression in various organisms. In addition, the program identifies preferential codons in organism's genes and defines distribution of potential secondary structures energy in 5´ and 3´ regions of mRNA. The EloE can be useful in preliminary estimation of translation elongation efficiency for genes for which experimental data are not available yet. Some results can be used, for instance, in other programs modeling artificial genetic structures in genetically engineered experiments. PMID:26527190

  2. An ethernet/IP security review with intrusion detection applications

    SciTech Connect

    Laughter, S. A.; Williams, R. D.

    2006-07-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

  3. GISCube, an Open Source Web-based GIS Application

    NASA Astrophysics Data System (ADS)

    Boustani, M.; Mattmann, C. A.; Ramirez, P.

    2014-12-01

    There are many Earth science projects and data systems being developed at the Jet Propulsion Laboratory, California Institute of Technology (JPL) that require the use of Geographic Information Systems (GIS). Three in particular are: (1) the JPL Airborne Snow Observatory (ASO) that measures the amount of water being generated from snow melt in mountains; (2) the Regional Climate Model Evaluation System (RCMES) that compares climate model outputs with remote sensing datasets in the context of model evaluation and the Intergovernmental Panel on Climate Change and for the U.S. National Climate Assessment and; (3) the JPL Snow Server that produces a snow and ice climatology for the Western US and Alaska, for the U.S. National Climate Assessment. Each of these three examples and all other earth science projects are strongly in need of having GIS and geoprocessing capabilities to process, visualize, manage and store GeoSpatial data. Beside some open source GIS libraries and some software like ArcGIS there are comparatively few open source, web-based and easy to use application that are capable of doing GIS processing and visualization. To address this, we present GISCube, an open source web-based GIS application that can store, visualize and process GIS and GeoSpatial data. GISCube is powered by Geothon, an open source python GIS cookbook. Geothon has a variety of Geoprocessing tools such data conversion, processing, spatial analysis and data management tools. GISCube has the capability of supporting a variety of well known GIS data formats in both vector and raster formats, and the system is being expanded to support NASA's and scientific data formats such as netCDF and HDF files. In this talk, we demonstrate how Earth science and other projects can benefit by using GISCube and Geothon, its current goals and our future work in the area.

  4. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  5. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  6. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must...

  7. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  8. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must...

  9. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must...

  10. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must...

  11. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  12. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  13. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must...

  14. Secure Programming Common Errors

    E-print Network

    Roma "La Sapienza", Università di

    Practical demonstrations of some vulnerable Real World web applications (my totally independent security, May 4, 2009 #12;CWE-209: Error Message Information Leak Chatty or debug error messages could disclose

  15. Study of distributed computing system based on web services

    NASA Astrophysics Data System (ADS)

    Wang, Lu-Feng

    2013-03-01

    For the security issues in distributed computing applications, combined with Web Services management system design and implementation, based on the research of Web Services and its security technology, this paper designs a distributed computing test system based on Web Services, in detail describes its key technologies, which further validates the advantages of Web Services technology for the distributed computing in loosely coupled network environment.

  16. Preliminary field evaluation of solid state cameras for security applications

    SciTech Connect

    Murray, D.W.

    1987-07-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. The results of these tests as well as a description of the test equipment, test sites, and procedures are presented in this report.

  17. Security Applications of Diodes with Unique Current-Voltage Characteristics

    NASA Astrophysics Data System (ADS)

    Rührmair, Ulrich; Jaeger, Christian; Hilgers, Christian; Algasinger, Michael; Csaba, György; Stutzmann, Martin

    Diodes are among the most simple and inexpensive electric components. In this paper, we investigate how random diodes with irregular I(U) curves can be employed for crypto and security purposes. We show that such diodes can be used to build Strong Physical Unclonable Functions (PUFs), Certificates of Authenticity (COAs), and Physically Obfuscated Keys (POKs), making them a broadly usable security tool. We detail how such diodes can be produced by an efficient and inexpensive method known as ALILE process. Furthermore, we present measurement data from real systems and discuss prototypical implementations. This includes the generation of helper data as well as efficient signature generation by elliptic curves and 2D barcode generation for the application of the diodes as COAs.

  18. Intelligent Facial Recognition Systems: Technology advancements for security applications

    SciTech Connect

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  19. A secure Web-based medical digital library architecture based on TTPs.

    PubMed

    Papadakis, I; Chrissikopoulos, V; Polemi, D

    2000-01-01

    In this paper, a secure medical digital library architecture is presented, that is based on the CORBA specifications for distributed systems. Special attention is given to the distinguished nature of medical data, whose integrity and confidentiality should be preserved at all costs. This is achieved through the employment of Trusted Third Parties (TTP) technology for the support of the required security services. PMID:11187625

  20. Perceptions of Accounting Practitioners and Educators on E-Business Curriculum and Web Security Issues

    ERIC Educational Resources Information Center

    Ragothaman, Srinivasan; Lavin, Angeline; Davies, Thomas

    2007-01-01

    This research examines, through survey administration, the perceptions of accounting practitioners and educators with respect to the multi-faceted security issues of e-commerce payment systems as well as e-business curriculum issues. Specific security issues explored include misuse/theft of personal and credit card information, spam e-mails,…

  1. 76 FR 4079 - Information Technology (IT) Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-24

    ... requirement for contractor personnel to meet the NASA System Security Certification Program, and provide a Web... Register (73 FR 73201-73202) on December 2, 2008. The sixty day comment period expired February 2, 2009... applicable Federal IT Security Policies are available at the NASA IT Security Policy Web site at:...

  2. Form SS-5 (08-2011) ef (08-2011) Destroy Prior Editions Application for a Social Security Card

    E-print Network

    Firestone, Jeremy

    Form SS-5 (08-2011) ef (08-2011) Destroy Prior Editions Application for a Social Security Card Page 1 SOCIAL SECURITY ADMINISTRATION Applying for a Social Security Card is free! USE THIS APPLICATION TO: Apply for an original Social Security card Apply for a replacement Social Security card Change

  3. A Visual Architectural Approach to Maintaining Web Applications Ahmed E. Hassan and Richard C. Holt

    E-print Network

    Holt, Richard C.

    A Visual Architectural Approach to Maintaining Web Applications Ahmed E. Hassan and Richard C. Holt aeehassa@plg.uwaterloo.ca September 4, 2002 #12;Abstract Web applications are complex software systems which contain a rich structure with many relations between their components. Web developers are faced

  4. Extracting RESTful Services from Web Applications Bipin Upadhyaya, Foutse Khomh, Ying Zou

    E-print Network

    Zou, Ying

    Extracting RESTful Services from Web Applications Bipin Upadhyaya, Foutse Khomh, Ying Zou.upadhyaya, foutse.khomh, ying.zou}@queensu.ca Abstract-- The Web contains large amount of information and services primarily intended for human users. A Web application offers high user experience and responsiveness. A user

  5. Web Messaging for Open and Scalable Distributed Sensing Applications

    E-print Network

    the Web architecture offers a high degree of interoperability and a low en- try barrier, we propose into isolated islands that hardly interact with each other. Web http://houseA.com/ http://building24.com/ http

  6. Developing a Web-based GIS Application for Earthquake Mapping 

    E-print Network

    Boermel, Christian

    2012-11-29

    The fast technical progress of web-based GIS has enabled visualising complex geographical phenomena for the interested public. This research paper analyses the development of a global earthquake web map which allows the visualisation of significant...

  7. Web Machines : a new platform for application construction and execution

    E-print Network

    Bryant, Robert A., M. Eng. Massachusetts Institute of Technology

    2009-01-01

    In today's world, computer application platforms are becoming increasingly important in providing positive application end-user and developer experiences. While there are many successful application platforms available, ...

  8. A secure cookie scheme Alex X. Liu a,

    E-print Network

    Liu, Alex X.

    A secure cookie scheme Alex X. Liu a, , Jason M. Kovacs b,1 , Mohamed G. Gouda c,2 a Department Accepted 17 January 2012 Available online 31 January 2012 Keywords: Web cookie Web security HTTP and to maintain client states. Many web applications (such as those for electronic commerce) demand a secure

  9. Situating CoWeb: A Scholarship of Application

    ERIC Educational Resources Information Center

    Rick, Jochen; Guzdial, Mark

    2006-01-01

    Since 1998, we have been developing and researching CoWeb, a version of Wiki designed to support collaborative learning. In this article, we summarize our results of situating CoWeb across the academic landscape of Georgia Tech. In architecture, CoWeb enabled faculty to serve more students in a design-based course. In English composition, a…

  10. A web based Tourist / Festival trip Android mobile application 

    E-print Network

    Chang, Jui-wen

    2013-08-07

    developers and users, more of the population is choosing Android than iOS or Windows smartphones. Thus, this study chooses an Android platform combined with web app technology to develop a web based, personal eating and drinking guide. A web app combining a...

  11. The Handicap Principle for Trust in Computer Security, the Semantic Web and Social Networking

    NASA Astrophysics Data System (ADS)

    Ma, Zhanshan (Sam); Krings, Axel W.; Hung, Chih-Cheng

    Communication is a fundamental function of life, and it exists in almost all living things: from single-cell bacteria to human beings. Communication, together with competition and cooperation,arethree fundamental processes in nature. Computer scientists are familiar with the study of competition or 'struggle for life' through Darwin's evolutionary theory, or even evolutionary computing. They may be equally familiar with the study of cooperation or altruism through the Prisoner's Dilemma (PD) game. However, they are likely to be less familiar with the theory of animal communication. The objective of this article is three-fold: (i) To suggest that the study of animal communication, especially the honesty (reliability) of animal communication, in which some significant advances in behavioral biology have been achieved in the last three decades, should be on the verge to spawn important cross-disciplinary research similar to that generated by the study of cooperation with the PD game. One of the far-reaching advances in the field is marked by the publication of "The Handicap Principle: a Missing Piece of Darwin's Puzzle" by Zahavi (1997). The 'Handicap' principle [34][35], which states that communication signals must be costly in some proper way to be reliable (honest), is best elucidated with evolutionary games, e.g., Sir Philip Sidney (SPS) game [23]. Accordingly, we suggest that the Handicap principle may serve as a fundamental paradigm for trust research in computer science. (ii) To suggest to computer scientists that their expertise in modeling computer networks may help behavioral biologists in their study of the reliability of animal communication networks. This is largely due to the historical reason that, until the last decade, animal communication was studied with the dyadic paradigm (sender-receiver) rather than with the network paradigm. (iii) To pose several open questions, the answers to which may bear some refreshing insights to trust research in computer science, especially secure and resilient computing, the semantic web, and social networking. One important thread unifying the three aspects is the evolutionary game theory modeling or its extensions with survival analysis and agreement algorithms [19][20], which offer powerful game models for describing time-, space-, and covariate-dependent frailty (uncertainty and vulnerability) and deception (honesty).

  12. Using Science Driven Technologies for the Defense and Security Applications

    NASA Technical Reports Server (NTRS)

    Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

    2004-01-01

    For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

  13. A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel and Giovanni Vigna

    E-print Network

    Vigna, Giovanni

    A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doup´e, John Mitchell, Chris doupe@asu.edu University of California, Santa Barbara {chris, vigna}@cs.ucsb.edu Abstract Mobile apps that use an embedded web browser, or mobile web apps, make up 85% of the free apps on the Google Play store

  14. A Case Study in Web 2.0 Application Development

    NASA Astrophysics Data System (ADS)

    Marganian, P.; Clark, M.; Shelton, A.; McCarty, M.; Sessoms, E.

    2010-12-01

    Recent web technologies focusing on languages, frameworks, and tools are discussed, using the Robert C. Byrd Green Bank Telescopes (GBT) new Dynamic Scheduling System as the primary example. Within that example, we use a popular Python web framework, Django, to build the extensive web services for our users. We also use a second complimentary server, written in Haskell, to incorporate the core scheduling algorithms. We provide a desktop-quality experience across all the popular browsers for our users with the Google Web Toolkit and judicious use of JQuery in Django templates. Single sign-on and authentication throughout all NRAO web services is accomplished via the Central Authentication Service protocol, or CAS.

  15. Recent trends in print portals and Web2Print applications

    NASA Astrophysics Data System (ADS)

    Tuijn, Chris

    2009-01-01

    For quite some time now, the printing business has been under heavy pressure because of overcapacity, dropping prices and the delocalization of the production to low income countries. To survive in this competitive world, printers have to invest in tools that, on one hand, reduce the production costs and, on the other hand, create additional value for their customers (print buyers). The creation of customer portals on top of prepress production systems allowing print buyers to upload their content, approve the uploaded pages based on soft proofs (rendered by the underlying production system) and further follow-up the generation of the printed material, has been illustrative in this respect. These developments resulted in both automation for the printer and added value for the print buyer. Many traditional customer portals assume that the printed products have been identified before they are presented to the print buyer in the portal environment. The products are, in this case, typically entered by the printing organization in a so-called MISi system after the official purchase order has been received from the print buyer. Afterwards, the MIS system then submits the product to the customer portal. Some portals, however, also support the initiation of printed products by the print buyer directly. This workflow creates additional flexibility but also makes things much more complex. We here have to distinguish between special products that are defined ad-hoc by the print buyer and standardized products that are typically selected out of catalogs. Special products are most of the time defined once and the level of detail required in terms of production parameters is quite high. Systems that support such products typically have a built-in estimation module, or, at least, a direct connection to an MIS system that calculates the prices and adds a specific mark-up to calculate a quote. Often, the markup is added by an account manager on a customer by customer basis; in this case, the ordering process is, of course, not fully automated. Standardized products, on the other hand, are easily identified and the cost charged to the print buyer can be retrieved from predefined price lists. Typically, higher volumes will result in more attractive prices. An additional advantage of this type of products is that they are often defined such that they can be produced in bulk using conventional printing techniques. If one wants to automate the ganging, a connection must be established between the on-line ordering and the production planning system. (For digital printing, there typically is no need to gang products since they can be produced more effectively separately.) Many of the on-line print solutions support additional features also available in general purpose e-commerce sites. We here think of the availability of virtual shopping baskets, the connectivity with payment gateways and the support of special facilities for interfacing with courier services (bar codes, connectivity to courier web sites for tracking shipments etc.). Supporting these features also assumes an intimate link with the print production system. Another development that goes beyond the on-line ordering of printed material and the submission of full pages and/or documents, is the interactive, on-line definition of the content itself. Typical applications in this respect are, e.g., the creation of business cards, leaflets, letter heads etc. On a more professional level, we also see that more and more publishing organizations start using on-line publishing platforms to organize their work. These professional platforms can also be connected directly to printing portals and thus enable extra automation. In this paper, we will discuss for each of the different applications presented above (traditional Print Portals, Web2Print applications and professional, on-line publishing platforms) how they interact with prepress and print production systems and how they contribute to the improvement of the overall operations of a printing organization.

  16. Data Mining Applications in Social Security Yanchang Zhao, Huaifeng Zhang, Longbing Cao, Hans Bohlscheid, Yuming Ou,

    E-print Network

    Cao, Longbing

    Chapter 6 Data Mining Applications in Social Security Yanchang Zhao, Huaifeng Zhang, Longbing Cao mining in social security. The first is an application of decision tree and association rules to find the demo- graphic patterns of customers. Sequence mining is used in the second application to find activity

  17. The FungalWeb Ontology The Core of a Semantic Web Application for Fungal Genomics

    E-print Network

    Haarslev, Volker

    information from different biological databases is under development Introduction The Semantic Web aims]. Additionally, biological data is a mixed bag of data types from different experiments distributed function, biological process and cellular components of gene products. Indeed ontologies have had

  18. Application of infrared imaging systems to maritime security

    NASA Astrophysics Data System (ADS)

    Zeng, Debing

    Enhancing maritime security through video based systems is a very challenging task, not only due to the different scales of vessels to be monitored, but also due to the constantly changing background and environmental conditions. Yet video systems operating in the visible part of the electromagnetic spectrum have established themselves as one of the most crucial tools in maritime security. However, certain inherent limitations such as requirements of proper scene illumination and failure under low visibility weather conditions like fog could be overcome utilizing different spectral regions. Thermal imaging systems present themselves as a good alternative in maritime security. They could overcome these problems and allow for additional detection of local variation of water temperature, yet have been rarely used efficiently in maritime environment evaluated. Here we present a first order study of the advantage of using long-wavelength infrared (LWIR) imaging for diver detection. Within these tasks we study the reasons and effects of bubbles on water surface in laboratory IR imaging study and have determined the changes in infrared emissivity and reflectivity due to the corresponding surface manifestation. This was compared and used to analyze experiments in the Hudson Estuary to the real-world applicability of infrared technology in maritime security application. Utilizing a LWIR camera, we limit ourselves on the detection of the scuba diver as well as the determination of its depth---information normally not obtainable in very low visibility water like the Hudson River. For this purpose we observed the thermal surface signature of the diver and obtained and analyzed its temporal behavior with respect to area, perimeter and infrared brightness. Additional qualitative and quantitative analyses of the area and perimeter growth show different behaviors with more or less pronounced correlation to the diver's depth---yet clearly showing a trend allowing for estimation of the diver's depth based on the IR surface manifestation. To reduce the impact of measurement and data processing errors in this natural very noisy environment, a computer based analysis process was developed and optimized for this very specific application. Based on its assessment previous contradictions in the bubble growth could be resolved.

  19. Network-Based Learning and Assessment Applications on the Semantic Web

    ERIC Educational Resources Information Center

    Gibson, David

    2005-01-01

    Today's Web applications are already "aware" of the network of computers and data on the Internet, in the sense that they perceive, remember, and represent knowledge external to themselves. However, Web applications are generally not able to respond to the meaning and context of the information in their memories. As a result, most applications are…

  20. InkTag: Secure Applications on an Untrusted Operating System

    PubMed Central

    Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

    2014-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  1. InkTag: Secure Applications on an Untrusted Operating System.

    PubMed

    Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

    2013-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  2. kaPoW Plugins: Protecting Web Applications Using Reputation-based Proof-of-Work

    E-print Network

    or forum. Tools like Akismet and CAPTCHA help prevent spam in applications like WordPress or phpBB. However.3 [Communications Applications]: Security 1. INTRODUCTION Internet spam is a problem that refuses to go away. Al applications like Wordpress, phpBB etc. kaPoW is a Proof-of-Work based approach that integrates with several

  3. Application of Near-Space Passive Radar for Homeland Security

    NASA Astrophysics Data System (ADS)

    Wang, Wenqin

    2007-03-01

    To protect the homeland from terrorist attacks employing explosive devices, revolutionary advances across a wide range of technologies are required. Inspired by recent advances in near-space (defined as the region between 20 km and 100 km), this paper proposes a new passive radar system using opportunistic transmitter as an illuminator and near-space platform as a receiver. This concept differs substantially from current radars. This system can be operated as a passive bistatic or multistatic radar and hence largely immune to jamming. By placing the receiver in near-space platforms, many functions that are currently performed with satellites or airplanes could be performed much more cheaply and with much greater operational utility. These advantages make near-space passive attractive for a variety of applications, many of which fit well with the needs of homeland security. This paper details the role of near-space passive radar as sensor system that can support homeland security applications. The strengths and weakness of near-space passive radar, compared to current spaceborne and airborne radars, are detailed. The signal models and processing algorithms for near-space passive radar are provided. It is shown that the use of cost effective near-space platforms can provide the solutions that were previously thought to be out of reach to remote sensing and government customers.

  4. Security applications of a remote electric-field sensor technology

    NASA Astrophysics Data System (ADS)

    Prance, Robert J.; Harland, Christopher J.; Prance, Helen

    2008-10-01

    A new generation of electric field sensors developed at the University of Sussex is enabling an alternative to contact voltage and non-contact magnetic field measurements. We have demonstrated the capability of this technology in a number of areas including ECG through clothing, remote off-body ECG, through wall movement sensing and electric field imaging. Clearly, there are many applications for a generic sensor technology with this capability, including long term vital sign monitoring. The non-invasive nature of the measurement also makes these sensors ideal for man/machine and human/robot interfacing. In addition, there are obvious security and biometric possibilities since we can obtain physiological data remotely, without the knowledge of the subject. This is a clear advantage if such systems are to be used for evaluating the psychological state of a subject. In this paper we report the results obtained with a new version of the sensor which is capable of acquiring electrophysiological signals remotely in an open unshielded laboratory. We believe that this technology opens up a new area of remote biometrics which could have considerable implications for security applications. We have also demonstrated the ability of EPS to function in closely-packed one and two dimensional arrays for real-time imaging.

  5. Nano/micromotors for security/defense applications. A review.

    PubMed

    Singh, Virendra V; Wang, Joseph

    2015-11-19

    The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, 'on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA. PMID:26554557

  6. Community-Oriented Models and Applications for the Social Web 

    E-print Network

    Kashoob, Said Masoud Ali

    2012-07-16

    and Recommendation . . . . 13 3. Web Information Organization . . . . . . . . . . . . . . . . . . . 14 4. Topic Modeling . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.1. Latent Dirichlet Allocation . . . . . . . . . . . . . . . . . . 16 5. Community... of recent research efforts have studied how social bookmark- ing can be used for smarter browsing of web content [6], improved search [7], and other forms of information access (e.g., through tag-based clustering [8]).This type of social-powered web...

  7. Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography

    E-print Network

    International Association for Cryptologic Research (IACR)

    Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography-log key generation (DLKG) protocol from scratch which is adaptively-secure in the non-erasure model threshold Cramer-Shoup cryptosystem. Our results are based on a new adaptively-secure Feldman VSS scheme

  8. Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography ?

    E-print Network

    International Association for Cryptologic Research (IACR)

    Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography discrete-log key generation (DLKG) protocol from scratch which is adaptively-secure in the non, and a SIP UC threshold Cramer-Shoup cryptosystem. Our results are based on a new adaptively-secure Feldman

  9. Development and applications of diffractive optical security devices for banknotes and high value documents

    NASA Astrophysics Data System (ADS)

    Drinkwater, John K.; Holmes, Brian W.; Jones, Keith A.

    2000-04-01

    Embossed holograms and othe rdiffractive optically variable devices are increasingly familiar security items on plastic cards, banknotes, securyt documetns and on branded gods and media to protect against counterfeit, protect copyright and to evidence tamper. This paper outlines some of the diffractive optical seuryt and printed security develoepd for this rapidly growing field and provides examles of some current security applications.

  10. Application of WebGIS for traffic risk assessment

    NASA Astrophysics Data System (ADS)

    Voumard, Jérémie; Aye, Zar Chi; Derron, Marc-Henri; Jaboyedoff, Michel

    2015-04-01

    Roads and railways are threatened throughout the year by several natural hazards around the world, leading to the closing of transportation corridors, loss of access, deviation travels and potentially infrastructures damages and loss of human lives and also financial, social and economic consequences. Protection measures used to reduce the exposure to natural hazards are usually expensive and cannot be deployed on an entire transportation network. It is thus necessary to choose priority areas where protection measures need to be built. The aim of this study is to propose a friendly tool to evaluate and to understand issues and consequences of section closing and affected parts of a transportation network at small region scale. The proposed tool, currently in its design and building phase, will provide ways to simulate different closure scenarios and to analyze their consequences on transportation network; like deviating traffic on others roads and railways sections, additional time and distance travel or accessibility for emergency services like police, firefighters and ambulances. The tool is based on OpenGeo architecture, which is composed of open-source components. It integrates PostGIS for database, GeoServer and GeoWebCache for application servers and finally GeoExt and OpenLayers for user interface. Users will be able to attribute quantitative (like roads and railway type and closure consequences) and qualitative (like section unavailability duration, season, etc.) data to the different roads and railways sections based on their user rights. They will also be able to evaluate different track closures consequences in terms of different scenarios. Once finalized, the goal of this project including natural hazards, traffic and geomatic thematic is to propose a decision support tool for public authorities firstly and for specialists secondly so that they can evaluate easily and accurately as much as possible to highlight the weakpoints of the transportation network in the case track closures due to natural hazards.

  11. A dialogue-based web application enhances personalized access to healthcare professionals – an intervention study

    PubMed Central

    2012-01-01

    Background In today’s short stay hospital settings the contact time for patients is reduced. However, it seems to be more important for the patients that the healthcare professionals are easy to get in contact with during the whole course of treatment, and to have the opportunity to exchange information, as a basis for obtaining individualized information and support. Therefore, the aim was to explore the ability of a dialogue-based application to contribute to accessibility of the healthcare professionals and exchangeability of information. Method An application for online written and asynchronous contacts was developed, implemented in clinical practice, and evaluated. The qualitative effect of the online contact was explored using a Web-based survey comprised of open-ended questions. Results Patients valued the online contacts and experienced feelings of partnership in dialogue, in a flexible and calm environment, which supported their ability to be active partners and feelings of freedom and security. Conclusion The online asynchronous written environment can contribute to accessibility and exchangeability, and add new possibilities for dialogues from which the patients can benefit. The individualized information obtained via online contact empowers the patients. The Internet-based contacts are a way to differentiate and expand the possibilities for contacts outside the few scheduled face-to-face hospital contacts. PMID:22947231

  12. Sound and Precise Analysis of Web Applications for Injection Vulnerabilities

    E-print Network

    Su, Zhendong

    are popular targets of security attacks. One com- mon type of such attacks is SQL injection, where an attacker approaches have been proposed to detect or prevent SQL injections; while dynamic approaches provide analysis technique for SQL injection. Our technique avoids the need for specifica- tions by considering

  13. An Implementation of a Secure Web Client Using SPKI/SDSI Certificates

    E-print Network

    Liskov, Barbara

    by . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Arthur C. Smith Chairman, Department Committee on Graduate Students #12; An Implementation of a Secure Science and Engineering at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY May 2000 c fl Andrew J. Maywah, MM as an everyday network authentication and authorization tool. This is an implementation in C for Unix

  14. Model-based, event-driven programming paradigm for interactive web applications

    E-print Network

    Milicevic, Aleksandar

    Applications are increasingly distributed and event-driven. Advances in web frameworks have made it easier to program standalone servers and their clients, but these applications remain hard to write. A model-based programming ...

  15. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    PubMed Central

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

  16. Wireless sensors and sensor networks for homeland security applications

    PubMed Central

    Potyrailo, Radislav A.; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M.; Kelley-Loughnane, Nancy; Naik, Rajesh R.

    2012-01-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers. PMID:23175590

  17. A secure RFID-based WBAN for healthcare applications.

    PubMed

    Ullah, Sana; Alamri, Atif

    2013-10-01

    A Wireless Body Area Network (WBAN) allows the seamless integration of small and intelligent invasive or non-invasive sensor nodes in, on or around a human body for continuous health monitoring. These nodes are expected to use different power-efficient protocols in order to extend the WBAN lifetime. This paper highlights the power consumption and security issues of WBAN for healthcare applications. Numerous power saving mechanisms are discussed and a secure RFID-based protocol for WBAN is proposed. The performance of the proposed protocol is analyzed and compared with that of IEEE 802.15.6-based CSMA/CA and preamble-based TDMA protocols using extensive simulations. It is shown that the proposed protocol is power-efficient and protects patients' data from adversaries. It is less vulnerable to different attacks compared to that of IEEE 802.15.6-based CSMA/CA and preamble-based TDMA protocols. For a low traffic load and a single alkaline battery of capacity 2.6 Ah, the proposed protocol could extend the WBAN lifetime, when deployed on patients in hospitals or at homes, to approximately five years. PMID:24061704

  18. Wireless sensors and sensor networks for homeland security applications.

    PubMed

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers. PMID:23175590

  19. 36 CFR 1194.22 - Web-based intranet and internet information and applications.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true Web-based intranet and... STANDARDS Technical Standards § 1194.22 Web-based intranet and internet information and applications. (a) A... the presentation. (c) Web pages shall be designed so that all information conveyed with color is...

  20. 36 CFR 1194.22 - Web-based intranet and internet information and applications.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 36 Parks, Forests, and Public Property 3 2011-07-01 2011-07-01 false Web-based intranet and... STANDARDS Technical Standards § 1194.22 Web-based intranet and internet information and applications. (a) A... the presentation. (c) Web pages shall be designed so that all information conveyed with color is...

  1. 36 CFR 1194.22 - Web-based intranet and internet information and applications.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 36 Parks, Forests, and Public Property 3 2012-07-01 2012-07-01 false Web-based intranet and... STANDARDS Technical Standards § 1194.22 Web-based intranet and internet information and applications. (a) A... the presentation. (c) Web pages shall be designed so that all information conveyed with color is...

  2. 36 CFR 1194.22 - Web-based intranet and internet information and applications.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 36 Parks, Forests, and Public Property 3 2014-07-01 2014-07-01 false Web-based intranet and... STANDARDS Technical Standards § 1194.22 Web-based intranet and internet information and applications. (a) A... the presentation. (c) Web pages shall be designed so that all information conveyed with color is...

  3. A Geospatial Integrated Problem Solving Environment for Homeland Security Applications

    SciTech Connect

    Koch, Daniel B

    2010-01-01

    Effective planning, response, and recovery (PRR) involving terrorist attacks or natural disasters come with a vast array of information needs. Much of the required information originates from disparate sources in widely differing formats. However, one common attribute the information often possesses is physical location. The organization and visualization of this information can be critical to the success of the PRR mission. Organizing information geospatially is often the most intuitive for the user. In the course of developing a field tool for the U.S. Department of Homeland Security (DHS) Office for Bombing Prevention, a geospatial integrated problem solving environment software framework was developed by Oak Ridge National Laboratory. This framework has proven useful as well in a number of other DHS, Department of Defense, and Department of Energy projects. An overview of the software architecture along with application examples are presented.

  4. A cascaded iterative Fourier transform algorithm for optical security applications

    NASA Astrophysics Data System (ADS)

    Situ, Guohai; Zhang, Jingjuan

    A cascaded iterative Fourier transform (CIFT) algorithm is presented for optical security applications. Two phase-masks are designed and located in the input and the Fourier domains of a 4-f correlator respectively, in order to implement the optical encryption or authenticity verification. Compared with previous methods, the proposed algorithm employs an improved searching strategy: modifying the phase-distributions of both masks synchronously as well as enlarging the searching space. Computer simulations show that the algorithm results in much faster convergence and better image quality for the recovered image. Each of these masks is assigned to different person. Therefore, the decrypted image can be obtained only when all these masks are under authorization. This key-assignment strategy may reduce the risk of being intruded.

  5. 48 CFR 27.203 - Security requirements for patent applications containing classified subject matter.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... patent applications containing classified subject matter. 27.203 Section 27.203 Federal Acquisition Regulations System FEDERAL ACQUISITION REGULATION GENERAL CONTRACTING REQUIREMENTS PATENTS, DATA, AND COPYRIGHTS Patents and Copyrights 27.203 Security requirements for patent applications containing...

  6. Satellite services for disaster management and security applications

    NASA Astrophysics Data System (ADS)

    Koudelka, Otto; Schrotter, P.

    2007-06-01

    Advantages of communications satellites are the inherent broadcast capability, high bandwidth, reliability and flexibility in network expansion. Small transportable terminals can be made operational very quickly. Recent developments in communications and computer technology allow to provide low-cost equipment, which is affordable even in developing countries. Communications satellites can also play an important role in case of emergencies or natural disasters. The combination of satellite communications and navigation can support new services for emergency teams. At the Institute of Applied Systems Technology and the Institute of Communication Networks and Satellite Communications highly transportable terminals have been developed, both for star and mesh network topologies. A fully meshed VSAT system is used for symmetrical links. For other applications, which do not require high return link capacity an asymmetrical system is an efficient solution. It uses low-cost DVB technology for the forward link and satellite phones with data capability on the return link. Novel multicast protocols allow to use these asymmetrical links in an efficient way. The paper describes the different systems and their applications in disaster management and security applications. Emphasis is put on transfer of remote sensing images and voice over IP (VoIP) as well as videoconference services.

  7. SEAL: A Secure Communication Library for Building Dynamic Group Key Agreement Applications

    E-print Network

    Lui, John C.S.

    SEAL: A Secure Communication Library for Building Dynamic Group Key Agreement Applications Patrick Abstract We present the SEcure communicAtion Library (SEAL), a Linux-based C language application the efficiency of the group key generation). Using SEAL, we developed a testing tool termed Gauger to evaluate

  8. Bistro: A Scalable and Secure Data Transfer Service for Digital Government Applications

    E-print Network

    Samet, Hanan

    -based massive data collection applications. Furthermore, security, due to the need for privacy and integrityBistro: A Scalable and Secure Data Transfer Service for Digital Government Applications at all levels is a major collector and provider of data. In this project we focus on the collection

  9. Enhancing Security of Real-Time Applications on Grids through Dynamic Scheduling

    E-print Network

    Feitelson, Dror

    Enhancing Security of Real-Time Applications on Grids through Dynamic Scheduling Tao Xie Xiao Qin* Department of Computer Science New Mexico Institute of Mining and Technology 801 Leroy Place, Socorro, New Mexico 87801-4796 {xietao, xqin}@cs.nmt.edu Abstract Real-time applications with security requirements

  10. Design and Applications of a Secure and Decentralized Distributed Hash Table

    E-print Network

    , creating many fake identities is cheap; (2) an attacker can subvert periodic routing table maintenanceDesign and Applications of a Secure and Decentralized Distributed Hash Table by Christopher T and Applications of a Secure and Decentralized Distributed Hash Table by Christopher T. Lesniewski-Laas Submitted

  11. 12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law...

  12. 12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 12 Banks and Banking 4 2011-01-01 2011-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law...

  13. 12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 12 Banks and Banking 5 2014-01-01 2014-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law...

  14. 12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 12 Banks and Banking 5 2012-01-01 2012-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law...

  15. 12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 12 Banks and Banking 5 2013-01-01 2013-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law...

  16. Varis: IDE Support for Embedded Client Code in PHP Web Applications

    E-print Network

    Kaestner, Christian

    Varis: IDE Support for Embedded Client Code in PHP Web Applications Hung Viet Nguyen ECp that provides editor services on the client-side code of a PHP-based web application, while it is still embedded within server-side code. Technically, we first perform symbolic execution on a PHP program to approximate

  17. 36 CFR 1194.22 - Web-based intranet and internet information and applications.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ...2012-07-01 2012-07-01 false Web-based intranet and internet information and applications. 1194.22 Section 1194...Technical Standards § 1194.22 Web-based intranet and internet information and applications. (a) A text equivalent for...

  18. Interactive Record/Replay for Web Application Debugging Brian Burg1

    E-print Network

    Ernst, Michael

    practices. Author Keywords Debugging, deterministic replay, web applications ACM Classification Keywords D.2Interactive Record/Replay for Web Application Debugging Brian Burg1 , Richard Bailey1 , Andrew J debugging, a developer must repeatedly and manu- ally reproduce faulty behaviors in order to inspect

  19. Causes of Failure in Web Applications Soila Pertet and Priya Narasimhan

    E-print Network

    failures observed in Web applications. This appendix lists over 40 incidents of real-world site outages the Thanksgiving holiday weekend in 2001, Amazon.com suffered a series of outages, which cost the retailer in Web applications. This appendix lists over 40 incidents of real-world site outages, outlining how

  20. A Framework for Cross-platform Mobile Web Applications Using HTML5 Christos Bouras

    E-print Network

    A Framework for Cross-platform Mobile Web Applications Using HTML5 Christos Bouras Computer. With the emergence of HTML5 these issues can be addressed efficiently since application development is allowed that HTML5 offers for this specific type of devices. Keywords-mobile app; web technology; HTML5; framework

  1. Web-Based Intelligent E-Learning Systems: Technologies and Applications

    ERIC Educational Resources Information Center

    Ma, Zongmin

    2006-01-01

    Collecting and presenting the latest research and development results from the leading researchers in the field of e-learning systems, Web-Based Intelligent E-Learning Systems: Technologies and Applications provides a single record of current research and practical applications in Web-based intelligent e-learning systems. This book includes major…

  2. FoodFit: A Web Application to Illustrate Healthier Food and Physical Activity Choices

    E-print Network

    Toronto, University of

    FoodFit: A Web Application to Illustrate Healthier Food and Physical Activity Choices Meriyan Eren their lifestyles to include healthier food choices and more frequent physical activities. Lack of motivation is a major obstacle to achievement of healthier lifestyle. FoodFit is a web application to illustrate food

  3. Vulnerability Factors in New Web Applications: Audit Tools, Developer Selection & Languages

    E-print Network

    Boneh, Dan

    Vulnerability Factors in New Web Applications: Audit Tools, Developer Selection & Languages Jason--We develop a web application vulnerability metric based on the combined reports of 4 leading commercial black box vulnerability scanners and evaluate this metric using historical benchmarks and our new sample

  4. STING Report: convenient web-based application for graphic and tabular presentations of protein

    E-print Network

    Neshich, Goran

    STING Report: convenient web-based application for graphic and tabular presentations of protein sequence, structure and function descriptors from the STING database Goran Neshich*, Adauto L. Mancini and Accepted October 18, 2004 ABSTRACT The Sting Report is a versatile web-based application for extraction

  5. WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation

    E-print Network

    Manolios, Panagiotis "Pete"

    WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation William G-injection Preventer (WASP) tool, which we used to perform an empirical evaluation on a wide range of Web applications that we subjected to a large and varied set of attacks and legitimate accesses. WASP was able to stop all

  6. DEVELOPMENT, EVALUATION, AND APPLICATION OF A FOOD WEB BIOACCUMULATION MODEL FOR PCBS

    E-print Network

    DEVELOPMENT, EVALUATION, AND APPLICATION OF A FOOD WEB BIOACCUMULATION MODEL FOR PCBS IN THE STRAIT Management Title of Research Project: Development, Evaluation, and Application of a Food Web Bioaccumulation Model for PCBs in the Strait of Georgia, British Columbia Report No.: 413 Examining Committee

  7. Bachelor of Science -CyberSecurity -Students Entering Fall 2009 Study Plan / Application for Candidacy(check one) or later

    E-print Network

    Mordohai, Philippos

    Bachelor of Science - CyberSecurity - Students Entering Fall 2009 Study Plan / Application - Secure Systems 3.0 VII CS577 - CyberSecurity Lab 3.0 VIII CS552 - Software Engineering & Practice II 2 3.0 #12;Bachelor of Science - CyberSecurity - Students Entering Fall 2009 Study Plan / Application

  8. Environmental security planning : an application to the Longwood Medical Area

    E-print Network

    Garmaise, Miriam Gail

    1982-01-01

    The thesis is a study of the security problems due to street crime in the Longwood Medical Area of Boston. The first part of the thesis defines the theories and practices of environmental security .planning, the urban ...

  9. Anomaly Discovery and Resolution in Web Access Control Policies

    E-print Network

    Duchowski, Andrew T.

    unintended security leakages by unauthorized actions in business services while providing more convenient ser. INTRODUCTION With the explosive growth of Web applications and Web services deployed on the Internet, the use

  10. Web 2.0 Technologies: Applications for Community Colleges

    ERIC Educational Resources Information Center

    Bajt, Susanne K.

    2011-01-01

    The current generation of new students, referred to as the Millennial Generation, brings a new set of challenges to the community college. The influx of these technologically sophisticated students, who interact through the social phenomenon of Web 2.0 technology, bring expectations that may reshape institutions of higher learning. This chapter…

  11. Adaptation of web pages and images for mobile applications

    NASA Astrophysics Data System (ADS)

    Kopf, Stephan; Guthier, Benjamin; Lemelson, Hendrik; Effelsberg, Wolfgang

    2009-02-01

    In this paper, we introduce our new visualization service which presents web pages and images on arbitrary devices with differing display resolutions. We analyze the layout of a web page and simplify its structure and formatting rules. The small screen of a mobile device is used much better this way. Our new image adaptation service combines several techniques. In a first step, border regions which do not contain relevant semantic content are identified. Cropping is used to remove these regions. Attention objects are identified in a second step. We use face detection, text detection and contrast based saliency maps to identify these objects and combine them into a region of interest. Optionally, the seam carving technique can be used to remove inner parts of an image. Additionally, we have developed a software tool to validate, add, delete, or modify all automatically extracted data. This tool also simulates different mobile devices, so that the user gets a feeling of how an adapted web page will look like. We have performed user studies to evaluate our web and image adaptation approach. Questions regarding software ergonomics, quality of the adapted content, and perceived benefit of the adaptation were asked.

  12. 76 FR 8755 - Privacy Act of 1974; Department of Homeland Security/ALL-032 Official Passport Application and...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-02-15

    ...1974; Department of Homeland Security/ALL--032 Official Passport Application and...Department of Homeland Security/ ALL--032 Official Passport Application and...Washington, DC 20528. Instructions: All submissions received must include the...

  13. Bacteriorhodopsin-based photochromic pigments for optical security applications

    NASA Astrophysics Data System (ADS)

    Hampp, Norbert A.; Fischer, Thorsten; Neebe, Martin

    2002-04-01

    Bacteriorhodopsin is a two-dimensional crystalline photochromic protein which is astonishingly stable towards chemical and thermal degradation. This is one of the reasons why this is one of the very few proteins which may be used as a biological pigment in printing inks. Variants of the naturally occurring bacteriorhodopsin have been developed which show a distinguished color change even with low light intensities and without the requirement of UV-light. Several pigments with different color changes are available right now. In addition to this visual detectable feature, the photochromism, the proteins amino acid sequence can be genetically altered in order to code and identify specific production lots. For advanced applications the data storage capability of bacteriorhodopsin will be useful. Write-once-read-many (WORM) recording of digital data is accomplished by laser excitation of printed bacteriorhodopsin inks. A density of 1 MBit per square inch is currently achieved. Several application examples for this biological molecule are described where low and high level features are used in combination. Bacteriorhodopsin-based inks are a new class of optical security pigments.

  14. Modulated digital images for biometric and other security applications

    NASA Astrophysics Data System (ADS)

    McCarthy, Lawry D.; Lee, Robert A.; Swiegers, Gerhard F.

    2004-06-01

    There are, in general, two ways for an observer to deal with light that is incorrect in some way (e.g. which is partially out of focus). One approach is to correct the error (e.g. by using a lens to selectively bend the light). Another approach employs selective masking to block those portions of the light which are unwanted (e.g. out of focus). The principle of selective masking is used in a number of important industries. However it has not found widespread application in the field of optical security devices. This work describes the selective masking, or modulation, of digital images as a means of creating documents and transparent media containing overt or covert biometric and other images. In particular, we show how animation effects, flash-illumination features, color-shifting patches, information concealment devices, and biometric portraiture in various settings can be incorporated in transparent media like plastic packaging materials, credit cards, and plastic banknotes. We also demonstrate the application of modulated digital images to the preparation of optically variable diffractive foils which are readily customized to display biometric portraits and information. Selective masking is shown to be an important means of creating a diverse range of effects useful in authentication. Such effects can be readily and inexpensively produced without the need, for example, to fabricate lenses on materials which may not be conducive in this respect.

  15. A versatile digital video engine for safeguards and security applications

    SciTech Connect

    Hale, W.R.; Johnson, C.S.; DeKeyser, P.

    1996-08-01

    The capture and storage of video images have been major engineering challenges for safeguard and security applications since the video camera provided a method to observe remote operations. The problems of designing reliable video cameras were solved in the early 1980`s with the introduction of the CCD (charged couple device) camera. The first CCD cameras cost in the thousands of dollars but have now been replaced by cameras costing in the hundreds. The remaining problem of storing and viewing video images in both attended and unattended video surveillance systems and remote monitoring systems is being solved by sophisticated digital compression systems. One such system is the PC-104 three card set which is literally a ``video engine`` that can provide power for video storage systems. The use of digital images in surveillance systems makes it possible to develop remote monitoring systems, portable video surveillance units, image review stations, and authenticated camera modules. This paper discusses the video card set and how it can be used in many applications.

  16. Data Recovery for Web Applications Istemi Ekin Akkus

    E-print Network

    Goel, Ashvin

    benefits, this design raises a serious problem because a bug or misconfiguration causing data loss applications. Our system tracks application requests and reuses undo logs already kept by databases to selectively recover from corrupting requests and their effects. The main challenge is to correlate requests

  17. Web Applications That Promote Learning Communities in Today's Online Classrooms

    ERIC Educational Resources Information Center

    Reigle, Rosemary R.

    2015-01-01

    The changing online learning environment requires that instructors depend less on the standard tools built into most educational learning platforms and turn their focus to use of Open Educational Resources (OERs) and free or low-cost commercial applications. These applications permit new and more efficient ways to build online learning communities…

  18. Holistic Query Transformations for Dynamic Web Applications Amit Manjhi

    E-print Network

    Maggs, Bruce M.

    applications suffer from unpredictable load, particularly due to breaking news (e.g., Hurricane Katrina request, an application server runs one or more of these programs to generate the response. These programs, in turn, issue database queries to obtain the data needed for generating the response. Frequently, the pro

  19. Educators' Perceived Importance of Web 2.0 Technology Applications

    ERIC Educational Resources Information Center

    Pritchett, Christal C.; Wohleb, Elisha C.; Pritchett, Christopher G.

    2013-01-01

    This research study was designed to examine the degree of perceived importance of interactive technology applications among various groups of certified educators; the degree to which education professionals utilized interactive online technology applications and to determine if there was a significant difference between the different groups based…

  20. Toward Automated Detection of Logic Vulnerabilities in Web Applications

    E-print Network

    Vigna, Giovanni

    applications have mostly focused on input validation flaws, such as cross- site scripting and SQL injection (XSS) [20] and SQL injection vulnerabilities [3, 32]. With XSS, an application sends to a client output is then executed on the client's browser. In the case of SQL injection, an attacker provides malicious input

  1. Rapid response radiation sensors for homeland security applications

    NASA Astrophysics Data System (ADS)

    Mukhopadhyay, Sanjoy; Maurer, Richard; Guss, Paul

    2014-09-01

    The National Security Technologies, LLC, Remote Sensing Laboratory is developing a rapid response radiation detection system for homeland security field applications. The intelligence-driven system is deployed only when non-radiological information about the target is verifiable. The survey area is often limited, so the detection range is small; in most cases covering a distance of 10 meters or less suffices. Definitive response is required in no more than 3 seconds and should minimize false negative alarms, but can err on the side of positive false alarms. The detection system is rapidly reconfigurable in terms of size, shape, and outer appearance; it is a plug-and-play system. Multiple radiation detection components (viz., two or more sodium iodide scintillators) are used to independently "over-determine" the existence of the threat object. Rapid response electronic dose rate meters are also included in the equipment suite. Carefully studied threat signatures are the basis of the decision making. The use of Rad-Detect predictive modeling provides information on the nature of the threat object. Rad-Detect provides accurate dose rate from heavily shielded large sources; for example those lost in Mexico were Category 1 radiation sources (~3,000 Ci of 60Co), the most dangerous of five categories defined by the International Atomic Energy Agency. Taken out of their shielding containers, Category 1 sources can kill anyone who is exposed to them at close range for a few minutes to an hour. Whenever possible sub-second data acquisition will be attempted, and, when deployed, the system will be characterized for false alarm rates. Although the radiation detection materials selected are fast (viz., faster scintillators), their speed is secondary to sensitivity, which is of primary importance. Results from these efforts will be discussed and demonstrated.

  2. Application of the JDL data fusion process model for cyber security

    NASA Astrophysics Data System (ADS)

    Giacobe, Nicklaus A.

    2010-04-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

  3. Visual Security Policy for the Web Terri Oda and Anil Somayaji

    E-print Network

    Somayaji, Anil

    allow parts of a page to interact when they should be isolated. Such vulnerabil- ities can be mitigated such boundaries, but existing methods re- quire relatively sophisticated knowledge of web technolo- gies. To make policies. We also show how these tools can be used to protect against cross-site scripting (XSS) attacks

  4. Security engineering: systems engineering of security through the adaptation and application of risk management

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  5. BioFET-SIM Web Interface: Implementation and Two Applications

    PubMed Central

    Hediger, Martin R.; Jensen, Jan H.; De Vico, Luca

    2012-01-01

    We present a web interface which allows us to conveniently set up calculations based on the BioFET-SIM model. With the interface, the signal of a BioFET sensor can be calculated depending on its parameters, as well as the signal dependence on pH. As an illustration, two case studies are presented. In the first case, a generic peptide with opposite charges on both ends is inverted in orientation on a semiconducting nanowire surface leading to a corresponding change in sign of the computed sensitivity of the device. In the second case, the binding of an antibody/antigen complex on the nanowire surface is studied in terms of orientation and analyte/nanowire surface distance. We demonstrate how the BioFET-SIM web interface can aid in the understanding of experimental data and postulate alternative ways of antibody/antigen orientation on the nanowire surface. PMID:23056201

  6. Research on Web-based Scientific Computing Legacy Application Sharing

    NASA Astrophysics Data System (ADS)

    Zhang, Yong; Cui, Bin-Ge

    With the development of Internet technology, A legion of scientific computing legacy programs with rich domain knowledge and expertise were distributed across various disciplines. As the program implementations or interfaces and so on, scientific computing legacy programs can not be shared through the Internet. This paper proposes a method of packaging scientific computing legacy programs into DLL(Dynamic Link Library), and packaging them into Web services through the C# reflection, making the scientific computing legacy programs successfully share on the Internet.

  7. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    PubMed Central

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  8. A secure web-based approach for accessing transitional health information for people with traumatic brain injury.

    PubMed

    Lemaire, E D; Deforge, D; Marshall, S; Curran, D

    2006-03-01

    A web-based transitional health record was created to provide regional healthcare professionals with ubiquitous access to information on people with brain injuries as they move through the healthcare system. Participants included public, private, and community healthcare organizations/providers in Eastern Ontario (Canada). One hundred and nineteen service providers and 39 brain injury survivors registered over 6 months. Fifty-eight percent received English and 42% received bilingual services (English-French). Public health providers contacted the regional service coordinator more than private providers (52% urban centres, 26% rural service providers, and 22% both areas). Thirty-five percent of contacts were for technical difficulties, 32% registration inquiries, 21% forms and processes, 6% resources, and 6% education. Seventeen technical enquiries required action by technical support personnel: 41% digital certificates, 29% web forms, and 12% log-in. This web-based approach to clinical information sharing provided access to relevant data as clients moved through or re-entered the health system. Improvements include automated digital certificate management, institutional health records system integration, and more referral tracking tools. More sensitive test data could be accessed on-line with increasing consumer/clinician confidence. In addition to a strong technical infrastructure, human resource issues are a major information security component and require continuing attention to ensure a viable on-line information environment. PMID:16469409

  9. SALT: An XML Application for Web-based Multimodal Dialog Kuansan Wang

    E-print Network

    SALT: An XML Application for Web-based Multimodal Dialog Management Kuansan Wang Speech Technology://research.microsoft.com/stg Abstract This paper describes the Speech Application Language Tags, or SALT, an XML based spoken dialog standard for multimodal or speech-only applications. A key premise in SALT design is that speech

  10. Skyalert: A Web Application to Manage Astronomical Transients

    NASA Astrophysics Data System (ADS)

    Graham, Matthew; Williams, R. D.; Djorgovski, S. D.; Drake, A. J.; Mahabal, A.

    2009-05-01

    Skyalert.org is a web-based management system for collecting and disseminating observations about time-critical astronomical transients, and for adding annotations and intelligent machine-learning to those observations. The information is "pushed” to subscribers, who may be either humans (email, text message etc) or they may be machines that control telescopes. Subscribers can prepare precise "trigger rules” to decide which events should reach them and their robots, rules that may be based on sky position, or on the specific vocabulary of parameters that define a particular type of event. Each event has its own web page updated immediately when new information comes, with long-lived URLs and wiki capability. The subscriber has an account on the web, and builds the trigger-rules and watch-lists there, defining decision criteria about future events. As soon as the transient event is seen and causes trigger, a message can be pushed to the subscriber, email, IM, text-message, etc. Annotations can be fetched automatically and immediately from the archives, such as SDSS, DSS, NED, Simbad, or other Virtual Observatory resources. Other actions upon event arrival include immediate running of data mining or classification modules, based on the event and past data. Skyalert can also drive robotic telescopes through the HTN and dc3.org schedulers; it can evaluate joint trigger rules such as "magnitude difference from SDSS". Skyalert is a component system allowing pluggable custom data mining modules, distributed intelligence, and a central point of information for each transient. Our twin thrusts are automation of process, and discrimination of interesting events.

  11. A web application for cotton irrigation management on the U.S. southern high plains. Part II: Application design

    Technology Transfer Automated Retrieval System (TEKTRAN)

    A web-based application to help Southern High Plains cotton producers estimate profitability under center pivot irrigated production is described. The application’s crop modeling and general profit calculation approach are outlined in a preceding companion paper, while additional details of the prof...

  12. The application of data mining technology in the quality and security of agricultural products

    NASA Astrophysics Data System (ADS)

    Li, Huaqin; Luo, Ying

    The quality and security of agricultural products is the hot issue with public attention in China and also one of the issues that Chinese government attaches great importance to. This paper describes the principle of data mining technology and based on the environmental information data of agricultural production and the quality-security testing data of agricultural products, analyses the application of data mining technology in the quality and security of agricultural products.

  13. Application of information theory methods to food web reconstruction

    USGS Publications Warehouse

    Moniz, L.J.; Cooch, E.G.; Ellner, S.P.; Nichols, J.D.; Nichols, J.M.

    2007-01-01

    In this paper we use information theory techniques on time series of abundances to determine the topology of a food web. At the outset, the food web participants (two consumers, two resources) are known; in addition we know that each consumer prefers one of the resources over the other. However, we do not know which consumer prefers which resource, and if this preference is absolute (i.e., whether or not the consumer will consume the non-preferred resource). Although the consumers and resources are identified at the beginning of the experiment, we also provide evidence that the consumers are not resources for each other, and the resources do not consume each other. We do show that there is significant mutual information between resources; the model is seasonally forced and some shared information between resources is expected. Similarly, because the model is seasonally forced, we expect shared information between consumers as they respond to the forcing of the resources. The model that we consider does include noise, and in an effort to demonstrate that these methods may be of some use in other than model data, we show the efficacy of our methods with decreasing time series size; in this particular case we obtain reasonably clear results with a time series length of 400 points. This approaches ecological time series lengths from real systems.

  14. Foundational Security Principles for Medical Application Platforms* (Extended Abstract)

    PubMed Central

    Vasserman, Eugene Y.; Hatcliff, John

    2014-01-01

    We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals. PMID:25599096

  15. NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

    NASA Technical Reports Server (NTRS)

    Tompkins, F. G.

    1984-01-01

    The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

  16. Laser-induced breakdown spectroscopy in industrial and security applications

    SciTech Connect

    Bol'shakov, Alexander A.; Yoo, Jong H.; Liu Chunyi; Plumer, John R.; Russo, Richard E.

    2010-05-01

    Laser-induced breakdown spectroscopy (LIBS) offers rapid, localized chemical analysis of solid or liquid materials with high spatial resolution in lateral and depth profiling, without the need for sample preparation. Principal component analysis and partial least squares algorithms were applied to identify a variety of complex organic and inorganic samples. This work illustrates how LIBS analyzers can answer a multitude of real-world needs for rapid analysis, such as determination of lead in paint and children's toys, analysis of electronic and solder materials, quality control of fiberglass panels, discrimination of coffee beans from different vendors, and identification of generic versus brand-name drugs. Lateral and depth profiling was performed on children's toys and paint layers. Traditional one-element calibration or multivariate chemometric procedures were applied for elemental quantification, from single laser shot determination of metal traces at {approx}10 {mu}g/g to determination of halogens at 90 {mu}g/g using 50-shot spectral accumulation. The effectiveness of LIBS for security applications was demonstrated in the field by testing the 50-m standoff LIBS rasterizing detector.

  17. Recent Advances in Infrasound Science for National Security Applications

    NASA Astrophysics Data System (ADS)

    Arrowsmith, S.; Blom, P. S.; Marcillo, O. E.; Whitaker, R. W.

    2014-12-01

    Infrasound is sound below the frequency-threshold of human hearing, covering the frequency range from 0.01 - 20 Hz. Infrasound science studies the generation, propagation, measurement, and analysis of infrasound. Sources of infrasound include a wide variety of energetic natural and manmade phenomena that include chemical and nuclear explosions, rockets and missiles, and aircraft. The dominant factors influencing the propagation of infrasound are the spatial and temporal variations in temperature, wind speed, and wind direction. In recent years, Infrasound Science has experienced a renaissance due to the installation of an international monitoring system of 60 infrasound arrays for monitoring the Comprehensive Nuclear Test Ban Treaty, and to the demonstrated value of regional infrasound networks for both scientific and applied purposes. Furthermore, in the past decade, significant advances have been made on using measurements of infrasound to invert for these properties of the atmosphere at altitudes where alternative measurement techniques are extremely costly. This presentation provides a review of recent advances in infrasound science as relevant to National Security applications.

  18. YADBrowser: A Browser for Web-Based Educational Applications

    ERIC Educational Resources Information Center

    Zaldivar, Vicente Arturo Romero; Arandia, Jon Ander Elorriaga; Brito, Mateo Lezcano

    2005-01-01

    In this article, the main characteristics of the educational browser YADBrowser are described. One of the main objectives of this project is to define new languages and object models which facilitate the creation of educational applications for the Internet. The fundamental characteristics of the object model of the browser are also described.…

  19. Evaluation of a metal shear web selectively reinforced with filamentary composites for space shuttle application

    NASA Technical Reports Server (NTRS)

    Laakso, J. H.; Straayer, J. W.

    1974-01-01

    A final program summary is reported for test and evaluation activities that were conducted for space shuttle web selection. Large scale advanced composite shear web components were tested and analyzed to evaluate application of advanced composite shear web construction to a space shuttle orbiter thrust structure. The shear web design concept consisted of a titanium-clad + or - 45 deg boron/epoxy web laminate stiffened with vertical boron-epoxy reinforced aluminum stiffeners and logitudinal aluminum stiffening. The design concept was evaluated to be efficient and practical for the application that was studied. Because of the effects of buckling deflections, a requirement is identified for shear buckling resistant design to maximize the efficiency of highly-loaded advanced composite shear webs.

  20. A Web application to improve emotional awareness in high-functioning autistics

    E-print Network

    Sonuyi, Temitope O

    2006-01-01

    The web application built here is based on the idea of presenting scenarios to users, using text, and having the users choose likely emotions that match the scenarios. Taken for granted by most neurotypical people, ...

  1. Dependently Typed Web Client Applications FRP in Agda in HTML5

    E-print Network

    Jeffrey, Alan

    Dependently Typed Web Client Applications FRP in Agda in HTML5 Alan Jeffrey Alcatel-Lucent Bell developed a compiler back end, foreign function inter- face, and library bindings for FRP, and for HTML5 [15

  2. Web application for simplifying access to computer center resources and information.

    Energy Science and Technology Software Center (ESTSC)

    2013-05-01

    Lorenz is a product of the ASC Scientific Data Management effort. Lorenz is a web-based application designed to help computer centers make information and resources more easily available to their users.

  3. Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks

    E-print Network

    Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection with run- time protection against known as well as unseen SQL injection attacks (SQLIAs) without, & Orso, 2006). According to the WASP Foundation, injection flaws, particularly SQL injection, were

  4. EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond

    E-print Network

    Kohno, Tadayoshi

    EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond Karl for security ap- plications. As a central case study, we examine the recently issued United States Passport tags. We explore several issues: 1. Cloning: We report on the data format of Passport Cards and WA EDLs

  5. Active Millimeter-Wave and Sub-Millimeter-Wave Imaging for Security Applications

    SciTech Connect

    Sheen, David M.; McMakin, Douglas L.; Hall, Thomas E.

    2011-09-02

    Active imaging at millimeter and sub-millimeter wavelengths has been developed for security applications including concealed weapon detection. The physical properties that affect imaging performance are discussed along with a review of the current state-of-the-art and future potential for security imaging systems.

  6. Securing Location Services Infrastructures: Practical Criteria for Application Developers and Solutions Architects

    ERIC Educational Resources Information Center

    Karamanian, Andre

    2013-01-01

    This qualitative, exploratory, normative study examined the security and privacy of location based services in mobile applications. This study explored risk, and controls to implement privacy and security. This study was addressed using components of the FIPS Risk Management Framework. This study found that risk to location information was…

  7. 78 FR 72132 - RBS Securities Inc. and Citizens Investment Advisors; Notice of Application and Temporary Order

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-02

    ... From the Federal Register Online via the Government Publishing Office SECURITIES AND EXCHANGE COMMISSION RBS Securities Inc. and Citizens Investment Advisors; Notice of Application and Temporary Order... Advisors (``Citizens IA''), a separately identifiable department of RBS Citizens, N.A. (each an...

  8. A New Security Definition for Public Key Encryption Schemes and Its Applications

    E-print Network

    International Association for Cryptologic Research (IACR)

    A New Security Definition for Public Key Encryption Schemes and Its Applications Guomin Yang, Duncan S. Wong, Qiong Huang, and Xiaotie Deng Department of Computer Science City University of Hong Kong. The strongest security definition for public key encryption (PKE) schemes is indistinguishability against

  9. Security Challenges for User-Oriented RFID Applications within the `Internet of Things'

    E-print Network

    Hancke, Gerhard

    Security Challenges for User-Oriented RFID Applications within the `Internet of Things' G.P. HANCKE will need to address. Keywords: RFID, NFC, security, `Internet of Things', user-oriented architecture 1 to be an important building block of the `Internet of Things' and examine how RFID, assisted by the deployment of NFC

  10. Photonics applications and web engineering: WILGA Winter 2015

    NASA Astrophysics Data System (ADS)

    Romaniuk, Ryszard S.

    2015-09-01

    XXXVth periodic Symposium WILGA (winter edition) on Design, Construction and Application of Advanced Electronic and Photonic Systems was held at the end of January 2015. It is an established, periodic meeting of young researchers, M.Sc. and Ph.D. students and their supervisors. The meeting is organized by the PERG/ELHEP Laboratories of Institute of Electronic Systems - WUT since two decades. Sessions of the 2015 January meeting were: development of the architecture of digital electronics, embedded systems, design of system functionality, analog electronics and photonics, hardware - software integration, complex system reliability and dependability working in harsh environments, applications of electronic and photonic systems in space and satellite engineering and large research experiments. Summer edition of WILGA Symposium is organized on 25-31 May 2015 [wilga.ise.pw.edu.pl].

  11. Water Budget in the UAE for Applications in Food Security.

    NASA Astrophysics Data System (ADS)

    Gonzalez Sanchez, R.; Ouarda, T.; Marpu, P. R.; Pearson, S.

    2014-12-01

    The current rate of population growth combined with climate change, have increased the impact on natural resources globally, especially water, land and energy, and therefore the food availability. Arid and semi-arid countries are highly vulnerable to these threats being already aware of the scarcity of resources depending mainly on imports. This study focuses on the UAE, with a very low rainfall, high temperatures and a very high rate of growth. It represents the perfect scenario to study the adaptive strategies that would allow to alleviate the effects of changing climate conditions and increase of population. Water is a key factor to food security especially in dry regions like the UAE, therefore, the first step of this approach is to analyze the water budget, first at a global scale (UAE), and after at smaller scales where particular and in-depth studies can be performed. The water budget is represented by the following equation: total precipitation and desalinated water minus the evapotranspiration equals the change in the terrestrial water storage. The UAE is highly dependent on desalinated water, therefore, this factor is included as a water input in the water budget. The procedure adopted in this study is applicable to other Gulf countries where desalination represents a large component of the water budget. Remotely sensed data will be used to obtain the components of the water budget equation performing a preliminary study of the suitability of TRMM data to estimate the precipitation in the UAE by comparison with six ground stations in the country. GRACE and TRMM data will then be used to obtain the terrestrial water storage and the precipitation respectively. The evapotranspiration will be estimated from the water budget equation and maps of these three variables will be obtained. This spatial analysis of the water resources will help to determine the best areas for cultivation and whether it can be planned in a way that increases the agricultural productivity. Subsequent studies on land and energy resources combined with legal aspects in the UAE, will be used to obtain a food security atlas. These results will lead to a more efficient management of the resources not only on a national scale but also on a regional scale that can aid in sustainable development and a better resource use in the UAE and ultimately, in the gulf region.

  12. Gender Divide and Acceptance of Collaborative Web 2.0 Applications for Learning in Higher Education

    ERIC Educational Resources Information Center

    Huang, Wen-Hao David; Hood, Denice Ward; Yoo, Sun Joo

    2013-01-01

    Situated in the gender digital divide framework, this survey study investigated the role of computer anxiety in influencing female college students' perceptions toward Web 2.0 applications for learning. Based on 432 college students' "Web 2.0 for learning" perception ratings collected by relevant categories of "Unified Theory of Acceptance and Use…

  13. SIF: Enforcing Confidentiality and Integrity in Web Applications Stephen Chong K. Vikram Andrew C. Myers

    E-print Network

    Chong, Stephen

    . Myers Department of Computer Science, Cornell University Abstract SIF (Servlet Information Flow Servlet Information Flow (SIF), a novel framework for building web appli- cations that respect explicit in web applications, in exchange for trust in the servlet framework and the Jif 3.0 compiler--a good

  14. Applications of Graph Probing to Web Document Analysis Daniel Lopresti and Gordon Wilfong

    E-print Network

    Wilfong, Gordon

    treats graph probing as an on­ line process; both the query graph and the database graph are available­computation of a compact, efficient probe set for databases of graph­ structured documents in general, and Web pages codedApplications of Graph Probing to Web Document Analysis Daniel Lopresti and Gordon Wilfong Bell Labs

  15. A Safety-Oriented Platform for Web Applications Richard S. Cox

    E-print Network

    Gribble, Steve

    A Safety-Oriented Platform for Web Applications Richard S. Cox , Jacob Gorm Hansen , Steven D and safety. 1 Introduction The 1993 release of the Mosaic browser sparked the on- set of the modern Web, archival file storage, multime- dia, and e-commerce services of all types. Users transfer funds, purchase

  16. Highly-Interactive and User-Friendly Web Application for People with Diabetes

    E-print Network

    Andry, François

    Highly-Interactive and User-Friendly Web Application for People with Diabetes Francois Andry, Larry. One Waters Park Drive ­ Suite 280 San Mateo, CA 94403, USA Abstract ­ LifeSensor Diabetes is a module that is coupled with a web-based personal health record (PHR) for patients with type 2 diabetes. In this paper we

  17. Secure Evaluation of Private Linear Branching Programs with Medical Applications

    E-print Network

    International Association for Cryptologic Research (IACR)

    @research.bell-labs.com 3 Horst G¨ortz Institute for IT-Security, Ruhr-University Bochum, Germany {ahmad.sadeghi,thomas.schneider}@trust.rub of privacy of both parties. On the one hand, the user's data might be sensitive and security-critical (e diagnostics, trade- and work-flow information in benchmarking of enterprises). On the other hand, the service

  18. Bachelor of Science -CyberSecurity -Students Entering Fall 2011 Study Plan / Application for Candidacy(check one)

    E-print Network

    Mordohai, Philippos

    Bachelor of Science - CyberSecurity - Students Entering Fall 2011 Study Plan / Application - Concurrent Programming 3.0 VII CS576 - Secure Systems 3.0 VII CS577 - CyberSecurity Lab 3.0 VIII CS424 ­ Senior Design II 2 3.0 #12;Bachelor of Science - CyberSecurity - Students Entering Fall 2011 Study Plan

  19. Bachelor of Science -CyberSecurity -Students Entering Fall 2008 Study Plan / Application for Candidacy(check one) or later

    E-print Network

    Mordohai, Philippos

    Bachelor of Science - CyberSecurity - Students Entering Fall 2008 Study Plan / Application CS573 - Fundamentals of CyberSecurity 3.0 VI CS488 - Computer Architecture 3.0 VI CS492 - Operating551 - Software Engineering & Practice I 2 3.0 VII CS576 - Secure Systems 3.0 VII CS577 - CyberSecurity

  20. 76 FR 8755 - Privacy Act of 1974; Department of Homeland Security/ALL-032 Official Passport Application and...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-02-15

    ... SECURITY Office of the Secretary Privacy Act of 1974; Department of Homeland Security/ALL--032 Official... titled, ``Department of Homeland Security/ ALL--032 Official Passport Application and Maintenance Records..., Privacy Office, Department of Homeland Security, Washington, DC 20528. Instructions: All...

  1. Helping End-Users "Engineer" Dependable Web Applications Sebastian Elbaum, Kalyan-Ram Chilakamarri, Bhuvana Gopal, Gregg Rothermel

    E-print Network

    Rothermel, Gregg

    are increasingly relying on web authoring environments to create web applications. Al- though often consisting In increasing numbers, end users are using web author- ing environments such as FrontPage [16], Dreamweaver [1], and Aracnophilia [14] to create increasingly sophisticated web applications. These environments allow end users

  2. Security Technologies for Open Networking Environments (STONE)

    SciTech Connect

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Ad

  3. How secure is the Internet for healthcare applications?

    PubMed

    Campbell, L A

    1996-01-01

    The Internet has grown faster than any other communications medium or consumer electronics technology--including the fax machine and personal computer. It offers new possibilities for providing economical and good quality patient care, but how secure is it? Is it prudent to communicate patient information over the Internet? For confidential patient information to be transmitted appropriately on the Internet, the originator must be clearly identified without any chance of impersonation; the information must be transmitted without any possibility of corruption or alteration; and the process must be secure. Many experts recognize the need to secure privacy of information, and there are some standards for electronic signatures and data encryption. However, no one has yet come up with a plan that offers a comprehensive solution. Appropriate confidentiality and security legislation has not yet been passed by the U.S. Congress. The following security technologies are currently available and are described in this article: cryptography, authentication devices, electronic signature systems, firewalls, secure hypertext transfer protocol and secure sockets layer protocol. Until proper standards are developed and accepted, providers should use available technologies to protect both patient records and themselves. The legal consequences of mishandling confidential patient information can be disastrous. PMID:10154332

  4. Remote Sensing Information Gateway: A free application and web service for fast, convenient, interoperable access to large repositories of atmospheric data

    NASA Astrophysics Data System (ADS)

    Plessel, T.; Szykman, J.; Freeman, M.

    2012-12-01

    EPA's Remote Sensing Information Gateway (RSIG) is a widely used free applet and web service for quickly and easily retrieving, visualizing and saving user-specified subsets of atmospheric data - by variable, geographic domain and time range. Petabytes of available data include thousands of variables from a set of NASA and NOAA satellites, aircraft, ground stations and EPA air-quality models. The RSIG applet is used by atmospheric researchers and uses the rsigserver web service to obtain data and images. The rsigserver web service is compliant with the Open Geospatial Consortium Web Coverage Service (OGC-WCS) standard to facilitate data discovery and interoperability. Since rsigserver is publicly accessible, it can be (and is) used by other applications. This presentation describes the architecture and technical implementation details of this successful system with an emphasis on achieving convenience, high-performance, data integrity and security.

  5. Microholographic computer generated holograms for security applications: Microtags

    SciTech Connect

    Sweatt, W.C.; Warren, M.E.; Kravitz, S.H.

    1998-01-01

    We have developed a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. Eight-by-eight-cell and 12 x 12-cell phase-only and phase-and-amplitude microtag designs has been exposed in photoresist using the extreme-ultraviolet (13.4 nm) lithography (EUVL) tool developed at Sandia National Laboratories. Using EUVL, we have also fabricated microtags consisting of 150-nm lines arranged to form 300-nm-period gratings. The microtags described in this report were designed for readout at 632.8 nm and 442 nm. The smallest microtag measures 56 {mu}m x 80 {mu}m when viewed at normal incidence. The largest microtag measures 80 by 160 microns and contains features 0.2 {mu}m wide. The microtag design process uses a modified iterative Fourier-transform algorithm to create either phase-only or phase-and-amplitude microtags. We also report on a simple and compact readout system for recording the diffraction pattern formed by a microtag. The measured diffraction patterns agree very well with predictions. We present the results of a rigorous coupled-wave analysis (RCWA) of microtags. Microtags are CD modeled as consisting of sub-wavelength gratings of a trapezoidal profile. Transverse-electric (TE) and TM readout polarizations are modeled. The objective of our analysis is the determination of optimal microtag-grating design parameter values and tolerances on those parameters. The parameters are grating wall-slope angle, grating duty cycle, grating depth, and metal-coating thickness. Optimal microtag-grating parameter values result in maximum diffraction efficiency. Maximum diffraction efficiency is calculated at 16% for microtag gratings in air and 12% for microtag gratings underneath a protective dielectric coating, within fabrication constraints. TM-microtag gratings. Finally, we suggest several additional microtag concepts, such as two-dimensional microtags and pixel-code microtags.

  6. 3D Imaging with Structured Illumination for Advanced Security Applications

    SciTech Connect

    Birch, Gabriel Carisle; Dagel, Amber Lynn; Kast, Brian A.; Smith, Collin S.

    2015-09-01

    Three-dimensional (3D) information in a physical security system is a highly useful dis- criminator. The two-dimensional data from an imaging systems fails to provide target dis- tance and three-dimensional motion vector, which can be used to reduce nuisance alarm rates and increase system effectiveness. However, 3D imaging devices designed primarily for use in physical security systems are uncommon. This report discusses an architecture favorable to physical security systems; an inexpensive snapshot 3D imaging system utilizing a simple illumination system. The method of acquiring 3D data, tests to understand illumination de- sign, and software modifications possible to maximize information gathering capability are discussed.

  7. Copy-proof machine-readable holograms for security application

    NASA Astrophysics Data System (ADS)

    Dausmann, Guenther J.; Menz, Irina; Gnaedig, Klaus; Yang, Zishao

    1996-03-01

    The most frequently used optical security features to protect documents and goods against counterfeiting are various types of rainbow holograms and diffractive optical variable devices (OVDs). Although these features offer a fair degree of security and most known falsifications are rather crude imitations it is still possible to copy them with all hidden and visible information. In our opinion it would be helpful to have copy proof holograms containing a machine readable feature to achieve a doubtfree verification at point of sale and other sites. We present our work towards the development of a copy proof and machine readable hologram with an optically encoded security feature.

  8. Bachelor of Science -CyberSecurity -Students Entering Fall 2010 Study Plan / Application for Candidacy(check one)

    E-print Network

    Mordohai, Philippos

    Bachelor of Science - CyberSecurity - Students Entering Fall 2010 Study Plan / Application.0 VII CS577 - CyberSecurity Lab 3.0 VIII CS424 - Software Engineering Practice II 2 3.0 #12;Bachelor of Science - CyberSecurity - Students Entering Fall 2010 Study Plan / Application for Candidacy(check one

  9. 78 FR 14847 - Topaz Exchange, LLC; Notice of Filing of Application for Registration as a National Securities...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-03-07

    ... COMMISSION Topaz Exchange, LLC; Notice of Filing of Application for Registration as a National Securities Exchange Under Section 6 of the Securities Exchange Act of 1934 March 1, 2013. On July 3, 2012, Topaz Exchange, LLC (``Topaz Exchange'' or ``Applicant'') submitted to the Securities and Exchange...

  10. 76 FR 28482 - Notice of an Application of BF Enterprises, Inc. Under Section 12(h) of the Securities Exchange...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-05-17

    ... COMMISSION Notice of an Application of BF Enterprises, Inc. Under Section 12(h) of the Securities Exchange Act of 1934 May 12, 2011. The Securities and Exchange Commission gives notice that BF Enterprises, Inc. has filed an application under Section 12(h) of the Securities Exchange Act of 1934. BF...

  11. Development of a web application for water resources based on open source software

    NASA Astrophysics Data System (ADS)

    Delipetrev, Blagoj; Jonoski, Andreja; Solomatine, Dimitri P.

    2014-01-01

    This article presents research and development of a prototype web application for water resources using latest advancements in Information and Communication Technologies (ICT), open source software and web GIS. The web application has three web services for: (1) managing, presenting and storing of geospatial data, (2) support of water resources modeling and (3) water resources optimization. The web application is developed using several programming languages (PhP, Ajax, JavaScript, Java), libraries (OpenLayers, JQuery) and open source software components (GeoServer, PostgreSQL, PostGIS). The presented web application has several main advantages: it is available all the time, it is accessible from everywhere, it creates a real time multi-user collaboration platform, the programing languages code and components are interoperable and designed to work in a distributed computer environment, it is flexible for adding additional components and services and, it is scalable depending on the workload. The application was successfully tested on a case study with concurrent multi-users access.

  12. Model-Based Testing of Thin-Client Web Applications and Navigation Input

    E-print Network

    Achten, Peter

    Model-Based Testing of Thin-Client Web Applications and Navigation Input Pieter Koopman, Peter these applications inherit browser navigation as part of their interface. Typical browser actions are the use of the back- and forward-button and the cloning of windows. Browser navigation is difficult to deal

  13. Position Paper: Why Are There So Many Vulnerabilities in Web Applications

    E-print Network

    Du, Wenliang "Kevin"

    than traditional applications. Something must be fundamentally wrong in the web infrastructure. Based. According to a recent re- port [34], over 80 percent of websites have had at least one serious vulnerability (NSPW), Marin County, CA, USA. September 12-15, 2011. higher than that of traditional applications

  14. WeVerca: Web Applications Veri cation for PHP (Tool Paper)?

    E-print Network

    WeVerca: Web Applications Veri#12;cation for PHP (Tool Paper)? David Hauzar and Jan Kofron;ne static analyses of PHP applications. It supports dynamic type system, dynamic method calls the number of false positives comparing to existing state-of-the-art analysis tools for PHP. 1 Introduction

  15. A Service Oriented Web Application for Learner Knowledge Representation, Management and Sharing Conforming to IMS LIP

    ERIC Educational Resources Information Center

    Lazarinis, Fotis

    2014-01-01

    iLM is a Web based application for representation, management and sharing of IMS LIP conformant user profiles. The tool is developed using a service oriented architecture with emphasis on the easy data sharing. Data elicitation from user profiles is based on the utilization of XQuery scripts and sharing with other applications is achieved through…

  16. A Framework for Cross-platform Mobile Web Applications Using HTML5

    E-print Network

    A Framework for Cross-platform Mobile Web Applications Using HTML5 Christos Bouras1,2 , Andreas subsequently in- creases dramatically the corresponding effort. With the emergence of HTML5 these issues can applications and also for the investigation and experimentation on the main features that HTML5 offers

  17. Computer-aided diagnosis workstation and teleradiology network system for chest diagnosis using the web medical image conference system with a new information security solution

    NASA Astrophysics Data System (ADS)

    Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kaneko, Masahiro; Kakinuma, Ryutaro; Moriyama, Noriyuki

    2010-03-01

    Diagnostic MDCT imaging requires a considerable number of images to be read. Moreover, the doctor who diagnoses a medical image is insufficient in Japan. Because of such a background, we have provided diagnostic assistance methods to medical screening specialists by developing a lung cancer screening algorithm that automatically detects suspected lung cancers in helical CT images, a coronary artery calcification screening algorithm that automatically detects suspected coronary artery calcification and a vertebra body analysis algorithm for quantitative evaluation of osteoporosis. We also have developed the teleradiology network system by using web medical image conference system. In the teleradiology network system, the security of information network is very important subjects. Our teleradiology network system can perform Web medical image conference in the medical institutions of a remote place using the web medical image conference system. We completed the basic proof experiment of the web medical image conference system with information security solution. We can share the screen of web medical image conference system from two or more web conference terminals at the same time. An opinion can be exchanged mutually by using a camera and a microphone that are connected with the workstation that builds in some diagnostic assistance methods. Biometric face authentication used on site of teleradiology makes "Encryption of file" and "Success in login" effective. Our Privacy and information security technology of information security solution ensures compliance with Japanese regulations. As a result, patients' private information is protected. Based on these diagnostic assistance methods, we have developed a new computer-aided workstation and a new teleradiology network that can display suspected lesions three-dimensionally in a short time. The results of this study indicate that our radiological information system without film by using computer-aided diagnosis workstation and our teleradiology network system can increase diagnostic speed, diagnostic accuracy and security improvement of medical information.

  18. A system for building clinical research applications using semantic web-based approach.

    PubMed

    Gurupur, Varadraj P; Tanik, Murat M

    2012-02-01

    In this paper we present a system using Semantic Web by which applications can be effectively constructed for clinical research purposes. We are aware of the immense difficulties and variations involved in clinical research applications. With a purpose of mitigating some of these difficulties in the process of developing clinical research applications we are presenting an approach for building information systems based on Semantic Web. We have developed a working prototype using C-Map tools leveraging the underlying principles of Abstract Software Design Framework to convert domain knowledge into machine-actable information. PMID:20703749

  19. On the Use of Social Networks in Web Services: Application to the Discovery Stage

    NASA Astrophysics Data System (ADS)

    Maamar, Zakaria; Wives, Leandro Krug; Boukadi, Khouloud

    This chapter discusses the use of social networks in Web services with focus on the discovery stage that characterizes the life cycle of these Web services. Other stages in this life cycle include description, publication, invocation, and composition. Web services are software applications that end users or other peers can invoke and compose to satisfy different needs such as hotel booking and car rental. Discovering the relevant Web services is, and continues to be, a major challenge due to the dynamic nature of these Web services. Indeed, Web services appear/disappear or suspend/resume operations without prior notice. Traditional discovery techniques are based on registries such as Universal Description, Discovery and Integration (UDDI) and Electronic Business using eXtensible Markup Language (ebXML). Unfortunately, despite the different improvements that these techniques have been subject to, they still suffer from various limitations that could slow down the acceptance trend of Web services by the IT community. Social networks seem to offer solutions to some of these limitations but raise, at the same time, some issues that are discussed in this chapter. The contributions of this chapter are three: social network definition in the particular context of Web services; mechanisms that support Web services build, use, and maintain their respective social networks; and social networks adoption to discover Web services.

  20. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  1. Contributions to Human Errors and Breaches in National Security Applications.

    SciTech Connect

    Pond, D. J.; Houghton, F. K.; Gilmore, W. E.

    2002-01-01

    Los Alamos National Laboratory has recognized that security infractions are often the consequence of various types of human errors (e.g., mistakes, lapses, slips) and/or breaches (i.e., deliberate deviations from policies or required procedures with no intention to bring about an adverse security consequence) and therefore has established an error reduction program based in part on the techniques used to mitigate hazard and accident potentials. One cornerstone of this program, definition of the situational and personal factors that increase the likelihood of employee errors and breaches, is detailed here. This information can be used retrospectively (as in accident investigations) to support and guide inquiries into security incidents or prospectively (as in hazard assessments) to guide efforts to reduce the likelihood of error/incident occurrence. Both approaches provide the foundation for targeted interventions to reduce the influence of these factors and for the formation of subsequent 'lessons learned.' Overall security is enhanced not only by reducing the inadvertent releases of classified information but also by reducing the security and safeguards resources devoted to them, thereby allowing these resources to be concentrated on acts of malevolence.

  2. Secure and Oblivious Maximum Bipartite Matching Size Algorithm with Applications to Secure Fingerprint Identification

    E-print Network

    International Association for Cryptologic Research (IACR)

    Fingerprint Identification Marina Blanton and Siddharth Saraph Department of Computer Science and Engineering-preserving matching of two fingerprints (used for secure fingerprint authentication or identification) using traditional minutia-based representation of fingerprints that leads to the most discriminative (i.e., accurate

  3. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    PubMed Central

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content and explain why they are ineffectual. We then present NoFrak, a capability-based defense against fracking attacks. NoFrak is platform-independent, compatible with any framework and embedded browser, requires no changes to the code of the existing hybrid apps, and does not break their advertising-supported business model. PMID:25485311

  4. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    PubMed

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content and explain why they are ineffectual. We then present NoFrak, a capability-based defense against fracking attacks. NoFrak is platform-independent, compatible with any framework and embedded browser, requires no changes to the code of the existing hybrid apps, and does not break their advertising-supported business model. PMID:25485311

  5. Application of Lightweight Formal Methods to Software Security

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Powell, John D.; Bishop, Matt

    2005-01-01

    Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which species security properties in a library that can be reused by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The Flexible Modeling Framework (FMF) is a model based verijkation instrument that uses Promela and the SPIN model checker. The Property Based Tester (PBT) uses TASPEC and a Text Execution Monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles.

  6. 78 FR 35043 - Aviation Security Advisory Committee Charter Renewal and Request for Applicants

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-06-11

    ...public docket on the Internet at http://www...staff, equipment, and assistance to the...electronic copy using the Internet by-- (1) Searching...Visiting TSA's Security Regulations Web page...www.tsa.gov and accessing the link...which among other things established the...

  7. Application of web-based visualizations to interactive television: a practical approach

    NASA Astrophysics Data System (ADS)

    Chakaveh, Sepideh; Geuer, Olaf; Werning, Stefan; Borggrefe, Sorina; Haeger, Ralf

    2003-06-01

    In the near future interactive television will provide many entertaining and innovative broadcasting formats for TV viewers. Moreover through the recent advancements in web-based visualisation techniques, complex application scenarios can already be realised. With the aid of a demonstrator called "deinewahl02" we proved a challenging concept on how to import web-based applications onto more complex platforms such as MHP set-up boxes. "deinewahl02" which represents a pretend political TV debate of the German general elections 2002, gives one the possibilities to playfully & entertainly be guided into the programme. Using the various functionalities such as "Voting" or "Hotspots" the possibilities of interaction, are well demonstrated within the programme. This provides a two way communication channel which can be established instantly, between the viewer and the broadcaster. "deinewahl02" has successfully demonstrated, ways where web-based applications may quickly and cheaply be implemented onto much more complex platforms.

  8. StreamStats in Georgia: a water-resources web application

    USGS Publications Warehouse

    Gotvald, Anthony J.; Musser, Jonathan W.

    2015-01-01

    StreamStats is being implemented on a State-by-State basis to allow for customization of the data development and underlying datasets to address their specific needs, issues, and objectives. The USGS, in cooperation with the Georgia Environmental Protection Division and Georgia Department of Transportation, has implemented StreamStats for Georgia. The Georgia StreamStats Web site is available through the national StreamStats Web-page portal at http://streamstats.usgs.gov. Links are provided on this Web page for individual State applications, instructions for using StreamStats, definitions of basin characteristics and streamflow statistics, and other supporting information.

  9. Unidirectional Key Distribution Across Time and Space with Applications to RFID Security

    E-print Network

    International Association for Cryptologic Research (IACR)

    Unidirectional Key Distribution Across Time and Space with Applications to RFID Security Ari Juels problem, however, is that of practical key management in RFID (Radio-Frequency IDentification) systems. We describe the application of our techniques to RFID-enabled supply chains and a prototype privacy

  10. AndroSAT: Security Analysis Tool for Android Applications Saurabh Oberoi, Weilong Song, Amr M. Youssef

    E-print Network

    Youssef, Amr M.

    AndroSAT: Security Analysis Tool for Android Applications Saurabh Oberoi, Weilong Song, Amr M Abstract--With about 1.5 million Android device activations per day and billions of application installation from Google Play, Android is becoming one of the most widely used operating systems

  11. Applications of omics for food safety and security

    Technology Transfer Automated Retrieval System (TEKTRAN)

    Food safety and food security are important global issues. Research employing 'omics' technologies, including genomics, proteomics, and metabolomics, is helping to elucidate pathogen behavior at the molecular level and to develop better detection and typing systems. Omics-based tools enable resear...

  12. 77 FR 1965 - Central Securities Corporation; Notice of Application

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-01-12

    ... From the Federal Register Online via the Government Printing Office ] SECURITIES AND EXCHANGE... Committee will also have the authority to make provision for payment of cash or other property in respect of... Eligible Person, plus (i) the number of Shares withheld in payment of any taxes relating to any Award...

  13. Findings Security Errors in Java Applications Using Lightweight Static Analysis

    E-print Network

    Livshits, Ben

    environment. 2.2 SQL injections SQL injections arise from allowing user-controlled strings to be used as part in the set of sources and the set of sinks. In the case of SQL injection using servlets, methods that read ISSUES We address the following two common security issues in this paper: "bad session stores" and SQL

  14. Security in Delay-Tolerant Mobile Cyber-Physical Applications

    E-print Network

    Correia, Miguel

    processing or storage. Cyber-security threats and the self- organizing nature of DTN environments pose a set enforcement are analyzed. I. INTRODUCTION Unlike conventional embedded systems where the emphasis tends distributed embedded sensor and actuator devices equipped with computing and communicating capabilities

  15. Home monitoring of patients with Parkinson's disease via wearable technology and a web-based application.

    PubMed

    Patel, Shyamal; Chen, Bor-Rong; Buckley, Thomas; Rednic, Ramona; McClure, Doug; Tarsy, Daniel; Shih, Ludy; Dy, Jennifer; Welsh, Matt; Bonato, Paolo

    2010-01-01

    Objective long-term health monitoring can improve the clinical management of several medical conditions ranging from cardiopulmonary diseases to motor disorders. In this paper, we present our work toward the development of a home-monitoring system. The system is currently used to monitor patients with Parkinson's disease who experience severe motor fluctuations. Monitoring is achieved using wireless wearable sensors whose data are relayed to a remote clinical site via a web-based application. The work herein presented shows that wearable sensors combined with a web-based application provide reliable quantitative information that can be used for clinical decision making. PMID:21096462

  16. Designing iCanFit: A Mobile-Enabled Web Application to Promote Physical Activity for Older Cancer Survivors

    PubMed Central

    Dahlke, Deborah Vollmer; Ory, Marcia; Hochhalter, Angela; Reynolds, Jana; Purcell, Ninfa Pena; Talwar, Divya; Eugene, Nola

    2013-01-01

    Background Most older cancer survivors (OCS) do not engage in regular physical activity (PA) despite well-known health benefits. With the increased use of mobile technologies among older adults, mobile tools may be an effective method to deliver PA promotion programs for OCS. Objective To document the process of designing an OCS-friendly mobile-enabled Web application of PA promotion program. Methods Mixed methods encompassing group discussions, individual interviews, and brief surveys with community leaders, OCS, cancer care providers, and software professionals were used in this formative research. Results The varied stakeholders welcomed the idea of developing an online tool to promote PA in OCS. Our formative research revealed several major barriers to regular PA including limited access to senior-friendly PA resources, lack of motivation and social support, and insufficient knowledge and skills on building safe and appropriate workout plans. This feedback was incorporated into the development of iCanFit, a mobile-enabled Web application, designed specifically for OCS. The iCanFit online tools allow users to locate PA resources, set and track goals for PA, network with peer OCS in a secure online space, and receive practical and evidence-informed healthy tips. Conclusions Our mixed-method formative research led to the design of iCanFit protocol to promote PA and well-being of OCS. The involvement of stakeholders is critical in the planning and design of the mobile application in order to enhance program relevance, appeal, and match with the needs of target users. PMID:23612053

  17. OpenGL in Multi-User Web-Based Applications

    NASA Astrophysics Data System (ADS)

    Szostek, K.; Piórkowski, A.

    In this article construction and potential of OpenGL multi-user web-based application are presented. The most common technologies like: .NET ASP, Java and Mono were used with specific OpenGL libraries to visualize tree-dimensional medical data. The most important conclusion of this work is that server side applications can easily take advantage of fast GPU and produce efficient results of advanced computation just like the visualization.

  18. Application of World Wide Web (W3) Technologies in Payload Operations

    NASA Technical Reports Server (NTRS)

    Sun, Charles; Windrem, May; Picinich, Lou

    1996-01-01

    World Wide Web (W3) technologies are considered in relation to their application to space missions. It is considered that such technologies, including the hypertext transfer protocol and the Java object-oriented language, offer a powerful and relatively inexpensive framework for distributed application software development. The suitability of these technologies for payload monitoring systems development is discussed, and the experience gained from the development of an insect habitat monitoring system based on W3 technologies is reported.

  19. Automated Black-box Detection of Side-Channel Vulnerabilities in Web Applications Peter Chapman

    E-print Network

    Brumley, David

    to side-channel leaks, even over encrypted connections. We propose a side-channel leak detection system dynamic, black-box side- channel vulnerability detection system. A black-box ap- proach allows developersAutomated Black-box Detection of Side-Channel Vulnerabilities in Web Applications Peter Chapman

  20. Analyzing the Effect of Web-Based Instruction Applications to School Culture within Technology Integration

    ERIC Educational Resources Information Center

    Cakiroglu, Unal; Akkan, Yasar; Guven, Bulent

    2012-01-01

    Determining the reflections of technology integration applications that are to be performed in our schools is important to light the way of first steps of integration. In this research, the effect of a web-based instruction environment used by 31 different teachers in a high school to school culture is set forth. The school culture is analyzed…

  1. "UML Quiz": Automatic Conversion of Web-Based E-Learning Content in Mobile Applications

    ERIC Educational Resources Information Center

    von Franqué, Alexander; Tellioglu, Hilda

    2014-01-01

    Many educational institutions use Learning Management Systems to provide e-learning content to their students. This often includes quizzes that can help students to prepare for exams. However, the content is usually web-optimized and not very usable on mobile devices. In this work a native mobile application ("UML Quiz") that imports…

  2. A web application for landslide inventory using data-Maurizio Latini, Barend Kbben

    E-print Network

    Köbben, Barend

    A web application for landslide inventory using data- driven SVG Maurizio Latini, Barend Köbben Observation (ITC), PO box 6, 7500AA Enschede, The Netherlands. Abstract: The landslide map in the Serchio basin (Central Tuscany, Italy) is an official document that represent the actual state of the landslides

  3. Using Web2.0 Applications to Close the Digital Divide in Western Australia

    ERIC Educational Resources Information Center

    Trinidad, Sue; Broadley, Tania

    2008-01-01

    The research reported in this paper documents the use of Web2.0 applications with six Western Australian schools that are considered to be regional and/or remote. With a population of two million people within an area of 2,525,500 square kilometres Western Australia has a number of towns that are classified as regional and remote. Each of the…

  4. Enabling Real Estate Businesses on the Web: From E-Business Model to The Application Services

    E-print Network

    Lin, Zhangxi

    across the entire real estate spectrum (i.e., leasing, financing, development, management and investment, named COMMREX (COMMercial Real Estate eXchange, http://www.commrex.com) to answer these questions. IMWEnabling Real Estate Businesses on the Web: From E-Business Model to The Application Services

  5. Usage, Barriers, and Training of Web 2.0 Technology Applications

    ERIC Educational Resources Information Center

    Pritchett, Christopher G.; Pritchett, Christal C.; Wohleb, Elisha C.

    2013-01-01

    This research study was designed to determine the degree of use of Web 2.0 technology applications by certified education professionals and examine differences among various groups as well as reasons for these differences. A quantitative survey instrument was developed to gather demographic information and data. Participants reported they would be…

  6. A Role-Playing Virtual World for Web-Based Application Courses

    ERIC Educational Resources Information Center

    Depradine, Colin

    2007-01-01

    With the rapid development of the information communication and technology (ICT) infrastructure in the Caribbean, there is an increasing demand for skilled software developers to meet the ICT needs of the region. Consequently, the web-based applications course offered at the University of the West Indies, has been redeveloped. One major part of…

  7. FUSION FRAMES AND THEORETICAL APPLICATIONS: FOR THE FUSION FRAME WEB PAGE

    E-print Network

    Casazza, Pete

    FUSION FRAMES AND THEORETICAL APPLICATIONS: FOR THE FUSION FRAME WEB PAGE PETER G. CASAZZA The deepest and most difficult question in Fusion Frame Theory is the construction of fusion frames with added that they do not show how to construct the frames. Recently, Casazza and Fickus [4] have developed a Fusion

  8. A newly designed web application to illustrate food and physical activity choices

    E-print Network

    Toronto, University of

    and activity planners · Tab organization #12;· Analyze ­ Macro- and micronutrients ­ Food group distributionA newly designed web application to illustrate food and physical activity choices Alyssa Rosenzweig · Accessibility · Complex/Overwhelming · Type 1 Diabetes ­ GlucoSim · Youth ­ Risk ­ Establish habits early

  9. A GATE-LEVEL POWER SIMULATOR A WORLD WIDE WEB APPLICATION

    E-print Network

    De Micheli, Giovanni

    Giovanni De Micheli Bruno Ricc#12;o Technical Report: CSL-TR-96-691 March 1996 This work was partially-Level Power Simulator A World Wide Web Application Alessandro Bogliolo Luca Benini Giovanni De Micheli Bruno, Giovanni De Micheli and Bruno Ricc#12;o #12;iii Contents 1 Introduction 1 2 Gate-Level Power Simulation 2 2

  10. A Web Application for Group Decision-Making based on Combinatorial Optimization

    E-print Network

    Borissova, Daniela

    of business intelligence. In the current paper, a Web-based framework of group decision support application. Nowadays the reasonable business decision making is associated with the term "business intelligence". Based on the assumption that management should get more out of data, business intelligence mixes data min- ing, algorithms

  11. Development of a Secure Mobile GPS Tracking and Management System

    ERIC Educational Resources Information Center

    Liu, Anyi

    2012-01-01

    With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

  12. The TDAQ Analytics Dashboard: a real-time web application for the ATLAS TDAQ control infrastructure

    NASA Astrophysics Data System (ADS)

    Lehmann Miotto, Giovanna; Magnoni, Luca; Sloper, John Erik

    2011-12-01

    The ATLAS Trigger and Data Acquisition (TDAQ) infrastructure is responsible for filtering and transferring ATLAS experimental data from detectors to mass storage systems. It relies on a large, distributed computing system composed of thousands of software applications running concurrently. In such a complex environment, information sharing is fundamental for controlling applications behavior, error reporting and operational monitoring. During data taking, the streams of messages sent by applications and data published via information services are constantly monitored by experts to verify the correctness of running operations and to understand problematic situations. To simplify and improve system analysis and errors detection tasks, we developed the TDAQ Analytics Dashboard, a web application that aims to collect, correlate and visualize effectively this real time flow of information. The TDAQ Analytics Dashboard is composed of two main entities that reflect the twofold scope of the application. The first is the engine, a Java service that performs aggregation, processing and filtering of real time data stream and computes statistical correlation on sliding windows of time. The results are made available to clients via a simple web interface supporting SQL-like query syntax. The second is the visualization, provided by an Ajax-based web application that runs on client's browser. The dashboard approach allows to present information in a clear and customizable structure. Several types of interactive graphs are proposed as widgets that can be dynamically added and removed from visualization panels. Each widget acts as a client for the engine, querying the web interface to retrieve data with desired criteria. In this paper we present the design, development and evolution of the TDAQ Analytics Dashboard. We also present the statistical analysis computed by the application in this first period of high energy data taking operations for the ATLAS experiment.

  13. Forensic and homeland security applications of modern portable Raman spectroscopy.

    PubMed

    Izake, Emad L

    2010-10-10

    Modern detection and identification of chemical and biological hazards within the forensic and homeland security contexts may well require conducting the analysis in field while adapting a non-contact approach to the hazard. Technological achievements on both surface and resonance enhancement Raman scattering re-developed Raman spectroscopy to become the most adaptable spectroscopy technique for stand-off and non-contact analysis of hazards. On the other hand, spatially offset Raman spectroscopy proved to be very valuable for non-invasive chemical analysis of hazards concealed within non-transparent containers and packaging. PMID:20395087

  14. Time Scaling of Chaotic Systems: Application to Secure Communications

    E-print Network

    Donatello Materassi; Michele Basso

    2007-10-25

    The paper deals with time-scaling transformations of dynamical systems. Such scaling functions operate a change of coordinates on the time axis of the system trajectories preserving its phase portrait. Exploiting this property, a chaos encryption technique to transmit a binary signal through an analog channel is proposed. The scheme is based on a suitable time-scaling function which plays the role of a private key. The encoded transmitted signal is proved to resist known decryption attacks offering a secure and reliable communication.

  15. CentiServer: A Comprehensive Resource, Web-Based Application and R Package for Centrality Analysis

    PubMed Central

    Jalili, Mahdi; Salehzadeh-Yazdi, Ali; Asgari, Yazdan; Arab, Seyed Shahriar; Yaghmaie, Marjan; Ghavamzadeh, Ardeshir; Alimoghaddam, Kamran

    2015-01-01

    Various disciplines are trying to solve one of the most noteworthy queries and broadly used concepts in biology, essentiality. Centrality is a primary index and a promising method for identifying essential nodes, particularly in biological networks. The newly created CentiServer is a comprehensive online resource that provides over 110 definitions of different centrality indices, their computational methods, and algorithms in the form of an encyclopedia. In addition, CentiServer allows users to calculate 55 centralities with the help of an interactive web-based application tool and provides a numerical result as a comma separated value (csv) file format or a mapped graphical format as a graph modeling language (GML) file. The standalone version of this application has been developed in the form of an R package. The web-based application (CentiServer) and R package (centiserve) are freely available at http://www.centiserver.org/ PMID:26571275

  16. CentiServer: A Comprehensive Resource, Web-Based Application and R Package for Centrality Analysis.

    PubMed

    Jalili, Mahdi; Salehzadeh-Yazdi, Ali; Asgari, Yazdan; Arab, Seyed Shahriar; Yaghmaie, Marjan; Ghavamzadeh, Ardeshir; Alimoghaddam, Kamran

    2015-01-01

    Various disciplines are trying to solve one of the most noteworthy queries and broadly used concepts in biology, essentiality. Centrality is a primary index and a promising method for identifying essential nodes, particularly in biological networks. The newly created CentiServer is a comprehensive online resource that provides over 110 definitions of different centrality indices, their computational methods, and algorithms in the form of an encyclopedia. In addition, CentiServer allows users to calculate 55 centralities with the help of an interactive web-based application tool and provides a numerical result as a comma separated value (csv) file format or a mapped graphical format as a graph modeling language (GML) file. The standalone version of this application has been developed in the form of an R package. The web-based application (CentiServer) and R package (centiserve) are freely available at http://www.centiserver.org/. PMID:26571275

  17. Ultra Wideband (UWB) communication vulnerability for security applications.

    SciTech Connect

    Cooley, H. Timothy

    2010-07-01

    RF toxicity and Information Warfare (IW) are becoming omnipresent posing threats to the protection of nuclear assets, and within theatres of hostility or combat where tactical operation of wireless communication without detection and interception is important and sometimes critical for survival. As a result, a requirement for deployment of many security systems is a highly secure wireless technology manifesting stealth or covert operation suitable for either permanent or tactical deployment where operation without detection or interruption is important The possible use of ultra wideband (UWB) spectrum technology as an alternative physical medium for wireless network communication offers many advantages over conventional narrowband and spread spectrum wireless communication. UWB also known as fast-frequency chirp is nonsinusoidal and sends information directly by transmitting sub-nanosecond pulses without the use of mixing baseband information upon a sinusoidal carrier. Thus UWB sends information using radar-like impulses by spreading its energy thinly over a vast spectrum and can operate at extremely low-power transmission within the noise floor where other forms of RF find it difficult or impossible to operate. As a result UWB offers low probability of detection (LPD), low probability of interception (LPI) as well as anti-jamming (AJ) properties in signal space. This paper analyzes and compares the vulnerability of UWB to narrowband and spread spectrum wireless network communication.

  18. Security Aspects of an Enterprise-Wide Network Architecture.

    ERIC Educational Resources Information Center

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  19. Designing and developing portable large-scale JavaScript web applications within the Experiment Dashboard framework

    E-print Network

    Andreeva, J; Karavakis, E; Kokoszkiewicz, L; Nowotka, M; Saiz, P; Tuckett, D

    2012-01-01

    Improvements in web browser performance and web standards compliance, as well as the availability of comprehensive JavaScript libraries, provides an opportunity to develop functionally rich yet intuitive web applications that allow users to access, render and analyse data in novel ways. However, the development of such large-scale JavaScript web applications presents new challenges, in particular with regard to code sustainability and team-based work. We present an approach that meets the challenges of large-scale JavaScript web application design and development, including client-side model-view-controller architecture, design patterns, and JavaScript libraries. Furthermore, we show how the approach leads naturally to the encapsulation of the data source as a web API, allowing applications to be easily ported to new data sources. The Experiment Dashboard framework is used for the development of applications for monitoring the distributed computing activities of virtual organisations on the Worldwide LHC Comp...

  20. The TDAQ Analytics Dashboard: a real-time web application for the ATLAS TDAQ control infrastructure

    E-print Network

    Magnoni, L; Sloper, J E

    2010-01-01

    The ATLAS Trigger and Data Acquisition (TDAQ) infrastructure is responsible for filtering and transferring ATLAS experimental data from detectors to mass storage systems. It relies on a large, distributed computing environment composed by thousands of software applications running concurrently. In such a complex environment, information sharing is fundamental for controlling applications behavior, error reporting and operational monitoring. During data taking runs, the streams of messages sent by applications and data published via information services are constantly monitored by experts to verify correctness of running operations and to understand problematic situations. To simplify and improve system analysis and errors detection tasks, we developed the TDAQ Analytics Dashboard, a web application that aims to collect, correlate and visualize effectively this real time flow of information. The TDAQ Analytics Dashboard is composed by two main entities, that reflect the twofold scope of the application. The fi...

  1. The TDAQ Analytics Dashboard: a real-time web application for the ATLAS TDAQ control infrastructure

    E-print Network

    Magnoni, L; The ATLAS collaboration; Sloper, J E

    2011-01-01

    The ATLAS Trigger and Data Acquisition (TDAQ) infrastructure is responsible for filtering and transferring ATLAS experimental data from detectors to mass storage systems. It relies on a large, distributed computing environment composed by thousands of software applications running concurrently. In such a complex environment, information sharing is fundamental for controlling applications behavior, error reporting and operational monitoring. During data taking runs, the streams of messages sent by applications and data published via information services are constantly monitored by experts to verify correctness of running operations and to understand problematic situations. To simplify and improve system analysis and errors detection tasks, we developed the TDAQ Analytics Dashboard, a web application that aims to collect, correlate and visualize effectively this real time flow of information. The TDAQ Analytics Dashboard is composed by two main entities, that reflect the twofold scope of the application. The fi...

  2. Web-based interactive visualization in a Grid-enabled neuroimaging application using HTML5.

    PubMed

    Siewert, René; Specovius, Svenja; Wu, Jie; Krefting, Dagmar

    2012-01-01

    Interactive visualization and correction of intermediate results are required in many medical image analysis pipelines. To allow certain interaction in the remote execution of compute- and data-intensive applications, new features of HTML5 are used. They allow for transparent integration of user interaction into Grid- or Cloud-enabled scientific workflows. Both 2D and 3D visualization and data manipulation can be performed through a scientific gateway without the need to install specific software or web browser plugins. The possibilities of web-based visualization are presented along the FreeSurfer-pipeline, a popular compute- and data-intensive software tool for quantitative neuroimaging. PMID:22942008

  3. Shared and Distributed Memory Parallel Security Analysis of Large-Scale Source Code and Binary Applications

    SciTech Connect

    Quinlan, D; Barany, G; Panas, T

    2007-08-30

    Many forms of security analysis on large scale applications can be substantially automated but the size and complexity can exceed the time and memory available on conventional desktop computers. Most commercial tools are understandably focused on such conventional desktop resources. This paper presents research work on the parallelization of security analysis of both source code and binaries within our Compass tool, which is implemented using the ROSE source-to-source open compiler infrastructure. We have focused on both shared and distributed memory parallelization of the evaluation of rules implemented as checkers for a wide range of secure programming rules, applicable to desktop machines, networks of workstations and dedicated clusters. While Compass as a tool focuses on source code analysis and reports violations of an extensible set of rules, the binary analysis work uses the exact same infrastructure but is less well developed into an equivalent final tool.

  4. 17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ...). Editorial Note: For Federal Register citations affecting Form X-15AA-1, see the List of CFR Sections... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or...

  5. 17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ...). Editorial Note: For Federal Register citations affecting Form X-15AA-1, see the List of CFR Sections... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or...

  6. 17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... Note: For Federal Register citations affecting Form SIP, see the List of CFR Sections Affected, which... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form SIP, for application for... § 249.1001 Form SIP, for application for registration as a securities information processor or to...

  7. Harnessing modern web application technology to create intuitive and efficient data visualization and sharing tools.

    PubMed

    Wood, Dylan; King, Margaret; Landis, Drew; Courtney, William; Wang, Runtang; Kelly, Ross; Turner, Jessica A; Calhoun, Vince D

    2014-01-01

    Neuroscientists increasingly need to work with big data in order to derive meaningful results in their field. Collecting, organizing and analyzing this data can be a major hurdle on the road to scientific discovery. This hurdle can be lowered using the same technologies that are currently revolutionizing the way that cultural and social media sites represent and share information with their users. Web application technologies and standards such as RESTful webservices, HTML5 and high-performance in-browser JavaScript engines are being utilized to vastly improve the way that the world accesses and shares information. The neuroscience community can also benefit tremendously from these technologies. We present here a web application that allows users to explore and request the complex datasets that need to be shared among the neuroimaging community. The COINS (Collaborative Informatics and Neuroimaging Suite) Data Exchange uses web application technologies to facilitate data sharing in three phases: Exploration, Request/Communication, and Download. This paper will focus on the first phase, and how intuitive exploration of large and complex datasets is achieved using a framework that centers around asynchronous client-server communication (AJAX) and also exposes a powerful API that can be utilized by other applications to explore available data. First opened to the neuroscience community in August 2012, the Data Exchange has already provided researchers with over 2500 GB of data. PMID:25206330

  8. Harnessing modern web application technology to create intuitive and efficient data visualization and sharing tools

    PubMed Central

    Wood, Dylan; King, Margaret; Landis, Drew; Courtney, William; Wang, Runtang; Kelly, Ross; Turner, Jessica A.; Calhoun, Vince D.

    2014-01-01

    Neuroscientists increasingly need to work with big data in order to derive meaningful results in their field. Collecting, organizing and analyzing this data can be a major hurdle on the road to scientific discovery. This hurdle can be lowered using the same technologies that are currently revolutionizing the way that cultural and social media sites represent and share information with their users. Web application technologies and standards such as RESTful webservices, HTML5 and high-performance in-browser JavaScript engines are being utilized to vastly improve the way that the world accesses and shares information. The neuroscience community can also benefit tremendously from these technologies. We present here a web application that allows users to explore and request the complex datasets that need to be shared among the neuroimaging community. The COINS (Collaborative Informatics and Neuroimaging Suite) Data Exchange uses web application technologies to facilitate data sharing in three phases: Exploration, Request/Communication, and Download. This paper will focus on the first phase, and how intuitive exploration of large and complex datasets is achieved using a framework that centers around asynchronous client-server communication (AJAX) and also exposes a powerful API that can be utilized by other applications to explore available data. First opened to the neuroscience community in August 2012, the Data Exchange has already provided researchers with over 2500 GB of data. PMID:25206330

  9. Passive 350 GHz Video Imaging Systems for Security Applications

    NASA Astrophysics Data System (ADS)

    Heinz, E.; May, T.; Born, D.; Zieger, G.; Anders, S.; Zakosarenko, V.; Meyer, H.-G.; Schäffel, C.

    2015-10-01

    Passive submillimeter-wave imaging is a concept that has been in the focus of interest as a promising technology for personal security screening for a number of years. In contradiction to established portal-based millimeter-wave scanning techniques, it allows for scanning people from a distance in real time with high throughput and without a distinct inspection procedure. This opens up new possibilities for scanning, which directly address an urgent security need of modern societies: protecting crowds and critical infrastructure from the growing threat of individual terror attacks. Considering the low radiometric contrast of indoor scenes in the submillimeter range, this objective calls for an extremely high detector sensitivity that can only be achieved using cooled detectors. Our approach to this task is a series of passive standoff video cameras for the 350 GHz band that represent an evolving concept and a continuous development since 2007. Arrays of superconducting transition-edge sensors (TES), operated at temperatures below 1 K, are used as radiation detectors. By this means, background limited performance (BLIP) mode is achieved, providing the maximum possible signal to noise ratio. At video rates, this leads to a temperature resolution well below 1 K. The imaging system is completed by reflector optics based on free-form mirrors. For object distances of 5-25 m, a field of view up to 2 m height and a diffraction-limited spatial resolution in the order of 1-2 cm is provided. Opto-mechanical scanning systems are part of the optical setup and capable of frame rates of up to 25 frames per second.

  10. The Ontological Perspectives of the Semantic Web and the Metadata Harvesting Protocol: Applications of Metadata for Improving Web Search.

    ERIC Educational Resources Information Center

    Fast, Karl V.; Campbell, D. Grant

    2001-01-01

    Compares the implied ontological frameworks of the Open Archives Initiative Protocol for Metadata Harvesting and the World Wide Web Consortium's Semantic Web. Discusses current search engine technology, semantic markup, indexing principles of special libraries and online databases, and componentization and the distinction between data and…

  11. Evaluation of a metal shear web selectively reinforced with filamentary composites for space shuttle application. Phase 3 Summary report: Shear web component testing and analysis

    NASA Technical Reports Server (NTRS)

    Laakso, J. H.; Straayer, J. W.

    1973-01-01

    Three large scale advanced composite shear web components were tested and analyzed to evaluate application of the design concept to a space shuttle orbiter thrust structure. The shear web design concept consisted of a titanium-clad + or - 45 deg boron/epoxy web laminate stiffened with vertical boron/epoxy reinforced aluminum stiffeners. The design concept was evaluated to be efficient and practical for the application that was studied. Because of the effects of buckling deflections, a requirement is identified for shear buckling resistant design to maximize the efficiency of highly-loaded advanced composite shear webs. An approximate analysis of prebuckling deflections is presented and computer-aided design results, which consider prebuckling deformations, indicate that the design concept offers a theoretical weight saving of 31 percent relative to all metal construction. Recommendations are made for design concept options and analytical methods that are appropriate for production hardware.

  12. Optical detection of random features for high security applications

    NASA Astrophysics Data System (ADS)

    Haist, T.; Tiziani, H. J.

    1998-02-01

    Optical detection of random features in combination with digital signatures based on public key codes in order to recognize counterfeit objects will be discussed. Without applying expensive production techniques objects are protected against counterfeiting. Verification is done off-line by optical means without a central authority. The method is applied for protecting banknotes. Experimental results for this application are presented. The method is also applicable for identity verification of a credit- or chip-card holder.

  13. Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security

    E-print Network

    Sood, Arun K.

    Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security Yih Huang. In prior work, we developed a Self-Cleansing Intrusion Tolerance (SCIT) architecture that achieves the above goal by constantly cleansing the servers and rotating the role of individual servers

  14. Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems

    E-print Network

    Van Oorschot, Paul

    --Application markets providing one-click software in- stallation have become common to smartphones and are emerging history) from a configurable set of security information sources. We build a proof-of-concept Android ap valuable decision- making criteria useful not only for smartphone users, but technology consumers

  15. 20 CFR 416.305 - You must file an application to receive supplemental security income benefits.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ...SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications...receiving benefits because you are disabled or blind and you are 65 years old before the date we determine that you are no longer blind or disabled. (4) A...

  16. 49 CFR 1572.19 - Applicant responsibilities for a TWIC security threat assessment.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572... Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5... immediate revocation under 49 CFR 1572.5(b) and/or civil penalties. (d) Continuing responsibilities....

  17. 49 CFR 1572.19 - Applicant responsibilities for a TWIC security threat assessment.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572... Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5... immediate revocation under 49 CFR 1572.5(b) and/or civil penalties. (d) Continuing responsibilities....

  18. 49 CFR 1572.19 - Applicant responsibilities for a TWIC security threat assessment.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572... Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5... immediate revocation under 49 CFR 1572.5(b) and/or civil penalties. (d) Continuing responsibilities....

  19. 49 CFR 1572.19 - Applicant responsibilities for a TWIC security threat assessment.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572... Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5... immediate revocation under 49 CFR 1572.5(b) and/or civil penalties. (d) Continuing responsibilities....

  20. 49 CFR 1572.19 - Applicant responsibilities for a TWIC security threat assessment.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... provided in paragraph (b) of this section, applicants must provide the information required in 49 CFR 1572... Transportation Security Administration. If an individual is disqualified from holding a TWIC under 49 CFR 1572.5... immediate revocation under 49 CFR 1572.5(b) and/or civil penalties. (d) Continuing responsibilities....

  1. Wireless LAN Location-Sensing for Security Applications ptao@ece.rice.edu

    E-print Network

    Wallach, Dan

    Wireless LAN Location-Sensing for Security Applications Ping Tao ptao@ece.rice.edu Algis Rudys arudys@cs.rice.edu Andrew M. Ladd aladd@cs.rice.edu Dan S. Wallach dwallach@cs.rice.edu Department of Electrical and Computer Engineering Department of Computer Science Rice University Houston, TX ABSTRACT

  2. REMOTE SENSING APPLICATIONS FOR SUSTAINABLE WATERSHED MANAGEMENT AND FOOD SECURITY: JOURNAL ARTICLE

    EPA Science Inventory

    NRMRL-CIN-1496A Rochon*, G., Szlag*, D., Daniel*, F.B., and Chifos**, C. Remote Sensing Applications for Sustainable Watershed Management and Food Security. Proceedings of the 21st European Association of Remote Sensing Laboratories Symposium, Marne-La-Valle, France, 5/14-16/200...

  3. Amulet: A secure architecture for mHealth applications for low-power wearable devices

    E-print Network

    Kotz, David

    Amulet: A secure architecture for mHealth applications for low-power wearable devices Andres Molina not be able to carry them (e.g., while in a contact sport). A low-power wearable device can provide higher of a resource monitor on far less power than would be consumed by a mobile device running Linux or Android. Our

  4. Defining a competency framework to shape the professional education of national security master strategists: a web-based Delphi study 

    E-print Network

    Clark, Thomas George

    2006-04-12

    The purpose of this study was to develop a competency framework to shape development of a professional education program for master strategists in national security. The research problem focused on the absence of a competency ...

  5. Securing While Sampling in Wireless Body Area Networks With Application to Electrocardiography.

    PubMed

    Dautov, Ruslan; Tsouri, Gill R

    2016-01-01

    Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources, and present an implementation obstacle in compact sensor nodes. This paper proposes a lightweight encryption framework augmenting compressed sensing with wireless physical layer security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key, and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm, as well as the predeployment of a key thereby conserving sensor node's limited resources. The proposed framework is evaluated using analysis, simulation, and experimentation applied to a wireless electrocardiogram setup consisting of a sensor node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor node and the access point. PMID:25373134

  6. Using SAHRIS a web-based application for creating heritage cases and permit applications

    NASA Astrophysics Data System (ADS)

    Mlungwana, N.

    2015-08-01

    Since the inception of the South African Heritage Resources Information System (SAHRIS) in 2012, creating heritage cases and permit applications has been streamlined, and interaction with South African Heritage Authorities has been simplified. SAHRIS facilitates applications for development cases and mining applications that trigger the South African National Heritage Resources Act (Act 25 of 1999) and is able to differentiate between cases that require comment only, where the heritage process is subsidiary to environmental or mining law (Section 38(8)), and those where the heritage authority is the deciding authority (Section 38(1)). The system further facilitates cases related to site and object management, as well as permit applications for excavation, invasive research techniques and export of materials for research abroad in the case of archaeological or palaeontological specimens, or for sale or exhibition in the case of heritage objects. The integrated, easy to use, online system has removed the need for applicants to print out forms, take documents from one government department to the next for approval and other time-consuming processes that accompany paper-based systems. SAHRIS is a user friendly application that makes it easy for applicants to make their submissions, but also allows applicants to track the progress of their cases with the relevant heritage authority, which allows for better response rates and turnaround times from the authorities, while also ensuring transparency and good governance practice.

  7. An RFID-based luggage and passenger tracking system for airport security control applications

    NASA Astrophysics Data System (ADS)

    Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

    2014-06-01

    Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

  8. Current Trends and New Challenges of Databases and Web Applications for Systems Driven Biological Research

    PubMed Central

    Sreenivasaiah, Pradeep Kumar; Kim, Do Han

    2010-01-01

    Dynamic and rapidly evolving nature of systems driven research imposes special requirements on the technology, approach, design and architecture of computational infrastructure including database and Web application. Several solutions have been proposed to meet the expectations and novel methods have been developed to address the persisting problems of data integration. It is important for researchers to understand different technologies and approaches. Having familiarized with the pros and cons of the existing technologies, researchers can exploit its capabilities to the maximum potential for integrating data. In this review we discuss the architecture, design and key technologies underlying some of the prominent databases and Web applications. We will mention their roles in integration of biological data and investigate some of the emerging design concepts and computational technologies that are likely to have a key role in the future of systems driven biomedical research. PMID:21423387

  9. Semantic Web applications and tools for the life sciences: SWAT4LS 2010.

    PubMed

    Burger, Albert; Paschke, Adrian; Romano, Paolo; Marshall, M Scott; Splendiani, Andrea

    2012-01-01

    As Semantic Web technologies mature and new releases of key elements, such as SPARQL 1.1 and OWL 2.0, become available, the Life Sciences continue to push the boundaries of these technologies with ever more sophisticated tools and applications. Unsurprisingly, therefore, interest in the SWAT4LS (Semantic Web Applications and Tools for the Life Sciences) activities have remained high, as was evident during the third international SWAT4LS workshop held in Berlin in December 2010. Contributors to this workshop were invited to submit extended versions of their papers, the best of which are now made available in the special supplement of BMC Bioinformatics. The papers reflect the wide range of work in this area, covering the storage and querying of Life Sciences data in RDF triple stores, tools for the development of biomedical ontologies and the semantics-based integration of Life Sciences as well as clinicial data. PMID:22373274

  10. Semantic Web Applications and Tools for the Life Sciences: SWAT4LS 2010

    PubMed Central

    2012-01-01

    As Semantic Web technologies mature and new releases of key elements, such as SPARQL 1.1 and OWL 2.0, become available, the Life Sciences continue to push the boundaries of these technologies with ever more sophisticated tools and applications. Unsurprisingly, therefore, interest in the SWAT4LS (Semantic Web Applications and Tools for the Life Sciences) activities have remained high, as was evident during the third international SWAT4LS workshop held in Berlin in December 2010. Contributors to this workshop were invited to submit extended versions of their papers, the best of which are now made available in the special supplement of BMC Bioinformatics. The papers reflect the wide range of work in this area, covering the storage and querying of Life Sciences data in RDF triple stores, tools for the development of biomedical ontologies and the semantics-based integration of Life Sciences as well as clinicial data. PMID:22373274

  11. A Family Affair: Building a web application for the visual exploration of the geographies of Scottish family histories. 

    E-print Network

    Loughlin, Michael

    2013-11-28

    and heraldry. A single-page web application was implemented using Angular.js, with D3.js used to produce an interactive geographical visualisation using web standard technologies. Results indicate that the application provides a strong technical base upon which...

  12. Designing web services in health information systems: from process to application level.

    PubMed

    Mykkänen, Juha; Riekkinen, Annamari; Sormunen, Marko; Karhunen, Harri; Laitinen, Pertti

    2007-01-01

    Service-oriented architectures (SOAs) and web service technologies have been proposed to respond to some central interoperability challenges of heterogeneous health information systems (HIS). We propose a model which we are using to define services and solutions for healthcare applications from the requirements in the healthcare processes. Focusing on the transition from the process level of the model to the application level, we also present some central design considerations, which can be used to guide the design of service-based interoperability. We illustrate these aspects with examples from our current work from the service-enabled HIS. PMID:17118700

  13. Applications of Photonuclear Physics for International Safeguards and Security

    SciTech Connect

    Johnson, M S; Hall, J M; McNabb, D P; McFarland, J; Norman, E; Bertozzi, W; Korbly, S; Ledoux, R; Park, W

    2010-04-16

    Studies of nuclear resonance fluorescence based applications are presented. Important for these applications are data for isotopes such as {sup 239}Pu. Nuclear resonance fluorescence measurements of {sup 239}Pu were performed at the free electron laser facility at UC Santa Barbara using photons from a bremsstrahlung beam with an endpoint energies between 4.0 MeV and 5.5 MeV. Though no discrete states with significant confidence level were measured, we have excluded the region above 27(3) eV-barns, or 4-sigma, where we would expect only a small chance of false positives. Details of the measurements and the results are presented here.

  14. "Glitch Logic" and Applications to Computing and Information Security

    NASA Technical Reports Server (NTRS)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  15. REAL-TIME ENVIRONMENTAL MONITORING: APPLICATIONS FOR HOMELAND SECURITY

    EPA Science Inventory

    Real-time monitoring technology developed as part of the EMPACT program has a variety of potential applications. These tools can measure a variety of potential contaminants in the air, water, in buildings, or in the soil. Real-time monitoring technology allows these detection sys...

  16. Security surveillance challenges and proven thermal imaging capabilities in real-world applications

    NASA Astrophysics Data System (ADS)

    Francisco, Glen L.; Roberts, Sharon

    2004-09-01

    Uncooled thermal imaging was first introduced to the public in early 1980's by Raytheon (legacy Texas Instruments Defense Segment Electronics Group) as a solution for military applications. Since the introduction of this technology, Raytheon has remained the leader in this market as well as introduced commercial versions of thermal imaging products specifically designed for security, law enforcement, fire fighting, automotive and industrial uses. Today, low cost thermal imaging for commercial use in security applications is a reality. Organizations of all types have begun to understand the advantages of using thermal imaging as a means to solve common surveillance problems where other popular technologies fall short. Thermal imaging has proven to be a successful solution for common security needs such as: ¸ vision at night where lighting is undesired and 24x7 surveillance is needed ¸ surveillance over waterways, lakes and ports where water and lighting options are impractical ¸ surveillance through challenging weather conditions where other technologies will be challenged by atmospheric particulates ¸ low maintenance requirements due to remote or difficult locations ¸ low cost over life of product Thermal imaging is now a common addition to the integrated security package. Companies are relying on thermal imaging for specific applications where no other technology can perform.

  17. Keeping the Web in Web 2.0 An HCI Approach to Designing Web

    E-print Network

    Cortes, Corinna

    Keeping the Web in Web 2.0 An HCI Approach to Designing Web Applications CHI 2007 Course Notes.....................................................................................................................................1 1. Web Application UI versus Desktop Application UI..............................................................................................................................2 3. Examples of State Management in Web Applications

  18. Web-Enabled Systems for Student Access.

    ERIC Educational Resources Information Center

    Harris, Chad S.; Herring, Tom

    1999-01-01

    California State University, Fullerton is developing a suite of server-based, Web-enabled applications that distribute the functionality of its student information system software to external customers without modifying the mainframe applications or databases. The cost-effective, secure, and rapidly deployable business solution involves using the…

  19. Using the STOQS Web Application for Access to in situ Oceanographic Data

    NASA Astrophysics Data System (ADS)

    McCann, M. P.

    2012-12-01

    Using the STOQS Web Application for Access to in situ Oceanographic Data Mike McCann 7 August 2012 With increasing measurement and sampling capabilities of autonomous oceanographic platforms (e.g. Gliders, Autonomous Underwater Vehicles, Wavegliders), the need to efficiently access and visualize the data they collect is growing. The Monterey Bay Aquarium Research Institute has designed and built the Spatial Temporal Oceanographic Query System (STOQS) specifically to address this issue. The need for STOQS arises from inefficiencies discovered from using CF-NetCDF point observation conventions for these data. The problem is that access efficiency decreases with decreasing dimension of CF-NetCDF data. For example, the Trajectory Common Data Model feature type has only one coordinate dimension, usually Time - positions of the trajectory (Depth, Latitude, Longitude) are stored as non-indexed record variables within the NetCDF file. If client software needs to access data between two depth values or from a bounded geographic area, then the whole data set must be read and the selection made within the client software. This is very inefficient. What is needed is a way to easily select data of interest from an archive given any number of spatial, temporal, or other constraints. Geospatial relational database technology provides this capability. The full STOQS application consists of a Postgres/PostGIS database, Mapserver, and Python-Django running on a server and Web 2.0 technology (jQuery, OpenLayers, Twitter Bootstrap) running in a modern web browser. The web application provides faceted search capabilities allowing a user to quickly drill into the data of interest. Data selection can be constrained by spatial, temporal, and depth selections as well as by parameter value and platform name. The web application layer also provides a REST (Representational State Transfer) Application Programming Interface allowing tools such as the Matlab stoqstoolbox to retrieve data directly from the database. STOQS is an open source software project built upon a framework of free and open source software and is available for anyone to use for making their data more accessible and usable. For more information please see: http://code.google.com/p/stoqs/.; In the above screen grab a user has selected the "mass_concentrtion_of_chlorophyll_in_sea_water" parameter and a time depth range that includes three weeks of AUV missions of just the upper 5 meters.

  20. Applications of nuclear techniques relevant for civil security

    NASA Astrophysics Data System (ADS)

    Valkovi, Vlado

    2006-05-01

    The list of materials which are subject to inspection with the aim of reducing the acts of terrorism includes explosives, narcotics, chemical weapons, hazardous chemicals and radioactive materials. To this we should add also illicit trafficking with human beings. The risk of nuclear terrorism carried out by sub-national groups is considered not only in construction and/or use of nuclear device, but also in possible radioactive contamination of large urban areas. Modern personnel, parcel, vehicle and cargo inspection systems are non-invasive imaging techniques based on the use of nuclear analytical techniques. The inspection systems use penetrating radiations: hard x-rays (300 keV or more) or gamma-rays from radioactive sources (137Cs and 60Co with energies from 600 to 1300 keV) that produce a high resolution radiograph of the load. Unfortunately, this information is ''non-specific'' in that it gives no information on the nature of objects that do not match the travel documents and are not recognized by a visual analysis of the radiographic picture. Moreover, there are regions of the container where x and gamma-ray systems are ''blind'' due to the high average atomic number of the objects irradiated that appear as black spots in the radiographic image. Contrary to that is the use of neutrons; as results of the bombardment, nuclear reactions occur and a variety of nuclear particles, gamma and x-ray radiation is emitted, specific for each element in the bombarded material. The problem of material (explosive, drugs, chemicals, etc.) identification can be reduced to the problem of measuring elemental concentrations. Neutron scanning technology offers capabilities far beyond those of conventional inspection systems. The unique automatic, material specific detection of terrorist threats can significantly increase the security at ports, border-crossing stations, airports, and even within the domestic transportation infrastructure of potential urban targets as well as protecting armed forces and infrastructure.