Science.gov

Sample records for access control security

  1. CAS. Controlled Access Security

    SciTech Connect

    Martinez, B.; Pomeroy, G.

    1989-12-01

    The Security Alarm System is a data acquisition and control system which collects data from intrusion sensors and displays the information in a real-time environment for operators. The Access Control System monitors and controls the movement of personnel with the use of card readers and biometrics hand readers.

  2. 33 CFR 106.260 - Security measures for access control.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.260 Security measures for access control. (a)...

  3. 33 CFR 106.260 - Security measures for access control.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.260 Security measures for access control. (a)...

  4. 33 CFR 106.260 - Security measures for access control.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.260 Security measures for access control. (a)...

  5. Modeling mandatory access control in role-based security systems

    SciTech Connect

    Nyanchama, M.; Osborn, S.

    1996-12-31

    This paper discusses the realization of mandatory access control in role-based protection systems. Starting from the basic definitions of roles, their application in security and the basics of the concept of mandatory access control, we develop a scheme of role-based protection that realizes mandatory access control. The basis of this formulation develops from the recognition that roles can be seen as facilitating access to some given information context. By handling each of the role contexts as independent security levels of information, we simulate mandatory access by imposing the requirements of mandatory access control. Among the key considerations, we propose a means of taming Trojan horses by imposing acyclic information flow among contexts in role-based protection systems. The acyclic information flows and suitable access rules incorporate secrecy which is an essential component of mandatory access control.

  6. 33 CFR 104.265 - Security measures for access control.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Security measures for access... security measures to: (1) Deter the unauthorized introduction of dangerous substances and...

  7. 33 CFR 104.265 - Security measures for access control.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Security measures for access... security measures to: (1) Deter the unauthorized introduction of dangerous substances and...

  8. 33 CFR 104.265 - Security measures for access control.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Security measures for access... security measures to: (1) Deter the unauthorized introduction of dangerous substances and...

  9. 33 CFR 105.255 - Security measures for access control.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.255 Security... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Security measures for access... security measures to: (1) Deter the unauthorized introduction of dangerous substances and...

  10. Secure Dynamic access control scheme of PHR in cloud computing.

    PubMed

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  11. 76 FR 67019 - Tenth Meeting: RTCA Special Committee 224, Airport Security Access Control

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-10-28

    ... Federal Aviation Administration Tenth Meeting: RTCA Special Committee 224, Airport Security Access Control... RTCA Special Committee 224, Airport Security Access Control. SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224, Airport Security Access Control. DATES:...

  12. Hand geometry biometric device for secure access control

    SciTech Connect

    Colbert, C.; Moles, D.R. )

    1991-01-01

    This paper reports that the authors developed for the Air Force the Mark VI Personal Identity Verifier (PIV) for controlling access to a fixed or mobile ICBM site, a computer terminal, or mainframe. The Mark VI records the digitized silhouettes of four fingers of each hand on an AT and T smart card. Like fingerprints, finger shapes, lengths, and widths constitute an unguessable biometric password. A Security Officer enrolls an authorized person who places each hand, in turn, on a backlighted panel. An overhead scanning camera records the right and left hand reference templates on the smart card. The Security Officer adds to the card: name, personal identification number (PIN), and access restrictions such as permitted days of the week, times of day, and doors. To gain access, cardowner inserts card into a reader slot and places either hand on the panel. Resulting access template is matched to the reference template by three sameness algorithms. The final match score is an average of 12 scores (each of the four fingers, matched for shape, length, and width), expressing the degree of sameness. (A perfect match would score 100.00.) The final match score is compared to a predetermined score (threshold), generating an accept or reject decision.

  13. 78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-05-24

    ...: RTCA Special Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation... 224, Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access...

  14. 75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-12-23

    ... Federal Aviation Administration Third Meeting: RTCA Special Committee 224: Airport Security Access Control... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access...

  15. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-07-22

    ... Federal Aviation Administration Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held on June 20,...

  16. 76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-09-26

    ... TRANSPORTATION Federal Aviation Administration Ninth Meeting: RTCA Special Committee 224: Airport Security Access... Committee 224 meeting: Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access Control...

  17. 77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-10-23

    ... Federal Aviation Administration Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held November 15,...

  18. 78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-03-18

    ... Federal Aviation Administration Twentieth Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 4, 2013 from...

  19. 77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-03-15

    ... Federal Aviation Administration Twelfth Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Notice of meeting RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... 224, Airport Security Access Control Systems DATES: The meeting will be held April 5, 2012, from 10...

  20. 78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-04-12

    ... Federal Aviation Administration Twenty First Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 9-10,...

  1. 77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-11-30

    ... Federal Aviation Administration Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held December 13,...

  2. 77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-09-11

    ... Federal Aviation Administration Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held September 27-28,...

  3. 77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-01-17

    ... Federal Aviation Administration Eleventh Meeting: RTCA Special Committee 224, Airport Security Access...). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY: The FAA..., Airport Security Access Control Systems. DATES: The meeting will be held February 9, 2012, from 10...

  4. 76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-03-23

    ... Federal Aviation Administration Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access...

  5. 76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-02-18

    ... Federal Aviation Administration Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access...

  6. 33 CFR 105.255 - Security measures for access control.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ...) All persons seeking unescorted access to secure areas must present their TWIC for inspection before being allowed unescorted access, in accordance with § 101.514 of this subchapter. Inspection must... screening or inspection; and (ii) Failure to consent or submit to screening or inspection will result...

  7. 76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-08-16

    ... TRANSPORTATION Federal Aviation Administration Eighth Meeting: RTCA Special Committee 224: Airport Security... Committee 224 meeting: Airport Security Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport Security Access Control...

  8. 77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-04-30

    ... TRANSPORTATION Federal Aviation Administration Thirteenth Meeting: RTCA Special Committee 224, Airport Security... (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held May 30, 2012, from...

  9. 36 CFR 1256.70 - What controls access to national security-classified information?

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public...

  10. 36 CFR 1256.70 - What controls access to national security-classified information?

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public...

  11. 36 CFR 1256.70 - What controls access to national security-classified information?

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public...

  12. 78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-02-04

    ... Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held February 21,...

  13. 33 CFR 105.255 - Security measures for access control.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... each MARSEC Level, including those points where TWIC access control provisions will be applied. Each... escorting them; (4) Procedures for identifying authorized and unauthorized persons at any MARSEC level; and... access controls, particularly if they are to be applied on a random or occasional basis. (f) MARSEC...

  14. Secure Remote Access Issues in a Control Center Environment

    NASA Technical Reports Server (NTRS)

    Pitts, Lee; McNair, Ann R. (Technical Monitor)

    2002-01-01

    The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

  15. 36 CFR 1256.70 - What controls access to national security-classified information?

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true What controls access to national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... controls access to national security-classified information? (a) The declassification of and public...

  16. 75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-10-06

    ... meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this... Control Systems (Update to DO-230B): November 2, 2010 Welcome/Introductions/Administrative Remarks Agenda... Federal Aviation Administration First Meeting: RTCA Special Committee 224: Airport Security Access...

  17. 78 FR 51810 - Twenty-Fourth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-21

    ... Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control... RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held on... TRANSPORTATION Federal Aviation Administration Twenty-Fourth Meeting: RTCA Special Committee 224,...

  18. 36 CFR 1256.70 - What controls access to national security-classified information?

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 36 Parks, Forests, and Public Property 3 2010-07-01 2010-07-01 false What controls access to national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70...

  19. 75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-11-24

    ... Federal Aviation Administration Second Meeting: RTCA Special Committee 224: Airport Security Access... Committee 224 meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport...

  20. 76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-21

    ... Federal Aviation Administration Fourth Meeting: RTCA Special Committee 224: Airport Security Access... Committee 224 Meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport...

  1. 76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-07-01

    ... Federal Aviation Administration Seventh Meeting: RTCA Special Committee 224: Airport Security Access... Committee 224 meeting: Airport Security Access Control Systems (Update to DO-230B). SUMMARY: The FAA is issuing this notice to advise the public of a meeting of RTCA Special Committee 224: Airport...

  2. A threat intelligence framework for access control security in the oil industry

    NASA Astrophysics Data System (ADS)

    Alaskandrani, Faisal T.

    The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

  3. Security analysis and improvements of authentication and access control in the Internet of Things.

    PubMed

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-08-13

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

  4. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

    PubMed Central

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-01-01

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

  5. Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

    PubMed Central

    Liu, Changyu; Li, Huiling

    2014-01-01

    We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches. PMID:25147840

  6. EPICS: Channel Access security design

    SciTech Connect

    Kraimer, M.; Hill, J.

    1994-05-01

    This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer`s interface is given. Security protocol is described and finally aids for reading the access security code are provided.

  7. Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Tsaur, Woei-Jiunn; Pai, Haw-Tyng

    2008-11-01

    The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

  8. Computer access security code system

    NASA Technical Reports Server (NTRS)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  9. An effective and secure key-management scheme for hierarchical access control in E-medicine system.

    PubMed

    Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

    2013-04-01

    Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

  10. Wireless digital-ultrasonic sensors for proximity ID, access control, firearm control, and C3I in homeland security and law enforcement applications

    NASA Astrophysics Data System (ADS)

    Forcier, Bob

    2003-09-01

    This paper describes a new patent-pending digital-ultrasonic sensor network technology, which provides a "security protection sphere" around the authorized user(s) and the infrastructure system or system(s) to achieve C3I in Homeland Security and Law Enforcement Applications. If the system device, such as a firearm, a secure computer, PDA, or vehicle is misplaced, stolen or removed from the security protective sphere, an alarm is activated. A digital-ultrasonic sensor/tag utilizes the system"s physical structure to form a 2 to 20 Meter programmable protection sphere around the device and the authorized user. In addition, the system allows only authorized users to utilize the system, thereby creating personalized weapons, secure vehicle access or secure computer hardware. If an unauthorized individual accesses the system device, the system becomes inoperative and an alarm is activated. As the command and control, the authorized individual is provided a secure wristwatch/PDA. Access control is provided by "touch" and is controlled through the wristwatch/PDA/smartcard with a unique digital-ultrasonic coding and matching protocol that provides a very high level of security for each wireless sensor.

  11. Central venous Access device SeCurement And Dressing Effectiveness (CASCADE) in paediatrics: protocol for pilot randomised controlled trials

    PubMed Central

    Gibson, Victoria; Long, Debbie A; Williams, Tara; Hallahan, Andrew; Mihala, Gabor; Cooke, Marie; Rickard, Claire M

    2016-01-01

    Introduction Paediatric central venous access devices (CVADs) are associated with a 25% incidence of failure. Securement and dressing are strategies used to reduce failure and complication; however, innovative technologies have not been evaluated for their effectiveness across device types. The primary aim of this research is to evaluate the feasibility of launching a full-scale randomised controlled efficacy trial across three CVAD types regarding CVAD securement and dressing, using predefined feasibility criteria. Methods and analysis Three feasibility randomised, controlled trials are to be undertaken at the Royal Children's Hospital and the Lady Cilento Children's Hospital, Brisbane, Australia. CVAD securement and dressing interventions under examination compare current practice with sutureless securement devices, integrated securement dressings and tissue adhesive. In total, 328 paediatric patients requiring a peripherally inserted central catheter (n=100); non-tunnelled CVAD (n=180) and tunnelled CVAD (n=48) to be inserted will be recruited and randomly allocated to CVAD securement and dressing products. Primary outcomes will be study feasibility measured by eligibility, recruitment, retention, attrition, missing data, parent/staff satisfaction and effect size. CVAD failure and complication (catheter-associated bloodstream infection, local infection, venous thrombosis, occlusion, dislodgement and breakage) will be compared between groups. Ethics and dissemination Ethical approval to conduct the research has been obtained. All dissemination will be undertaken using the CONSORT Statement recommendations. Additionally, the results will be sent to the relevant organisations which lead CVAD focused clinical practice guidelines development. Trial registration numbers ACTRN12614001327673; ACTRN12615000977572; ACTRN12614000280606. PMID:27259529

  12. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    NASA Astrophysics Data System (ADS)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  13. Privacy, security and access with sensitive health information.

    PubMed

    Croll, Peter

    2010-01-01

    This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

  14. The choice of disease control strategies to secure international market access for aquaculture products.

    PubMed

    Chinabut, S; Puttinaowarat, S

    2005-01-01

    Since production from capture fisheries cannot meet the demands of exports, aquaculture has subsequently played a major role in securing the raw materials for the world's food industries. Aquaculture has rapidly developed from extensive systems to semi-intensive, intensive and super-intensive systems. This has introduced the use of chemicals and drugs into the systems, which cause residual problems in the products. In the developed world, food safety has become a major issue of concern. The world market now demands healthy aquaculture products from farm to table. To achieve these requirements and to keep their markets, countries involved in aquaculture have implemented control measures such as farm licensing, code of conduct for sustainable aquaculture, hazard analysis and critical control point (HACCP) and good aquaculture practice. However, infectious diseases in aquaculture are of major concern to the industry and are typically controlled by eradication of the pathogen, treatment with antibiotic or chemotherapeutics, and/or by preventative measures such as the use of probiotics or vaccines. To limit the use of chemicals and antibiotics, good farm management is highly recommended. In terms of treatment, chemicals and antibiotics should be evaluated to establish recommended doses and withdrawal periods, otherwise alternative treatments should be developed. Environmentally-friendly probiotics have been introduced to aquaculture practice in the last decade to replace pathogenic bacteria with beneficial bacteria transient in the gut. Micro-organisms have also been prepared for the purpose of biocontrol and bioremediation. The application of probiotic, biocontrol and bioremediation seem promising; however considerable efforts of further research in terms of food and environmental safety are needed. Vaccination has proved highly effective in controlling diseases in the salmon industry mainly in Europe, America and Japan. In other Asian countries, this practice seem to

  15. Securing America's access to space

    SciTech Connect

    Rendine, M.; Wood, L.

    1990-05-23

    We review pertinent aspects of the history of the space launch capabilities of the United States and survey its present status and near-term outlook. Steps which must be taken, pitfalls which much be avoided, and a core set of National options for re-acquiring in the near term the capability to access the space environment with large payloads are discussed. We devote considerable attention to the prospect of creating an interim heavy-lift space launch vehicle of at least 100,000 pound payload-orbiting capacity to serve National needs during the next dozen years, suggesting that such a capability can be demonstrated within 5 years for less than $1 B. Such capability will apparently be essential for meeting the first-phase goals of the President's Space Exploration Initiative. Some other high-leverage aspects of securing American access to space are also noted briefly, emphasizing unconventional technological approaches of presently high promise.

  16. A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

    PubMed

    Gope, Prosanta; Amin, Ruhul

    2016-11-01

    Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

  17. Mobile access control vestibule

    NASA Astrophysics Data System (ADS)

    DePoy, Jennifer M.

    1998-12-01

    The mobile access control vestibule (MACV) is an adaptation of techniques developed for mobile military command centers. The overall configuration of modules acts as an entry control/screening facility or transportable command center. The system would provide the following capabilities: (1) A key element for force protection, rapid deployment units sent to areas having no prepositioned equipment or where there has been a degradation of that equipment as a result of natural disasters or civil unrest. (2) A rapidly deployable security control center to upgrade the security at nonmilitary sites (e.g., diplomatic or humanitarian organizations). (3) Personnel screening, package screening, badge/identification card production for authorized personnel, centralized monitoring of deployed perimeter sensors, and centralized communications for law enforcement personnel. (4) Self-contained screening and threat detection systems, including explosives detection using the system developed by Sandia National Laboratories for the FAA. When coupled with transportable electric generators, the system is self-sufficient. The communication system for the MACV would be a combination of physically wired and wireless communication units that supports by ad hoc networking.

  18. Reflective Database Access Control

    ERIC Educational Resources Information Center

    Olson, Lars E.

    2009-01-01

    "Reflective Database Access Control" (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege contained in an access control list. RDBAC aids the management of database access controls by improving the expressiveness of policies. However, such policies introduce new interactions…

  19. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Access to matter classified as National Security... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data....

  20. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Access to matter classified as National Security... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data....

  1. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Access to matter classified as National Security... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data....

  2. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Access to matter classified as National Security... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data....

  3. Apparatus and method supporting wireless access to multiple security layers in an industrial control and automation system or other system

    SciTech Connect

    Chen, Yu-Gene T.

    2013-04-16

    A method includes receiving a message at a first wireless node. The first wireless node is associated with a first wired network, and the first wired network is associated with a first security layer. The method also includes transmitting the message over the first wired network when at least one destination of the message is located in the first security layer. The method further includes wirelessly transmitting the message for delivery to a second wireless node when at least one destination of the message is located in a second security layer. The second wireless node is associated with a second wired network, and the second wired network is associated with the second security layer. The first and second security layers may be associated with different security paradigms and/or different security domains. Also, the message could be associated with destinations in the first and second security layers.

  4. A voice password system for access security

    SciTech Connect

    Birnbaum, M.; Cohen, L.A.; Welsh, F.X.

    1986-09-01

    A voice password system for access security using speaker verification technology has been designed for use over dial-up telephone lines. The voice password system (VPS) can provide secure access to telephone networks, computers, rooms, and buildings. It also has application in office automation systems, electric funds transfer, and ''smart cards'' (interactive computers embedded in credit-card-sized packages). As increasing attention is focused on access security in the public, private, and government sectors, the voice password system can provide a timely solution to the security dilemma. The VPS uses modes of communication available to almost everyone (the human voice and the telephone). A user calls the VPS, enters his or her identification number (ID) by touch-tone telephone, and then speaks a password. This is usually a phrase or a sentence of about seven syllables. On initial calls, the VPS creates a model of the user's voice, called a reference template, and labels it with the caller's unique user ID. To gain access later, the user calls the system, enters the proper user ID, and speaks the password phrase. The VPS compares the user's stored reference template with the spoken password and produces a distance score.

  5. 49 CFR 1542.207 - Access control systems.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Access control systems. 1542.207 Section 1542.207 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access...

  6. 49 CFR 1542.207 - Access control systems.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Access control systems. 1542.207 Section 1542.207 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access...

  7. 49 CFR 1542.207 - Access control systems.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Access control systems. 1542.207 Section 1542.207 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access...

  8. 49 CFR 1542.207 - Access control systems.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Access control systems. 1542.207 Section 1542.207 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access...

  9. 49 CFR 1542.207 - Access control systems.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 9 2013-10-01 2013-10-01 false Access control systems. 1542.207 Section 1542.207 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access...

  10. ACCESS Pointing Control System

    NASA Technical Reports Server (NTRS)

    Brugarolas, Paul; Alexander, James; Trauger, John; Moody, Dwight; Egerman, Robert; Vallone, Phillip; Elias, Jason; Hejal, Reem; Camelo, Vanessa; Bronowicki, Allen; O'Connor, David; Partrick, Richard; Orzechowski, Pawel; Spitter, Connie; Lillie, Chuck

    2010-01-01

    ACCESS (Actively-Corrected Coronograph for Exoplanet System Studies) was one of four medium-class exoplanet concepts selected for the NASA Astrophysics Strategic Mission Concept Study (ASMCS) program in 2008/2009. The ACCESS study evaluated four major coronograph concepts under a common space observatory. This paper describes the high precision pointing control system (PCS) baselined for this observatory.

  11. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Access to matter classified as National Security Information and Restricted Data. 95.35 Section 95.35 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter...

  12. Network Access Control List Situation Awareness

    ERIC Educational Resources Information Center

    Reifers, Andrew

    2010-01-01

    Network security is a large and complex problem being addressed by multiple communities. Nevertheless, current theories in networking security appear to overestimate network administrators' ability to understand network access control lists (NACLs), providing few context specific user analyses. Consequently, the current research generally seems to…

  13. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security facility... Restricted Data at any location in connection with its permit shall promptly request a DOE security facility... proposed security procedures and controls for the protection of Restricted Data, including a floor plan...

  14. LANSCE personnel access control system

    SciTech Connect

    Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

    1997-01-01

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described.

  15. Efficient Access Control in Multimedia Social Networks

    NASA Astrophysics Data System (ADS)

    Sachan, Amit; Emmanuel, Sabu

    Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

  16. Secure network for beamline control

    NASA Astrophysics Data System (ADS)

    Ohata, T.; Fukui, T.; Ishii, M.; Furukawa, Y.; Nakatani, T.; Matsushita, T.; Takeuchi, M.; Tanaka, R.; Ishikawa, T.

    2001-07-01

    In SPring-8, beamline control system is constructed with a highly available distributed network system. The socket based communication protocol is used for the beamline control mainly. Beamline users can control the equipment by sending simple control commands to a server process, which is running on a beamline-managing computer (Ohata et al., SPring-8 beamline control system, ICALEPCS'99, Trieste, Italy, 1999). At the beginning the network was based on the shared topology at all beamlines. Consequently, it has a risk for misapplication of the user's program to access different machines on the network system cross over beamlines. It is serious problem for the SPring-8 beamline control system, because all beamlines controlled with unified software interfaces. We introduced the switching technology and the firewalls to support network access control. Also the virtual networking (VLAN: IEEE 802.1Q) and the gigabit Ethernet technology (IEEE 802.3ab) are introduced. Thus the network security and the reliability are guaranteed at the higher level in SPring-8 beamline.

  17. 14 CFR 1203a.103 - Access to security areas.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees,...

  18. 14 CFR 1203a.103 - Access to security areas.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 14 Aeronautics and Space 5 2013-01-01 2013-01-01 false Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees,...

  19. 14 CFR § 1203a.103 - Access to security areas.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 14 Aeronautics and Space 5 2014-01-01 2014-01-01 false Access to security areas. § 1203a.103 Section § 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor...

  20. 14 CFR 1203a.103 - Access to security areas.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees,...

  1. 14 CFR 1203a.103 - Access to security areas.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 14 Aeronautics and Space 5 2012-01-01 2012-01-01 false Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees,...

  2. Integration of EGA secure data access into Galaxy

    PubMed Central

    Hoogstrate, Youri; Zhang, Chao; Senf, Alexander; Bijlard, Jochem; Hiltemann, Saskia; van Enckevort, David; Repo, Susanna; Heringa, Jaap; Jenster, Guido; J.A. Fijneman, Remond; Boiten, Jan-Willem; A. Meijer, Gerrit; Stubbs, Andrew; Rambla, Jordi; Spalding, Dylan; Abeln, Sanne

    2016-01-01

    High-throughput molecular profiling techniques are routinely generating vast amounts of data for translational medicine studies. Secure access controlled systems are needed to manage, store, transfer and distribute these data due to its personally identifiable nature. The European Genome-phenome Archive (EGA) was created to facilitate access and management to long-term archival of bio-molecular data. Each data provider is responsible for ensuring a Data Access Committee is in place to grant access to data stored in the EGA. Moreover, the transfer of data during upload and download is encrypted. ELIXIR, a European research infrastructure for life-science data, initiated a project (2016 Human Data Implementation Study) to understand and document the ELIXIR requirements for secure management of controlled-access data. As part of this project, a full ecosystem was designed to connect archived raw experimental molecular profiling data with interpreted data and the computational workflows, using the CTMM Translational Research IT (CTMM-TraIT) infrastructure http://www.ctmm-trait.nl as an example. Here we present the first outcomes of this project, a framework to enable the download of EGA data to a Galaxy server in a secure way. Galaxy provides an intuitive user interface for molecular biologists and bioinformaticians to run and design data analysis workflows. More specifically, we developed a tool -- ega_download_streamer - that can download data securely from EGA into a Galaxy server, which can subsequently be further processed. This tool will allow a user within the browser to run an entire analysis containing sensitive data from EGA, and to make this analysis available for other researchers in a reproducible manner, as shown with a proof of concept study.  The tool ega_download_streamer is available in the Galaxy tool shed: https://toolshed.g2.bx.psu.edu/view/yhoogstrate/ega_download_streamer. PMID:28232859

  3. Integration of EGA secure data access into Galaxy.

    PubMed

    Hoogstrate, Youri; Zhang, Chao; Senf, Alexander; Bijlard, Jochem; Hiltemann, Saskia; van Enckevort, David; Repo, Susanna; Heringa, Jaap; Jenster, Guido; J A Fijneman, Remond; Boiten, Jan-Willem; A Meijer, Gerrit; Stubbs, Andrew; Rambla, Jordi; Spalding, Dylan; Abeln, Sanne

    2016-01-01

    High-throughput molecular profiling techniques are routinely generating vast amounts of data for translational medicine studies. Secure access controlled systems are needed to manage, store, transfer and distribute these data due to its personally identifiable nature. The European Genome-phenome Archive (EGA) was created to facilitate access and management to long-term archival of bio-molecular data. Each data provider is responsible for ensuring a Data Access Committee is in place to grant access to data stored in the EGA. Moreover, the transfer of data during upload and download is encrypted. ELIXIR, a European research infrastructure for life-science data, initiated a project (2016 Human Data Implementation Study) to understand and document the ELIXIR requirements for secure management of controlled-access data. As part of this project, a full ecosystem was designed to connect archived raw experimental molecular profiling data with interpreted data and the computational workflows, using the CTMM Translational Research IT (CTMM-TraIT) infrastructure http://www.ctmm-trait.nl as an example. Here we present the first outcomes of this project, a framework to enable the download of EGA data to a Galaxy server in a secure way. Galaxy provides an intuitive user interface for molecular biologists and bioinformaticians to run and design data analysis workflows. More specifically, we developed a tool -- ega_download_streamer - that can download data securely from EGA into a Galaxy server, which can subsequently be further processed. This tool will allow a user within the browser to run an entire analysis containing sensitive data from EGA, and to make this analysis available for other researchers in a reproducible manner, as shown with a proof of concept study.  The tool ega_download_streamer is available in the Galaxy tool shed: https://toolshed.g2.bx.psu.edu/view/yhoogstrate/ega_download_streamer.

  4. Identity and Access Management and Security in Higher Education.

    ERIC Educational Resources Information Center

    Bruhn, Mark; Gettes, Michael; West, Ann

    2003-01-01

    Discusses the drivers for an identity management system (IdM), components of this system, and its role within a school security strategy, focusing on: basic access management; requirements for access management; middleware support for an access management system; IdM implementation considerations (e.g., access eligibilities, authentication…

  5. A service-oriented data access control model

    NASA Astrophysics Data System (ADS)

    Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

    2017-01-01

    The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

  6. Establishing a Secure Data Center with Remote Access: Preprint

    SciTech Connect

    Gonder, J.; Burton, E.; Murakami, E.

    2012-04-01

    Access to existing travel data is critical for many analysis efforts that lack the time or resources to support detailed data collection. High-resolution data sets provide particular value, but also present a challenge for preserving the anonymity of the original survey participants. To address this dilemma of providing data access while preserving privacy, the National Renewable Energy Laboratory and the U.S. Department of Transportation have launched the Transportation Secure Data Center (TSDC). TSDC data sets include those from regional travel surveys and studies that increasingly use global positioning system devices. Data provided by different collecting agencies varies with respect to formatting, elements included and level of processing conducted in support of the original purpose. The TSDC relies on a number of geospatial and other analysis tools to ensure data quality and to generate useful information outputs. TSDC users can access the processed data in two different ways. The first is by downloading summary results and second-by-second vehicle speed profiles (with latitude/longitude information removed) from a publicly-accessible website. The second method involves applying for a remote connection account to a controlled-access environment where spatial analysis can be conducted, but raw data cannot be removed.

  7. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 1 2014-01-01 2014-01-01 false Access to restricted data and national security... Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access to restricted data and national security...

  8. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 1 2013-01-01 2013-01-01 false Access to restricted data and national security... Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access to restricted data and national security...

  9. Access control and confidentiality in radiology

    NASA Astrophysics Data System (ADS)

    Noumeir, Rita; Chafik, Adil

    2005-04-01

    A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

  10. A Delicate Balance: National Security vs. Public Access

    DTIC Science & Technology

    2005-03-01

    AVAILABILITY STATEMENT Approved for Public Release; Distribution Unlimited 13. SUPPLEMENTARY NOTES: Published in Computers in Libraries , Vol.25 No. 3...security; in January 2004, is a how-to guide on gathering useful <, MARCH 2005 17 I COMPUTERS IN LIBRARIES feature: national security vs. public access

  11. The Battle to Secure Our Public Access Computers

    ERIC Educational Resources Information Center

    Sendze, Monique

    2006-01-01

    Securing public access workstations should be a significant part of any library's network and information-security strategy because of the sensitive information patrons enter on these workstations. As the IT manager for the Johnson County Library in Kansas City, Kan., this author is challenged to make sure that thousands of patrons get the access…

  12. A secure network access system for mobile IPv6

    NASA Astrophysics Data System (ADS)

    Zhang, Hong; Yuan, Man; He, Rui; Jiang, Luliang; Ma, Jian; Qian, Hualin

    2004-03-01

    With the fast development of Internet and wireless and mobile communication technology, the Mobile Internet Age is upcoming. For those providing Mobile Internet services, especially from the view of ISP (Internet Service Provider), current mobile IP protocol is insufficient. Since the Mobile IPv6 protocol will be popular in near future, how to provide a secure mobile IPv6 service is important. A secure mobile IPv6 network access system is highly needed for mobile IPv6 deployment. Current methods and systems are still inadequate, including EAP, PANA, 802.1X, RADIUS, Diameter, etc. In this paper, we describe main security goals for a secure mobile IPv6 access system, and propose a secure network access system to achieve them. This access system consists of access router, attendant and authentication servers. The access procedure is divided into three phases, which are initial phase, authentication and registration phase and termination phase. This system has many advantages, including layer two independent, flexible and extensible, no need to modify current IPv6 address autoconfiguration protocols, binding update optimization, etc. Finally, the security of the protocol in this system is analyzed and proved with Extended BAN logic method, and a brief introduction of system implementation is given.

  13. Bibliographic Access and Control System.

    ERIC Educational Resources Information Center

    Kelly, Betsy; And Others

    1982-01-01

    Presents a brief summary of the functions of the Bibliographic Access & Control System (BACS) implemented at the Washington University School of Medicine Library, and outlines the design, development, and uses of the system. Bibliographic control of books and serials and user access to the system are also discussed. (Author/JL)

  14. Security control methods for CEDR

    SciTech Connect

    Rotem, D.

    1990-09-01

    The purpose of this document is to summarize the findings of recent studies on the security problem in statistical databases and examine their applicability to the specific needs of CEDR. The document is organized as follows: In Section 2 we describe some general control methods which are available on most commercial database software. In Section 3 we provide a classification of statistical security methods. In Section 4 we analyze the type of users of CEDR and the security control methods which may be applied to each type. In Section 5 we summarize the findings of this study and recommend possible solutions.

  15. Assessing Controlled Access Protection

    DTIC Science & Technology

    2007-11-02

    extensive audit-processing capabilities in their products. For example, Prime Com- puter, Inc.’s Primos [24] and Unisys Corporation’s OS 1100 Security...SYSTEM INTEGRITY The System Integrity criterion, shown in Figure 5.2, is levied upon the hardware and firmware components of the TCB. "Integrity...Center, Ft. George G. Meade, MD, 23 July 1984. 61 BIBLIOGRAPHY [24] Final Evaluation Report, Prime Computer Corporation, Primos revision 21.0.1DODC2A

  16. Small accessible quantum information does not imply security.

    PubMed

    König, Robert; Renner, Renato; Bariska, Andor; Maurer, Ueli

    2007-04-06

    The security of quantum key distribution is typically defined in terms of the mutual information between the distributed key S and the outcome of an optimal measurement applied to the adversary's system. We show that even if this so-called accessible information is small, the key S might not be secure enough to be used in applications such as one-time pad encryption. This flaw is due to a locking property of the accessible information: one additional (physical) bit of information can increase the accessible information by more than one bit.

  17. Analysis of Access Control Policies in Operating Systems

    ERIC Educational Resources Information Center

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  18. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 1 2011-01-01 2011-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a)...

  19. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 1 2012-01-01 2012-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a)...

  20. Quantum secured gigabit optical access networks

    PubMed Central

    Fröhlich, Bernd; Dynes, James F.; Lucamarini, Marco; Sharpe, Andrew W.; Tam, Simon W.-B.; Yuan, Zhiliang; Shields, Andrew J.

    2015-01-01

    Optical access networks connect multiple endpoints to a common network node via shared fibre infrastructure. They will play a vital role to scale up the number of users in quantum key distribution (QKD) networks. However, the presence of power splitters in the commonly used passive network architecture makes successful transmission of weak quantum signals challenging. This is especially true if QKD and data signals are multiplexed in the passive network. The splitter introduces an imbalance between quantum signal and Raman noise, which can prevent the recovery of the quantum signal completely. Here we introduce a method to overcome this limitation and demonstrate coexistence of multi-user QKD and full power data traffic from a gigabit passive optical network (GPON) for the first time. The dual feeder implementation is compatible with standard GPON architectures and can support up to 128 users, highlighting that quantum protected GPON networks could be commonplace in the future. PMID:26656307

  1. Securing TCP/IP and Dial-up Access to Administrative Data.

    ERIC Educational Resources Information Center

    Conrad, L. Dean

    1992-01-01

    This article describes Arizona State University's solution to security risk inherent in general access systems such as TCP/IP (Transmission Control Protocol/INTERNET Protocol). Advantages and disadvantages of various options are compared, and the process of selecting a log-on authentication approach involving generation of a different password at…

  2. High-Performance Secure Database Access Technologies for HEP Grids

    SciTech Connect

    Matthew Vranicar; John Weicher

    2006-04-17

    The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the

  3. Secure Payload Access to the International Space Station

    NASA Technical Reports Server (NTRS)

    Pitts, R. Lee; Reid, Chris

    2002-01-01

    The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

  4. Web Security for Access of Private Information via the Internet

    PubMed Central

    Anderson, Lynn; Rauscher, Richard; Lee, H.

    2001-01-01

    Authentication, authorization, accounting, and encryption are goals of security strategies for web information being accessed that is private. The definition of these terms is as follows: • Authentication - validation that the individual (or system) is who they say they are • Authorization - validation that the individual (or system) accessing information is authorized to do so • Accounting - records are kept of what is accessed • Encryption - use of a ‘scrambling’ algorithm such that the information can pass securely across the public Internet without being intelligible; information is specifically ‘unscrambled’ or deencrypted at the receiving end Many tools can be used to meet these goals. The degree to which the goals are met is determined by how we use these tools. Methodologies similar to TSEC[1] and ITSEC[2] can be used to determine the appropriate level of protection for a particular web application. This poster describes a set of effective strategies for web application security and the level of protection each strategy provides.

  5. Authenticated IGMP for Controlling Access to Multicast Distribution Tree

    NASA Astrophysics Data System (ADS)

    Park, Chang-Seop; Kang, Hyun-Sun

    A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

  6. Secure wide area network access to CMS analysis data using the Lustre filesystem

    NASA Astrophysics Data System (ADS)

    Bourilkov, D.; Avery, P.; Cheng, M.; Fu, Y.; Kim, B.; Palencia, J.; Budden, R.; Benninger, K.; Rodriquez, J. L.; Dilascio, J.; Dykstra, D.; Seenu, N.

    2012-12-01

    This paper reports the design and implementation of a secure, wide area network (WAN), distributed filesystem by the ExTENCI project (Extending Science Through Enhanced National CyberInfrastructure), based on the Lustre filesystem. The system is used for remote access to analysis data from the Compact Muon Solenoid (CMS) experiment at the Large Hadron Collider (LHC), and from the Lattice Quantum ChromoDynamics (LQCD) project. Security is provided by Kerberos authentication and authorization with additional fine grained control based on Lustre ACLs (Access Control List) and quotas. We investigate the impact of using various Kerberos security flavors on the I/O rates of CMS applications on client nodes reading and writing data to the Lustre filesystem, and on LQCD benchmarks. The clients can be real or virtual nodes. We are investigating additional options for user authentication based on user certificates.

  7. An authentication scheme for secure access to healthcare services.

    PubMed

    Khan, Muhammad Khurram; Kumari, Saru

    2013-08-01

    Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

  8. IT Security Support for the Spaceport Command Control System Development

    NASA Technical Reports Server (NTRS)

    Varise, Brian

    2014-01-01

    My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

  9. Access Control of Web- and Java-Based Applications

    NASA Technical Reports Server (NTRS)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  10. Application-Defined Decentralized Access Control

    PubMed Central

    Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

    2014-01-01

    DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

  11. Efficient identity management and access control in cloud environment

    NASA Astrophysics Data System (ADS)

    Gloster, Jonathan

    2013-05-01

    As more enterprises are enticed to move data to a cloud environment to enhance data sharing and reduce operating costs by exploiting shared resources, concerns have risen over the ability to secure information within the cloud. This paper examines how a traditional Identity and Access Control (IDAM) architecture can be adapted to address security concerns of a cloud environment. We propose changing the paradigm of IDAM form a pure trust model to a risk based model will enable information to be protected securely in a cloud environment without impacting efficiencies of cloud environments.

  12. An efficient and secure attribute based signcryption scheme with LSSS access structure.

    PubMed

    Hong, Hanshu; Sun, Zhixin

    2016-01-01

    Attribute based encryption (ABE) and attribute based signature (ABS) provide flexible access control with authentication for data sharing between users, but realizing both functions will bring about too much computation burden. In this paper, we combine the advantages of CP-ABE with ABS and propose a ciphertext policy attribute based signcryption scheme. In our scheme, only legal receivers can decrypt the ciphertext and verify the signature signed by data owner. Furthermore, we use linear secret sharing scheme instead of tree structure to avoid the frequent calls of recursive algorithm. By security and performance analysis, we prove that our scheme is secure as well as gains higher efficiency.

  13. Implementing the Victory Access Control Framework in a Military Ground Vehicle

    DTIC Science & Technology

    2015-08-01

    Attribute Markup Language (SAML) and eXtensible Access Control Markup Language (XACML). These technologies are typically used for securing an...interfaces. REFERENCES [1] OASIS, “Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0”, OASIS Standard...Online]. Available: http://docs.oasis- open.org/security/saml/v2.0/saml-core-2.0-os.pdf March 2005. [2] OASIS, “eXtensible Access Control Markup

  14. 49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo: Security threat assessments for... transportation, dispatch or security of cargo for transport on a passenger aircraft or all-cargo aircraft,...

  15. 49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo: Security threat assessments for... transportation, dispatch or security of cargo for transport on a passenger aircraft or all-cargo aircraft,...

  16. 49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for... transportation, dispatch or security of cargo for transport on a passenger aircraft or all-cargo aircraft,...

  17. Logical Access Control Mechanisms in Computer Systems.

    ERIC Educational Resources Information Center

    Hsiao, David K.

    The subject of access control mechanisms in computer systems is concerned with effective means to protect the anonymity of private information on the one hand, and to regulate the access to shareable information on the other hand. Effective means for access control may be considered on three levels: memory, process and logical. This report is a…

  18. 75 FR 69791 - Risk Management Controls for Brokers or Dealers With Market Access

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-11-15

    ... CFR Part 240 Risk Management Controls for Brokers or Dealers With Market Access; Final Rule #0;#0... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... alternative trading system (``ATS''), including those providing sponsored or direct market access to...

  19. Access Control of Web and Java Based Applications

    NASA Technical Reports Server (NTRS)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  20. Survivability Using Controlled Security Services

    DTIC Science & Technology

    2005-06-01

    Internet newsgroups. It includes, among other things , project goals, problem statement, quad charts as well as other documents and publications...unreliable public networks, such as the global Internet . Communication security is based upon availability of timely, efficient and effective security...today’s deployed software. The intent is to deploy both IBE and mRSA/SAS on the global Internet . To this end, a “secure” web site is being built to

  1. Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2007-01-01

    This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

  2. Global Access-controlled Transfer e-frame (GATe)

    SciTech Connect

    2012-05-30

    Global Access-controlled Transfer e-frame (GATe) was designed to take advantage of the patterns that occur during an electronic record transfer process. The e-frame (or electronic framework or platform) is the foundation for developing secure information transfer to meet classified and unclassified business processes and is particularly useful when there is a need to share information with various entities in a controlled and secure environment. It can share, search, upload, download and retrieve sensitive information, as well as provides reporting capabilities.

  3. Context-aware access control for pervasive access to process-based healthcare systems.

    PubMed

    Koufi, Vassiliki; Vassilacopoulos, George

    2008-01-01

    Healthcare is an increasingly collaborative enterprise involving a broad range of healthcare services provided by many individuals and organizations. Grid technology has been widely recognized as a means for integrating disparate computing resources in the healthcare field. Moreover, Grid portal applications can be developed on a wireless and mobile infrastructure to execute healthcare processes which, in turn, can provide remote access to Grid database services. Such an environment provides ubiquitous and pervasive access to integrated healthcare services at the point of care, thus improving healthcare quality. In such environments, the ability to provide an effective access control mechanism that meets the requirement of the least privilege principle is essential. Adherence to the least privilege principle requires continuous adjustments of user permissions in order to adapt to the current situation. This paper presents a context-aware access control mechanism for HDGPortal, a Grid portal application which provides access to workflow-based healthcare processes using wireless Personal Digital Assistants. The proposed mechanism builds upon and enhances security mechanisms provided by the Grid Security Infrastructure. It provides tight, just-in-time permissions so that authorized users get access to specific objects according to the current context. These permissions are subject to continuous adjustments triggered by the changing context. Thus, the risk of compromising information integrity during task executions is reduced.

  4. Common Badging and Access Control System (CBACS)

    NASA Technical Reports Server (NTRS)

    Dischinger, Portia

    2005-01-01

    This slide presentation presents NASA's Common Badging and Access Control System. NASA began a Smart Card implementation in January 2004. Following site surveys, it was determined that NASA's badging and access control systems required upgrades to common infrastructure in order to provide flexibly, usability, and return on investment prior to a smart card implantation. Common Badging and Access Control System (CBACS) provides the common infrastructure from which FIPS-201 compliant processes, systems, and credentials can be developed and used.

  5. Access and control of information and intellectual property

    NASA Astrophysics Data System (ADS)

    Lang, Gerald S.

    1996-03-01

    This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

  6. Security of social network credentials for accessing course portal: Users' experience

    NASA Astrophysics Data System (ADS)

    Katuk, Norliza; Fong, Choo Sok; Chun, Koo Lee

    2015-12-01

    Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the within-subject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

  7. Control Systems Cyber Security Standards Support Activities

    SciTech Connect

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  8. 10 CFR 36.23 - Access control.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 1 2013-01-01 2013-01-01 false Access control. 36.23 Section 36.23 Energy NUCLEAR... activation of the control. (g) Each entrance to the radiation room of a panoramic irradiator and each... unauthorized entry when the personnel access barrier is locked. Activation of the intrusion alarm must alert...

  9. 10 CFR 36.23 - Access control.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 1 2011-01-01 2011-01-01 false Access control. 36.23 Section 36.23 Energy NUCLEAR... activation of the control. (g) Each entrance to the radiation room of a panoramic irradiator and each... unauthorized entry when the personnel access barrier is locked. Activation of the intrusion alarm must alert...

  10. 10 CFR 36.23 - Access control.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 1 2012-01-01 2012-01-01 false Access control. 36.23 Section 36.23 Energy NUCLEAR... activation of the control. (g) Each entrance to the radiation room of a panoramic irradiator and each... unauthorized entry when the personnel access barrier is locked. Activation of the intrusion alarm must alert...

  11. 10 CFR 36.23 - Access control.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 1 2010-01-01 2010-01-01 false Access control. 36.23 Section 36.23 Energy NUCLEAR... activation of the control. (g) Each entrance to the radiation room of a panoramic irradiator and each... unauthorized entry when the personnel access barrier is locked. Activation of the intrusion alarm must alert...

  12. 10 CFR 36.23 - Access control.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 1 2014-01-01 2014-01-01 false Access control. 36.23 Section 36.23 Energy NUCLEAR... activation of the control. (g) Each entrance to the radiation room of a panoramic irradiator and each... unauthorized entry when the personnel access barrier is locked. Activation of the intrusion alarm must alert...

  13. 47 CFR 95.645 - Control accessibility.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 47 Telecommunication 5 2014-10-01 2014-10-01 false Control accessibility. 95.645 Section 95.645 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) SAFETY AND SPECIAL RADIO SERVICES PERSONAL RADIO SERVICES Technical Regulations Certification Requirements § 95.645 Control accessibility. (a) No...

  14. 47 CFR 95.645 - Control accessibility.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 47 Telecommunication 5 2011-10-01 2011-10-01 false Control accessibility. 95.645 Section 95.645 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) SAFETY AND SPECIAL RADIO SERVICES PERSONAL RADIO SERVICES Technical Regulations Certification Requirements § 95.645 Control accessibility. (a) No...

  15. 47 CFR 95.645 - Control accessibility.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 47 Telecommunication 5 2013-10-01 2013-10-01 false Control accessibility. 95.645 Section 95.645 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) SAFETY AND SPECIAL RADIO SERVICES PERSONAL RADIO SERVICES Technical Regulations Certification Requirements § 95.645 Control accessibility. (a) No...

  16. 47 CFR 95.645 - Control accessibility.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 47 Telecommunication 5 2010-10-01 2010-10-01 false Control accessibility. 95.645 Section 95.645 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) SAFETY AND SPECIAL RADIO SERVICES PERSONAL RADIO SERVICES Technical Regulations Certification Requirements § 95.645 Control accessibility. (a) No...

  17. Secure and Efficient Routable Control Systems

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  18. Cyber Security: Critical Infrastructure Controls Assessment Framework

    DTIC Science & Technology

    2011-05-01

    Industry SANS ‐ CAG OASIS Private   ISA ‐99 <more…> SOX <more…> OWASP <more…> And Growing Day by Day……………….. CIP Security Controls Assessment...NERC-CIP NIST-Cyber Grid Chemical Cyber Physical System Security Standards PCI OASIS OWASP Nuclear Transportation ISA -99 CIP Security Controls...Institute of Electrical and Electronics Engineers.  –           14. ISA  – Industrial Society for Automation 15. ISO – International Standards Organization

  19. Service-Oriented Access Control

    DTIC Science & Technology

    2014-09-01

    Feamster and H. Balakrishnan, “Detecting BGP configuration faults with static analysis,” in Proc. 2nd USENIX Symp. on Networked Systems Design and...Language HTTP Hypertext Transfer Protocol HTTPS Secure Hypertext Transfer Protocol IDS intrusion detection system IEEE Institute for Electrical and...directives to implement that policy in the network. Narain et al. [3] present a declarative network management system based on model find- ing

  20. Privacy and Access Control for IHE-Based Systems

    NASA Astrophysics Data System (ADS)

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  1. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 1 2010-01-01 2010-01-01 false Access to restricted data and national security information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR DOMESTIC LICENSING PROCEEDINGS AND ISSUANCE OF ORDERS Special Procedures Applicable to Adjudicatory Proceedings Involving...

  2. Proximity Displays for Access Control

    ERIC Educational Resources Information Center

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  3. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security clearances and access to classified information. 110.121 Section 110.121 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) EXPORT AND IMPORT OF NUCLEAR EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified...

  4. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470... Within Industry 3004.470 Security requirements for access to unclassified facilities,...

  5. Towards an Access-Control Framework for Countering Insider Threats

    NASA Astrophysics Data System (ADS)

    Crampton, Jason; Huth, Michael

    As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult: little public data about insider-threat cases is available; there is not much consensus about what the insider problem actually is; and previous research in access control has by-and-large not dealt with this issue. We explore existing notions of insiderness in order to identify the relevant research issues. We then formulate a set of requirements for next-generation access-control systems, whose realization might form part of an overall strategy to address the insider problem.

  6. 9 CFR 121.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... and toxins; security risk assessments. 121.10 Section 121.10 Animals and Animal Products ANIMAL AND... Restricting access to select agents and toxins; security risk assessments. (a) An individual or entity... Administrator or the HHS Secretary following a security risk assessment by the Attorney General. (b)...

  7. 9 CFR 121.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... and toxins; security risk assessments. 121.10 Section 121.10 Animals and Animal Products ANIMAL AND... Restricting access to select agents and toxins; security risk assessments. (a) An individual or entity... Administrator or the HHS Secretary following a security risk assessment by the Attorney General. (b)...

  8. 9 CFR 121.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... and toxins; security risk assessments. 121.10 Section 121.10 Animals and Animal Products ANIMAL AND... Restricting access to select agents and toxins; security risk assessments. (a) An individual or entity... Administrator or the HHS Secretary following a security risk assessment by the Attorney General. (b)...

  9. 42 CFR 73.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ...; security risk assessments. 73.10 Section 73.10 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH... access to select agents and toxins; security risk assessments. (a) An individual or entity required to... Administrator, following a security risk assessment by the Attorney General. (b) An individual will be deemed...

  10. 42 CFR 73.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ...; security risk assessments. 73.10 Section 73.10 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH... access to select agents and toxins; security risk assessments. (a) An individual or entity required to... Administrator, following a security risk assessment by the Attorney General. (b) An individual will be deemed...

  11. 42 CFR 73.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ...; security risk assessments. 73.10 Section 73.10 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH... access to select agents and toxins; security risk assessments. (a) An individual or entity required to... Administrator, following a security risk assessment by the Attorney General. (b) An individual will be deemed...

  12. 9 CFR 121.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... and toxins; security risk assessments. 121.10 Section 121.10 Animals and Animal Products ANIMAL AND... Restricting access to select agents and toxins; security risk assessments. (a) An individual or entity... Administrator or the HHS Secretary following a security risk assessment by the Attorney General. (b)...

  13. 42 CFR 73.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ...; security risk assessments. 73.10 Section 73.10 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH... access to select agents and toxins; security risk assessments. (a) An individual or entity required to... Administrator, following a security risk assessment by the Attorney General. (b) An individual will be deemed...

  14. 42 CFR 73.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ...; security risk assessments. 73.10 Section 73.10 Public Health PUBLIC HEALTH SERVICE, DEPARTMENT OF HEALTH... access to select agents and toxins; security risk assessments. (a) An individual or entity required to... Administrator, following a security risk assessment by the Attorney General. (b) An individual will be deemed...

  15. Fine-Grained Access Control for Electronic Health Record Systems

    NASA Astrophysics Data System (ADS)

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  16. Recommended Practice for Securing Control System Modems

    SciTech Connect

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  17. Restricted access processor - An application of computer security technology

    NASA Technical Reports Server (NTRS)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  18. Selecting RMF Controls for National Security Systems

    SciTech Connect

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  19. Cyber secure systems approach for NPP digital control systems

    SciTech Connect

    McCreary, T. J.; Hsu, A.

    2006-07-01

    disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)

  20. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  1. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  2. Secure Control Systems for the Energy Sector

    SciTech Connect

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

  3. Store Security: Internal Shrinkage Control.

    ERIC Educational Resources Information Center

    Everhardt, Richard M.

    The document presents a 10-week training program designed to provide helpful and proven methods for controlling internal shrinkage in retail stores. Shrinkage includes the three problems of shoplifting, employee theft, and errors, each of which is addressed by the course. Ohio's laws are also discussed. The format for the course content section is…

  4. Comparison of Routable Control System Security Approaches

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  5. A secure and reliable monitor and control system for remote observing with the Large Millimeter Telescope

    NASA Astrophysics Data System (ADS)

    Wallace, Gary; Souccar, Kamal; Malin, Daniella

    2004-09-01

    Remote access to telescope monitor and control capabilities necessitates strict security mechanisms to protect the telescope and instruments from malicious or unauthorized use, and to prevent data from being stolen, altered, or corrupted. The Large Millimeter Telescope (LMT) monitor and control system (LMTMC) utilizes the Common Object Request Broker Architecture (CORBA) middleware technology to connect remote software components. The LMTMC provides reliable and secure remote observing by automatically generating SSLIOP enabled CORBA objects. TAO, the ACE open source Object Request Broker (ORB), now supports secure communications by implementing the Secure Socket Layer Inter-ORB Protocol (SSLIOP) as a pluggable protocol. This capability supplies the LMTMC with client and server authentication, data integrity, and encryption. Our system takes advantage of the hooks provided by TAO SSLIOP to implement X.509 certificate based authorization. This access control scheme includes multiple authorization levels to enable granular access control.

  6. Access and privacy rights using web security standards to increase patient empowerment.

    PubMed

    Falcão-Reis, Filipa; Costa-Pereira, Altamiro; Correia, Manuel E

    2008-01-01

    Electronic Health Record (EHR) systems are becoming more and more sophisticated and include nowadays numerous applications, which are not only accessed by medical professionals, but also by accounting and administrative personnel. This could represent a problem concerning basic rights such as privacy and confidentiality. The principles, guidelines and recommendations compiled by the OECD protection of privacy and trans-border flow of personal data are described and considered within health information system development. Granting access to an EHR should be dependent upon the owner of the record; the patient: he must be entitled to define who is allowed to access his EHRs, besides the access control scheme each health organization may have implemented. In this way, it's not only up to health professionals to decide who have access to what, but the patient himself. Implementing such a policy is walking towards patient empowerment which society should encourage and governments should promote. The paper then introduces a technical solution based on web security standards. This would give patients the ability to monitor and control which entities have access to their personal EHRs, thus empowering them with the knowledge of how much of his medical history is known and by whom. It is necessary to create standard data access protocols, mechanisms and policies to protect the privacy rights and furthermore, to enable patients, to automatically track the movement (flow) of their personal data and information in the context of health information systems. This solution must be functional and, above all, user-friendly and the interface should take in consideration some heuristics of usability in order to provide the user with the best tools. The current official standards on confidentiality and privacy in health care, currently being developed within the EU, are explained, in order to achieve a consensual idea of the guidelines that all member states should follow to transfer

  7. Access control and privacy in large distributed systems

    NASA Technical Reports Server (NTRS)

    Leiner, B. M.; Bishop, M.

    1986-01-01

    Large scale distributed systems consists of workstations, mainframe computers, supercomputers and other types of servers, all connected by a computer network. These systems are being used in a variety of applications including the support of collaborative scientific research. In such an environment, issues of access control and privacy arise. Access control is required for several reasons, including the protection of sensitive resources and cost control. Privacy is also required for similar reasons, including the protection of a researcher's proprietary results. A possible architecture for integrating available computer and communications security technologies into a system that meet these requirements is described. This architecture is meant as a starting point for discussion, rather that the final answer.

  8. Issues with Access to Acquisition Data and Information in the Department of Defense: A Closer Look at the Origins and Implementation of Controlled Unclassified Information Labels and Security Policy

    DTIC Science & Technology

    2016-12-01

    28 CHAPTER FOUR Security Policy and Its Implications for AIR and DAMIR...31 AIR : Implications and Challenges for Implementing Security Policy...46 Security Policy and Its Implications for AIR and DAMIR

  9. The linked medical data access control framework.

    PubMed

    Kamateri, Eleni; Kalampokis, Evangelos; Tambouris, Efthimios; Tarabanis, Konstantinos

    2014-08-01

    The integration of medical data coming from multiple sources is important in clinical research. Amongst others, it enables the discovery of appropriate subjects in patient-oriented research and the identification of innovative results in epidemiological studies. At the same time, the integration of medical data faces significant ethical and legal challenges that impose access constraints. Some of these issues can be addressed by making available aggregated instead of raw record-level data. In many cases however, there is still a need for controlling access even to the resulting aggregated data, e.g., due to data provider's policies. In this paper we present the Linked Medical Data Access Control (LiMDAC) framework that capitalizes on Linked Data technologies to enable controlling access to medical data across distributed sources with diverse access constraints. The LiMDAC framework consists of three Linked Data models, namely the LiMDAC metadata model, the LiMDAC user profile model, and the LiMDAC access policy model. It also includes an architecture that exploits these models. Based on the framework, a proof-of-concept platform is developed and its performance and functionality are evaluated by employing two usage scenarios.

  10. “We Are Not Being Heard”: Aboriginal Perspectives on Traditional Foods Access and Food Security

    PubMed Central

    Elliott, Bethany; Jayatilaka, Deepthi; Brown, Contessa; Varley, Leslie; Corbett, Kitty K.

    2012-01-01

    Aboriginal peoples are among the most food insecure groups in Canada, yet their perspectives and knowledge are often sidelined in mainstream food security debates. In order to create food security for all, Aboriginal perspectives must be included in food security research and discourse. This project demonstrates a process in which Aboriginal and non-Aboriginal partners engaged in a culturally appropriate and respectful collaboration, assessing the challenges and barriers to traditional foods access in the urban environment of Vancouver, BC, Canada. The findings highlight local, national, and international actions required to increase access to traditional foods as a means of achieving food security for all people. The paper underscores the interconnectedness of local and global food security issues and highlights challenges as well as solutions with potential to improve food security of both Aboriginal and non-Aboriginal peoples alike. PMID:23346118

  11. "We are not being heard": Aboriginal perspectives on traditional foods access and food security.

    PubMed

    Elliott, Bethany; Jayatilaka, Deepthi; Brown, Contessa; Varley, Leslie; Corbett, Kitty K

    2012-01-01

    Aboriginal peoples are among the most food insecure groups in Canada, yet their perspectives and knowledge are often sidelined in mainstream food security debates. In order to create food security for all, Aboriginal perspectives must be included in food security research and discourse. This project demonstrates a process in which Aboriginal and non-Aboriginal partners engaged in a culturally appropriate and respectful collaboration, assessing the challenges and barriers to traditional foods access in the urban environment of Vancouver, BC, Canada. The findings highlight local, national, and international actions required to increase access to traditional foods as a means of achieving food security for all people. The paper underscores the interconnectedness of local and global food security issues and highlights challenges as well as solutions with potential to improve food security of both Aboriginal and non-Aboriginal peoples alike.

  12. Control Systems Cyber Security:Defense in Depth Strategies

    SciTech Connect

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  13. An effective access control approach to support mobility in IPv6 networks

    NASA Astrophysics Data System (ADS)

    Peng, Xue-hai; Lin, Chuang

    2005-11-01

    Access control is an important method to improve network security and prevent protected resources from being used by some nodes without authority. Moreover, mobility is an important trend of internet. In this paper, based on the architecture of hierarchical mobile IPv6, we proposed an effective access control approach to support mobility in IPv6 networks, which can ensure the operation of access control when a mobile node roams in these domains with different polices, with decreased delay of access negotiation and cost of delivering messages.

  14. A Delicate Balance: National Security vs. Public Access

    ERIC Educational Resources Information Center

    Klein, Bonnie; Schwalb, Sandy

    2005-01-01

    Sometimes people want to see data that the government thinks should be kept under wraps. How does the Department of Defense balance the scales of justice while still ensuring information security? In the aftermath of September 11, 2001, the Defense Technical Information Center (DTIC) found itself in the spotlight as journalists, academics, and…

  15. Effect of security threats on primary care access in Logar province, Afghanistan.

    PubMed

    Morikawa, Masahiro J

    2008-01-01

    Security threats are a major concern for access to health care in many war-torn communities; however, there is little quantified data on actual access to care in rural communities during war. Kinderberg International e.V. provided primary care in rural Logar province, Afghanistan, for these three years in eight districts until they were integrated into the new health care structure led by the Ministry of Health in early 2005. We examined the number of patients visiting our clinic before and during the security threats related to the parliamentary election and subsequent national assembly in 2004. The number of patients declined in remote clinics while the number increased in central locations. This finding has an important practical implication: the monitoring of access to care should include remote clinics, otherwise it may potentially underestimate compromised access to health care due to security threats.

  16. OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO EAST. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in Weapons Storage Area, Plattsburgh, Clinton County, NY

  17. OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO NORTH. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in SAC Alert Area, Plattsburgh, Clinton County, NY

  18. Access Control Model for Sharing Composite Electronic Health Records

    NASA Astrophysics Data System (ADS)

    Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

    The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

  19. Secure Web-Site Access with Tickets and Message-Dependent Digests

    USGS Publications Warehouse

    Donato, David I.

    2008-01-01

    Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

  20. Speed control system for an access gate

    DOEpatents

    Bzorgi, Fariborz M [Knoxville, TN

    2012-03-20

    An access control apparatus for an access gate. The access gate typically has a rotator that is configured to rotate around a rotator axis at a first variable speed in a forward direction. The access control apparatus may include a transmission that typically has an input element that is operatively connected to the rotator. The input element is generally configured to rotate at an input speed that is proportional to the first variable speed. The transmission typically also has an output element that has an output speed that is higher than the input speed. The input element and the output element may rotate around a common transmission axis. A retardation mechanism may be employed. The retardation mechanism is typically configured to rotate around a retardation mechanism axis. Generally the retardation mechanism is operatively connected to the output element of the transmission and is configured to retard motion of the access gate in the forward direction when the first variable speed is above a control-limit speed. In many embodiments the transmission axis and the retardation mechanism axis are substantially co-axial. Some embodiments include a freewheel/catch mechanism that has an input connection that is operatively connected to the rotator. The input connection may be configured to engage an output connection when the rotator is rotated at the first variable speed in a forward direction and configured for substantially unrestricted rotation when the rotator is rotated in a reverse direction opposite the forward direction. The input element of the transmission is typically operatively connected to the output connection of the freewheel/catch mechanism.

  1. A Network Access Control Framework for 6LoWPAN Networks

    PubMed Central

    Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

    2013-01-01

    Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

  2. A network access control framework for 6LoWPAN networks.

    PubMed

    Oliveira, Luís M L; Rodrigues, Joel J P C; de Sousa, Amaro F; Lloret, Jaime

    2013-01-18

    Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes.

  3. Control Systems Security Test Center - FY 2004 Program Summary

    SciTech Connect

    Robert E. Polk; Alen M. Snyder

    2005-04-01

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  4. Social Network Privacy via Evolving Access Control

    NASA Astrophysics Data System (ADS)

    di Crescenzo, Giovanni; Lipton, Richard J.

    We study the problem of limiting privacy loss due to data shared in a social network, where the basic underlying assumptions are that users are interested in sharing data and cannot be assumed to constantly follow appropriate privacy policies. Note that if these two assumptions do not hold, social network privacy is theoretically very easy to achieve; for instance, via some form of access control and confidentiality transformation on the data.

  5. Common Badging and Access Control System (CBACS)

    NASA Technical Reports Server (NTRS)

    Baldridge, Tim

    2005-01-01

    The goals of the project are: Achieve high business value through a common badging and access control system that integrates with smart cards. Provide physical (versus logical) deployment of smart cards initially. Provides a common consistent and reliable environment into which to release the smart card. Gives opportunity to develop agency-wide consistent processes, practices and policies. Enables enterprise data capture and management. Promotes data validation prior to SC issuance.

  6. Necessary security mechanisms in a PACS DICOM access system with web technology.

    PubMed

    Vázquez-Naya, José; Loureiro, Javier; Calle, Julián; Vidal, Jorge; Sierra, Alejandro

    2002-01-01

    The evolution in information and telecommunication technologies has allowed the development of systems that use the Internet infrastructure and Web technology to remotely access a hospital's picture archiving and communication system (PACS). However, one of the main problems in the construction of this type of system is the development of mechanisms that guarantee the security of the medical data that are being consulted. Most countries have specific norms for the protection of such medical data. This work describes security mechanisms that are developed in an access system to PACS DICOM with Web technology and comply with the Spanish legislation concerning the protection of medical data. The proposed security mechanisms are flexible, they leave room for the definition of security policies adjusted to the needs of each particular organization and they can be adapted to comply with new or foreign norms.

  7. Climate Change and Global Food Security: Food Access, Utilization, and the US Food System

    NASA Astrophysics Data System (ADS)

    Brown, M. E.; Antle, J. M.; Backlund, P. W.; Carr, E. R.; Easterling, W. E.; Walsh, M.; Ammann, C. M.; Attavanich, W.; Barrett, C. B.; Bellemare, M. F.; Dancheck, V.; Funk, C.; Grace, K.; Ingram, J. S. I.; Jiang, H.; Maletta, H.; Mata, T.; Murray, A.; Ngugi, M.; Ojima, D. S.; O'Neill, B. C.; Tebaldi, C.

    2015-12-01

    This paper will summarize results from the USDA report entitled 'Climate change, Global Food Security and the U.S. Food system'. The report focuses on the impact of climate change on global food security, defined as "when all people at all times have physical, social, and economic access to sufficient, safe, and nutritious food to meet their dietary needs and food preferences for an active and healthy life". The assessment brought together authors and contributors from twenty federal, academic, nongovernmental, intergovernmental, and private organizations in four countries to identify climate change effects on food security through 2100, and analyze the U.S.'s likely connections with that world. This talk will describe how climate change will likely affect food access and food utilization, and summarize how the U.S. food system contributes to global food security, and will be affected by climate change.

  8. External access to ALICE controls conditions data

    NASA Astrophysics Data System (ADS)

    Jadlovský, J.; Jadlovská, A.; Sarnovský, J.; Jajčišin, Š.; Čopík, M.; Jadlovská, S.; Papcun, P.; Bielek, R.; Čerkala, J.; Kopčík, M.; Chochula, P.; Augustinus, A.

    2014-06-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead - users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data - an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  9. PKI-based secure mobile access to electronic health services and data.

    PubMed

    Kambourakis, G; Maglogiannis, I; Rouskas, A

    2005-01-01

    Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLAN and General Packet Radio Service (GPRS) networks.

  10. A human engineering and ergonomic evaluation of the security access panel interface

    SciTech Connect

    Hartney, C.; Banks, W.W.

    1995-02-01

    The purpose of this study was to empirically determine which of several security hardware interface designs produced the highest levels of end-user performance and acceptance. The FESSP Security Alarms and Monitoring Systems program area commissioned the authors study as decision support for upgrading the Argus security system`s primary user interface so that Argus equipment will support the new DOE and DoD security access badges. Twenty-two test subjects were repeatedly tested using six remote access panel (RAP) designs. Lawrence Livermore National Laboratory (LLNL) uses one of these interface designs in its security access booths. Along with the RAP B insert-style reader, the authors tested five prototype RAP variants, each with a different style of swipe badge reader, through which a badge is moved or swiped. The authors asked the untrained test subjects to use each RAP while they described how they thought they should respond so that the system would operate correctly in reading the magnetic strip on a security badge. With each RAP variant, subjects were required to make four successful card reads (swipes) in which the card reader correctly read and logged the transaction. After each trial, a subject completed a 10-item interface acceptance evaluation before approaching the next RAP. After interacting with the RAP interfaces (for a total of the six RAP trials), each subject completed a 7-item overview evaluation that compared and ranked the five experimental RAPs, using the original (RAP B) insert style as a standard.

  11. Experimental realization of an entanglement access network and secure multi-party computation

    PubMed Central

    Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

    2016-01-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography. PMID:27404561

  12. Experimental realization of an entanglement access network and secure multi-party computation

    NASA Astrophysics Data System (ADS)

    Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

    2016-07-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  13. Security Concerns in Accessing Naval e-Learning with Personal Mobile Devices

    DTIC Science & Technology

    2014-12-01

    IN ACCESSING NAVAL e - LEARNING WITH PERSONAL MOBILE DEVICES by Keystella R. Mitchell December 2014 Thesis Co-Advisors: Man-Tak Shing...December 2014 3. REPORT TYPE AND DATES COVERED Master’s Thesis 4. TITLE AND SUBTITLE SECURITY CONCERNS IN ACCESSING NAVAL e - LEARNING WITH PERSONAL...was to investigate the feasibility of using personal mobile devices for Naval e - Learning (NeL). Another objective was to find out which mobile device

  14. Controlled Bidirectional Quantum Secure Direct Communication

    PubMed Central

    Chou, Yao-Hsin; Lin, Yu-Ting; Zeng, Guo-Jyun; Lin, Fang-Jhu; Chen, Chi-Yuan

    2014-01-01

    We propose a novel protocol for controlled bidirectional quantum secure communication based on a nonlocal swap gate scheme. Our proposed protocol would be applied to a system in which a controller (supervisor/Charlie) controls the bidirectional communication with quantum information or secret messages between legitimate users (Alice and Bob). In this system, the legitimate users must obtain permission from the controller in order to exchange their respective quantum information or secret messages simultaneously; the controller is unable to obtain any quantum information or secret messages from the decoding process. Moreover, the presence of the controller also avoids the problem of one legitimate user receiving the quantum information or secret message before the other, and then refusing to help the other user decode the quantum information or secret message. Our proposed protocol is aimed at protecting against external and participant attacks on such a system, and the cost of transmitting quantum bits using our protocol is less than that achieved in other studies. Based on the nonlocal swap gate scheme, the legitimate users exchange their quantum information or secret messages without transmission in a public channel, thus protecting against eavesdroppers stealing the secret messages. PMID:25006596

  15. Everywhere Access: Remote Control Software for the Internet.

    ERIC Educational Resources Information Center

    Beckett, George

    1994-01-01

    Describes a new software program called "Everywhere Access" that provides remote access to libraries' networked personal computers and that is suitable for use with the Internet. Highlights include installation; operation; security; standards issues; documentation and technical support; and potential uses and applications. (LRW)

  16. Security for grids

    SciTech Connect

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  17. Providing security for automated process control systems at hydropower engineering facilities

    NASA Astrophysics Data System (ADS)

    Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

    2016-12-01

    This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

  18. Food Security and Women's Access to Natural Resources workshop; a brief report.

    PubMed

    1997-01-01

    This article describes the workshop on Food Security and Women's Access to Natural Resources, held in January 1997 in Mumbai, India. The workshop was organized jointly by the Tata Institute of Social Sciences and the Indian Association of Women's Studies. The aim was to examine the food security situation in Maharashtra and Gujarat states in the west, the initiative to build alternative institutions, legal changes augmenting industrialization, and how traditional rights to common property resources can be legalized and how the poor can have access to new resources. The workshop organizers were unable to obtain experts on some topics. Core discussion centered on changes in industrialization, natural resources, gender and food security; access to natural resources and poverty alleviation programs; initiatives to create food security; and laws related to access to land and water. Discussions revealed the alienation of small and marginal farmers, landless laborers, and artisans from their livelihoods and survival strategies for these disenfranchised groups. The design of drought eradication and water conservation programs did not permit women and men working at construction sites to have access to the program assets. Case studies revealed situations in which women won the right of access to community water and then negotiated for land in lease. The women used landowners to negotiate credit and access development program assets, but normal channels of the National Bank of Agricultural Research and Development could have provided these benefits. Participants discussed how governments can be held accountable and how public funds could be used to revamp poverty alleviation and asset creation programs. All agreed that macrolevel development should give priority to agricultural development and legal constraints or problems. Five follow-up activities are identified.

  19. High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

    NASA Astrophysics Data System (ADS)

    Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

    2016-06-01

    Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

  20. Nevada National Security Site Radiological Control Manual

    SciTech Connect

    Radiological Control Managers’ Council

    2012-03-26

    This document supersedes DOE/NV/25946--801, 'Nevada Test Site Radiological Control Manual,' Revision 1 issued in February 2010. Brief Description of Revision: A complete revision to reflect a recent change in name for the NTS; changes in name for some tenant organizations; and to update references to current DOE policies, orders, and guidance documents. Article 237.2 was deleted. Appendix 3B was updated. Article 411.2 was modified. Article 422 was re-written to reflect the wording of DOE O 458.1. Article 431.6.d was modified. The glossary was updated. This manual contains the radiological control requirements to be used for all radiological activities conducted by programs under the purview of the U.S. Department of Energy (DOE) and the U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office (NNSA/NSO). Compliance with these requirements will ensure compliance with Title 10 Code of Federal Regulations (CFR) Part 835, 'Occupational Radiation Protection.' Programs covered by this manual are located at the Nevada National Security Site (NNSS); Nellis Air Force Base and North Las Vegas, Nevada; Santa Barbara and Livermore, California; and Andrews Air Force Base, Maryland. In addition, fieldwork by NNSA/NSO at other locations is covered by this manual. Current activities at NNSS include operating low-level radioactive and mixed waste disposal facilities for United States defense-generated waste, assembly and execution of subcritical experiments, assembly/disassembly of special experiments, the storage and use of special nuclear materials, performing criticality experiments, emergency responder training, surface cleanup and site characterization of contaminated land areas, environmental activity by the University system, and nonnuclear test operations, such as controlled spills of hazardous materials at the Hazardous Materials Spill Center. Currently, the major potential for occupational radiation exposure is associated with the burial of

  1. Cardea: Dynamic Access Control in Distributed Systems

    NASA Technical Reports Server (NTRS)

    Lepro, Rebekah

    2004-01-01

    Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

  2. 9 CFR 121.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 9 Animals and Animal Products 1 2010-01-01 2010-01-01 false Restricting access to select agents and toxins; security risk assessments. 121.10 Section 121.10 Animals and Animal Products ANIMAL AND... intelligence agency of committing a crime set forth in 18 U.S.C. 2332b(g)(5); knowing involvement with...

  3. 47 CFR 76.1204 - Availability of equipment performing conditional access or security functions.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... security functions. (a)(1) A multichannel video programming distributor that utilizes navigation devices to... access functions of such devices. Commencing on July 1, 2007, no multichannel video programming... requirement shall not apply to a multichannel video programming distributor that supports the active use...

  4. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  5. 49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for... certain functions related to the transportation, dispatch or security of cargo for transport on...

  6. 49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo and cargo screening: Security... aircraft; or who performs certain functions related to the transportation, dispatch, or security of...

  7. 49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... 49 Transportation 9 2011-10-01 2011-10-01 false Access to cargo and cargo screening: Security... aircraft; or who performs certain functions related to the transportation, dispatch, or security of...

  8. 49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo: Security threat assessments for... certain functions related to the transportation, dispatch or security of cargo for transport on...

  9. 49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... 49 Transportation 9 2014-10-01 2014-10-01 false Access to cargo and cargo screening: Security... aircraft; or who performs certain functions related to the transportation, dispatch, or security of...

  10. 49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo and cargo screening: Security... aircraft; or who performs certain functions related to the transportation, dispatch, or security of...

  11. 49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2011-10-01 2011-10-01 false Access to cargo: Security threat assessments for... certain functions related to the transportation, dispatch or security of cargo for transport on...

  12. 49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo and cargo screening: Security... aircraft; or who performs certain functions related to the transportation, dispatch, or security of...

  13. 49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo: Security threat assessments for... certain functions related to the transportation, dispatch or security of cargo for transport on...

  14. 49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND... 49 Transportation 9 2014-10-01 2014-10-01 false Access to cargo: Security threat assessments for... certain functions related to the transportation, dispatch or security of cargo for transport on...

  15. The Ownership and Control of the U.S. Securities and Exchange Commission's EDGAR System.

    ERIC Educational Resources Information Center

    Love, James Packard

    1993-01-01

    Describes the EDGAR (Electronic Data Gathering, Analysis and Retrieval) system developed for the U.S. Securities and Exchange Commission (SEC) for SEC disclosure filings. Ownership and control of the database, hardware, and software is considered; the Information Industry Association position is described; and the need for greater public access to…

  16. Mitigations for Security Vulnerabilities Found in Control System Networks

    SciTech Connect

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  17. An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

    ERIC Educational Resources Information Center

    Zhang, Yue

    2010-01-01

    Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

  18. A Stateful Multicast Access Control Mechanism for Future Metro-Area-Networks.

    ERIC Educational Resources Information Center

    Sun, Wei-qiang; Li, Jin-sheng; Hong, Pei-lin

    2003-01-01

    Multicasting is a necessity for a broadband metro-area-network; however security problems exist with current multicast protocols. A stateful multicast access control mechanism, based on MAPE, is proposed. The architecture of MAPE is discussed, as well as the states maintained and messages exchanged. The scheme is flexible and scalable. (Author/AEF)

  19. Process Control Systems in the Chemical Industry: Safety vs. Security

    SciTech Connect

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  20. Advanced Techniques for Deploying Reliable and Efficient Access Control: Application to E-healthcare.

    PubMed

    Jaïdi, Faouzi; Labbene-Ayachi, Faten; Bouhoula, Adel

    2016-12-01

    Nowadays, e-healthcare is a main advancement and upcoming technology in healthcare industry that contributes to setting up automated and efficient healthcare infrastructures. Unfortunately, several security aspects remain as main challenges towards secure and privacy-preserving e-healthcare systems. From the access control perspective, e-healthcare systems face several issues due to the necessity of defining (at the same time) rigorous and flexible access control solutions. This delicate and irregular balance between flexibility and robustness has an immediate impact on the compliance of the deployed access control policy. To address this issue, the paper defines a general framework to organize thinking about verifying, validating and monitoring the compliance of access control policies in the context of e-healthcare databases. We study the problem of the conformity of low level policies within relational databases and we particularly focus on the case of a medical-records management database defined in the context of a Medical Information System. We propose an advanced solution for deploying reliable and efficient access control policies. Our solution extends the traditional lifecycle of an access control policy and allows mainly managing the compliance of the policy. We refer to an example to illustrate the relevance of our proposal.

  1. MAAC: a software tool for user authentication and access control to the electronic patient record in an open distributed environment

    NASA Astrophysics Data System (ADS)

    Motta, Gustavo H.; Furuie, Sergio S.

    2004-04-01

    Designing proper models for authorization and access control for the electronic patient record (EPR) is essential to wide scale use of the EPR in large health organizations. This work presents MAAC (Middleware for Authentication and Access Control), a tool that implements a contextual role-based access control (RBAC) authorization model. RBAC regulates user"s access to computers resources based on their organizational roles. A contextual authorization uses environmental information available at access-request time, like user/patient relationship, in order to decide whether a user has the right to access an EPR resource. The software architecture where MAAC is implemented uses Lightweight Directory Access Protocol, Java programming language and the CORBA/OMG standards CORBA Security Service and Resource Access Decision Facility. With those open and distributed standards, heterogeneous EPR components can request user authentication and access authorization services in a unified and consistent fashion across multiple platforms.

  2. Catheter Securement Systems for Peripherally Inserted and Nontunneled Central Vascular Access Devices

    PubMed Central

    Krenik, Karen M.; Smith, Graham E.

    2016-01-01

    Sutureless catheter securement systems are intended to eliminate risks associated with sutures. The clinical acceptability of a novel system was investigated compared with the current method of securement for peripherally inserted central catheters (19 facilities using StatLock or sutures) or nontunneled central vascular access devices (3 facilities using StatLock or sutures or HubGuard + Sorbaview Shield). More than 94% of respondents rated the novel system as same, better, or much better than their current product. More than 82% of respondents were willing to replace their current system with the new one. PMID:27379679

  3. Control Systems Cyber Security: Defense-in-Depth Strategies

    SciTech Connect

    Mark Fabro

    2007-10-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  4. Research and realization of info-net security controlling system

    NASA Astrophysics Data System (ADS)

    Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-03-01

    The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

  5. Bureau of Prisons access control system: functional and operational requirements

    NASA Astrophysics Data System (ADS)

    Janus, Michael; Carlson, Peter M.; Kane, Thomas

    1997-01-01

    The Federal Bureau of Prisons (BOP) operates 86 correctional institutions nationwide. The BOP has grown dramatically, the size of its inmate population growing from just over 41,000 inmates in 1987 to over 100,000 today. The number of BOP staff managing these facilities has grown correspondingly, more than doubling in number in the same ten year period. Technology has paid a major role in keeping up with this growth while maintaining high standards of security in BOP institutions. In an attempt to further enhance security in its institutions, the BOP has recently begun pilot testing an access control and entry system (ACES). ACES is intended to provide an automated record of very entry and exit to a correctional institution. ACES takes advantage of several methods of identifying an individual (inmate, staff or visitor) to assure that the individual exiting the institution is the same as the individual entering. The pilot test has raised a number of questions regarding the implementation of a technologically sophisticated system in a correctional institution. Questions of training, support, 'ownership,' cost effectiveness, and future potential all influence the deployment of this system. Preliminary results indicate that an adequate training and support system is essential to the performance of any sophisticated system and that other organizational issues need to be addressed before the decision to implement is made.

  6. The climate sensitivity of food security in Mali - a historical perspective on availability and access dimensions

    NASA Astrophysics Data System (ADS)

    Giannini, A.; Krishnamurthy, P. K.; Cousin, R.; Choularton, R. J.

    2011-12-01

    We present results based on an analysis of a 2005 livelihood survey of ~2000 rural households in ~200 villages scattered across Mali, a sparsely populated, large land-locked country in West Africa, to elucidate the role of climate variability and change in shaping availability and access dimensions of food security. The Comprehensive Food Security Vulnerability Analysis is a recurrent survey carried out by the World Food Programme and in-country partners to map out nutritional and socio-economic status during normal (~food secure) conditions in the hope of understanding underlying cause(s) and prevent the next food security crisis. We set the spatial characterization of food security that emerges from the CFSVA against the background of a varying climate, on intra-seasonal, interannual and multi-decadal time scales: through elucidation of the influence of climate on agricultural production we arrive at an interpretation of structural and conjunctural events affecting food security. We conclude with a discussion of possible interventions to reduce vulnerability.

  7. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  8. Arms Control and National Security: An Introduction. Advance Edition.

    ERIC Educational Resources Information Center

    Arms Control Association, Washington, DC.

    Suitable for use with high school students, this booklet on arms control and national security provides background information, describes basic concepts, reviews recent history, and offers suggestions for further reading. The first section, on American attitudes toward national security and arms control, defines five types of limits on weapons…

  9. Command and Control during Security Incidents/Emergencies

    SciTech Connect

    Knipper, W.

    2013-10-16

    This presentation builds on our response to events that pose, or have the potential to pose, a serious security or law enforcement risk and must be responded to and controlled in a clear a decisive fashion. We will examine some common concepts in the command and control of security-centric events.

  10. 21 CFR 1301.76 - Other security controls for practitioners.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Other security controls for practitioners. 1301.76 Section 1301.76 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.76...

  11. 21 CFR 1301.75 - Physical security controls for practitioners.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements §...

  12. 21 CFR 1301.75 - Physical security controls for practitioners.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements §...

  13. 21 CFR 1301.75 - Physical security controls for practitioners.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements §...

  14. 21 CFR 1301.76 - Other security controls for practitioners.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Other security controls for practitioners. 1301.76 Section 1301.76 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.76...

  15. 21 CFR 1301.75 - Physical security controls for practitioners.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements §...

  16. 21 CFR 1301.75 - Physical security controls for practitioners.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements §...

  17. 21 CFR 1301.76 - Other security controls for practitioners.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Other security controls for practitioners. 1301.76 Section 1301.76 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.76...

  18. Ideal Based Cyber Security Technical Metrics for Control Systems

    SciTech Connect

    W. F. Boyer; M. A. McQueen

    2007-10-01

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  19. Efforts to secure universal access to HIV/AIDS treatment: a comparison of BRICS countries.

    PubMed

    Sun, Jing; Boing, Alexandra Crispim; Silveira, Marysabel P T; Bertoldi, Andréa D; Ziganshina, Liliya E; Khaziakhmetova, Veronica N; Khamidulina, Rashida M; Chokshi, Maulik R; McGee, Shelley; Suleman, Fatima

    2014-02-01

    This article illustrates how the BRICS countries have been building their focused leadership, making important high level commitment and national policy changes, and improving their health systems, in addressing the HIV/AIDS epidemics in respective settings. Specific aspects are focused on efforts of creating public provisions to secure universal access to ARVs from the aspects of active responsive system and national program, health system strengthening, fostering local production of ARVs, supply chain management, and information system strengthening. Challenges in each BRICS country are analyzed respectively. The most important contributors to the success of response to HIV/AIDS include: creating legal basis for healthcare as a fundamental human right; political commitment to necessary funding for universal access and concrete actions to secure equal quality care; comprehensive system to secure demands that all people in need are capable of accessing prevention, treatment and care; active community involvement; decentralization of the management system considering the local settings; integration of treatment and prevention; taking horizontal approach to strengthen health systems; fully use of the TRIPS flexibility; and regular monitoring and evaluation to serve evidence based decision making.

  20. 6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO WEST. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

  1. 7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO NORTH. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

  2. New Advanced Technologies to Provide Decentralised and Secure Access to Medical Records: Case Studies in Oncology

    PubMed Central

    Quantin, Catherine; Coatrieux, Gouenou; Allaert, François André; Fassa, Maniane; Bourquard, Karima; Boire, Jean-Yves; de Vlieger, Paul; Maigne, Lydia; Breton, Vincent

    2009-01-01

    The main problem for health professionals and patients in accessing information is that this information is very often distributed over many medical records and locations. This problem is particularly acute in cancerology because patients may be treated for many years and undergo a variety of examinations. Recent advances in technology make it feasible to gain access to medical records anywhere and anytime, allowing the physician or the patient to gather information from an “ephemeral electronic patient record”. However, this easy access to data is accompanied by the requirement for improved security (confidentiality, traceability, integrity, ...) and this issue needs to be addressed. In this paper we propose and discuss a decentralised approach based on recent advances in information sharing and protection: Grid technologies and watermarking methodologies. The potential impact of these technologies for oncology is illustrated by the examples of two experimental cases: a cancer surveillance network and a radiotherapy treatment plan. It is expected that the proposed approach will constitute the basis of a future secure “google-like” access to medical records. PMID:19718446

  3. An end-to-end secure patient information access card system.

    PubMed

    Alkhateeb, A; Singer, H; Yakami, M; Takahashi, T

    2000-03-01

    The rapid development of the Internet and the increasing interest in Internet-based solutions has promoted the idea of creating Internet-based health information applications. This will force a change in the role of IC cards in healthcare card systems from a data carrier to an access key medium. At the Medical Informatics Department of Kyoto University Hospital we are developing a smart card patient information project where patient databases are accessed via the Internet. Strong end-to-end data encryption is performed via Secure Socket Layers, transparent to transmit patient information. The smart card is playing the crucial role of access key to the database: user authentication is performed internally without ever revealing the actual key. For easy acceptance by healthcare professionals, the user interface is integrated as a plug-in for two familiar Web browsers, Netscape Navigator and MS Internet Explorer.

  4. Reusable Security Requirements

    DTIC Science & Technology

    2016-06-13

    terms of subfactor of security quality factor, asset, threat, attacker, and situation • Standard measures for security subfactors • Parameterized...2003 by Carnegie Mellon University page 5 Carnegie Mellon Software Engineering Institute Types of Security Requirements Use Quality Model of factors...subfactors, criteria, and measures. Small number of Security Quality Subfactors: • Access Control (Identification, Authentication, and Authorization

  5. 17 CFR 240.15c3-5 - Risk management controls for brokers or dealers with market access.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Risk management controls for... Markets § 240.15c3-5 Risk management controls for brokers or dealers with market access. (a) For the... establish, document, and maintain a system of risk management controls and supervisory procedures...

  6. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  7. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... access prevention systems; (5) Response capability for security incidents; (6) Threat assessments..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... of security concerns, the exercise of control measures, or audits. (2) Possible security...

  8. Process Control System Cyber Security Standards - An Overview

    SciTech Connect

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  9. Open versus Controlled-Access Data | Office of Cancer Genomics

    Cancer.gov

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  10. Security Encryption Scheme for Communication of Web Based Control Systems

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

  11. UGV: security analysis of subsystem control network

    NASA Astrophysics Data System (ADS)

    Abbott-McCune, Sam; Kobezak, Philip; Tront, Joseph; Marchany, Randy; Wicks, Al

    2013-05-01

    Unmanned Ground vehicles (UGVs) are becoming prolific in the heterogeneous superset of robotic platforms. The sensors which provide odometry, localization, perception, and vehicle diagnostics are fused to give the robotic platform a sense of the environment it is traversing. The automotive industry CAN bus has dominated the industry due to the fault tolerance and the message structure allowing high priority messages to reach the desired node in a real time environment. UGVs are being researched and produced at an accelerated rate to preform arduous, repetitive, and dangerous missions that are associated with a military action in a protracted conflict. The technology and applications of the research will inevitably be turned into dual-use platforms to aid civil agencies in the performance of their various operations. Our motivation is security of the holistic system; however as subsystems are outsourced in the design, the overall security of the system may be diminished. We will focus on the CAN bus topology and the vulnerabilities introduced in UGVs and recognizable security vulnerabilities that are inherent in the communications architecture. We will show how data can be extracted from an add-on CAN bus that can be customized to monitor subsystems. The information can be altered or spoofed to force the vehicle to exhibit unwanted actions or render the UGV unusable for the designed mission. The military relies heavily on technology to maintain information dominance, and the security of the information introduced onto the network by UGVs must be safeguarded from vulnerabilities that can be exploited.

  12. A secure WDM ring access network employing silicon micro-ring based remote node

    NASA Astrophysics Data System (ADS)

    Sung, Jiun-Yu; Chow, Chi-Wai; Yeh, Chien-Hung; Xu, Ke; Hsu, Chin-Wei; Su, Hong-Quan; Tsang, Hon-Ki

    2014-08-01

    A secure and scalable wavelength-division-multiplexing (WDM) ring-based access network is proposed and demonstrated using proof-of-concept experiments. In the remote node (RN), wavelength hopping for specific optical networking unit (ONU) is deployed by using silicon micro-ring resonators (SMR). Using silicon-based devices could be cost-effective for the cost-sensitive access network. Hence the optical physical layer security is introduced. The issues of denial of service (DOS) attacks, eavesdropping and masquerading can be made more difficult in the proposed WDM ring-based access network. Besides, the SMRs with different dropped wavelengths can be cascaded, such that the signals pass through the preceding SMRs can be dropped by a succeeding SMR. This can increase the scalability of the RN for supporting more ONUs for future upgrade. Here, error-free 10 Gb/s downlink and 1.25 Gb/s uplink transmission are demonstrated to show the feasibility of the proposed network.

  13. Measurable Control System Security through Ideal Driven Technical Metrics

    SciTech Connect

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

  14. 47 CFR Appendix B to Part 64 - Priority Access Service (PAS) for National Security and Emergency Preparedness (NSEP)

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Security and Emergency Preparedness (NSEP) B Appendix B to Part 64 Telecommunication FEDERAL COMMUNICATIONS.... 64, App. B Appendix B to Part 64—Priority Access Service (PAS) for National Security and Emergency... service (CMRS) networks. Under section 706 of the Communications Act, this authority may be superseded...

  15. 47 CFR Appendix B to Part 64 - Priority Access Service (PAS) for National Security and Emergency Preparedness (NSEP)

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... Security and Emergency Preparedness (NSEP) B Appendix B to Part 64 Telecommunication FEDERAL COMMUNICATIONS.... 64, App. B Appendix B to Part 64—Priority Access Service (PAS) for National Security and Emergency... service (CMRS) networks. Under section 706 of the Communications Act, this authority may be superseded...

  16. 47 CFR Appendix B to Part 64 - Priority Access Service (PAS) for National Security and Emergency Preparedness (NSEP)

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Security and Emergency Preparedness (NSEP) B Appendix B to Part 64 Telecommunication FEDERAL COMMUNICATIONS.... 64, App. B Appendix B to Part 64—Priority Access Service (PAS) for National Security and Emergency... service (CMRS) networks. Under section 706 of the Communications Act, this authority may be superseded...

  17. 47 CFR Appendix B to Part 64 - Priority Access Service (PAS) for National Security and Emergency Preparedness (NSEP)

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Security and Emergency Preparedness (NSEP) B Appendix B to Part 64 Telecommunication FEDERAL COMMUNICATIONS.... 64, App. B Appendix B to Part 64—Priority Access Service (PAS) for National Security and Emergency... service (CMRS) networks. Under section 706 of the Communications Act, this authority may be superseded...

  18. An interaction-based access control model (IBAC) for collaborative services

    SciTech Connect

    Altunay, Mine; Byrd, Gregory T.; Brown, Doug E.; Dean, Ralph A.; /North Carolina State U.

    2008-04-01

    A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another--e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.

  19. Building secure wireless access point based on certificate authentication and firewall captive portal

    NASA Astrophysics Data System (ADS)

    Soewito, B.; Hirzi

    2014-03-01

    Wireless local area network or WLAN more vulnerability than wired network even though WLAN has many advantages over wired. Wireless networks use radio transmissions to carry data between end users and access point. Therefore, it is possible for someone to sit in your office building's lobby or parking lot or parking lot to eavesdrop on the wireless network communication. This paper discussed securing wires local area network used WPA2 Enterprise based PEAP MS-CHAP and Captive portal firewall. We also divided the network for employer and visitor to increase the level of security. Our experiment showed that the WLAN could be broken using the attacker tool such as airodump, aireply, and aircrack.

  20. Permission to Speak: A Novel Formal Foundation for Access Control

    DTIC Science & Technology

    2016-06-21

    NAME(S) AND ADDRESS(ES) University of Pennsylvania,Computer and Information Science ,Philadelphia,PA,19104 8. PERFORMING ORGANIZATION REPORT NUMBER... science • Uniform treatment of access control and conformance – Access control is verification of permissions – Conformance is satisfaction of

  1. Novel secure and bandwidth efficient optical code division multiplexed system for future access networks

    NASA Astrophysics Data System (ADS)

    Singh, Simranjit

    2016-12-01

    In this paper, a spectrally coded optical code division multiple access (OCDMA) system using a hybrid modulation scheme has been investigated. The idea is to propose an effective approach for simultaneous improvement of the system capacity and security. Data formats, NRZ (non-return to zero), DQPSK (differential quadrature phase shift keying), and PoISk (polarisation shift keying) are used to get the orthogonal modulated signal. It is observed that the proposed hybrid modulation provides efficient utilisation of bandwidth, increases the data capacity and enhances the data confidentiality over existing OCDMA systems. Further, the proposed system performance is compared with the current state-of-the-art OCDMA schemes.

  2. The experience of living with sensory hyperreactivity-accessibility, financial security, and social relationships.

    PubMed

    Söderholm, Anna; Söderberg, Anna; Nordin, Steven

    2011-08-01

    Odor intolerance is a frequently reported problem, predominantly among women. Our purpose was to illuminate how individuals living with sensory hyperreactivity (SHR; a form of odor intolerance) experience its impact on accessibility, financial security, and social relationships. Data were collected by having 12 women with SHR write descriptive texts. These texts were analyzed with qualitative content analysis. Six themes were identified: Being limited in participating in society, being forced to behave incompatibly with one's personality, experiencing lack of understanding and respect from others, experiencing insecurity, being dependent on others, and being forced to choose between the plague and cholera.

  3. DOE`s nation-wide system for access control can solve problems for the federal government

    SciTech Connect

    Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

    1996-07-01

    The U.S. Department of Energy`s (DOE`s) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location`s level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals.

  4. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  5. Application of a multilevel access model in the development of a security infrastructure for a clinical information system.

    PubMed Central

    Henkind, S. J.; Orlowski, J. M.; Skarulis, P. C.

    1993-01-01

    A number of security models including the military model, the Institute of Medicine model, and the matrix model have been utilized, or proposed, for protecting clinical information systems. These models have a number of limitations, however, and of particular concern, they focus on security as opposed to access. In this paper we describe a multilevel access model which can overcome some of these limitations. This model is currently being utilized in the development of an improved security infrastructure for a clinical information system. PMID:8130553

  6. Race Differences in Mental Health Service Access in a Secure Male Juvenile Justice Facility

    ERIC Educational Resources Information Center

    Dalton, Richard F.; Evans, Lisa J.; Cruise, Keith R.; Feinstein, Ronald A.; Kendrick, Rhonda F.

    2009-01-01

    This study examined whether African American and Caucasian male youths had similar rates of referral to mental health services in a juvenile justice secure facility when controlling for differences obtained in the initial screening and assessment process. Data from the Massachusetts Youth Screening Instrument-2 (MAYSI-2), Initial Health Care…

  7. Resource reliability, accessibility and governance: pillars for managing water resources to achieve water security in Nepal

    NASA Astrophysics Data System (ADS)

    Biggs, E. M.; Duncan, J.; Atkinson, P.; Dash, J.

    2013-12-01

    As one of the world's most water-abundant countries, Nepal has plenty of water yet resources are both spatially and temporally unevenly distributed. With a population heavily engaged in subsistence farming, whereby livelihoods are entirely dependent on rain-fed agriculture, changes in freshwater resources can substantially impact upon survival. The two main sources of water in Nepal come from monsoon precipitation and glacial runoff. The former is essential for sustaining livelihoods where communities have little or no access to perennial water resources. Much of Nepal's population live in the southern Mid-Hills and Terai regions where dependency on the monsoon system is high and climate-environment interactions are intricate. Any fluctuations in precipitation can severely affect essential potable resources and food security. As the population continues to expand in Nepal, and pressures build on access to adequate and clean water resources, there is a need for institutions to cooperate and increase the effectiveness of water management policies. This research presents a framework detailing three fundamental pillars for managing water resources to achieve sustainable water security in Nepal. These are (i) resource reliability; (ii) adequate accessibility; and (iii) effective governance. Evidence is presented which indicates that water resources are adequate in Nepal to sustain the population. In addition, aspects of climate change are having less impact than previously perceived e.g. results from trend analysis of precipitation time-series indicate a decrease in monsoon extremes and interannual variation over the last half-century. However, accessibility to clean water resources and the potential for water storage is limiting the use of these resources. This issue is particularly prevalent given the heterogeneity in spatial and temporal distributions of water. Water governance is also ineffective due to government instability and a lack of continuity in policy

  8. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    SciTech Connect

    Ezell, Matthew A; Rogers, Gary L; Peterson, Gregory D.

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  9. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    SciTech Connect

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  10. Controls Over the Contractor Common Access Card Life Cycle

    DTIC Science & Technology

    2008-10-10

    Identification System SES Senior Executive Service SPOC Service Point of Contact TASM Trusted Agent Security Manager USD (AT&L) Under...the final report by October 31, 2008. 53 Finding D. Oversight of Common Access Card Sponsors DoD CVS Service Points of Contact ( SPOCs ...authorization to approve contractor CACs. Organization of CAC Application Sites Each Service agency has an SPOC who is responsible for coordinating with

  11. A design of tamper resistant prescription RFID access control system.

    PubMed

    Chen, Yu-Yi; Huang, Der-Chen; Tsai, Meng-Lin; Jan, Jinn-Ke

    2012-10-01

    In this paper, we propose a tamper resistant prescription RFID access control protocol for different authorized readers. Not only the authentication mechanism but also the access right authorization mechanism is designed in our scheme. Only the specific doctor, usually the patient's doctor, can access the tag. Moreover, some related information of patient's prescription is attached to a RFID tag for tamper resistance. The patients' rights will be guaranteed.

  12. System and method for secure group transactions

    DOEpatents

    Goldsmith, Steven Y.

    2006-04-25

    A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

  13. Secure VM for Monitoring Industrial Process Controllers

    SciTech Connect

    Dasgupta, Dipankar; Ali, Mohammad Hassan; Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T; Carvalho, Marco

    2011-01-01

    In this paper, we examine the biological immune system as an autonomic system for self-protection, which has evolved over millions of years probably through extensive redesigning, testing, tuning and optimization process. The powerful information processing capabilities of the immune system, such as feature extraction, pattern recognition, learning, memory, and its distributive nature provide rich metaphors for its artificial counterpart. Our study focuses on building an autonomic defense system, using some immunological metaphors for information gathering, analyzing, decision making and launching threat and attack responses. In order to detection Stuxnet like malware, we propose to include a secure VM (or dedicated host) to the SCADA Network to monitor behavior and all software updates. This on-going research effort is not to mimic the nature but to explore and learn valuable lessons useful for self-adaptive cyber defense systems.

  14. IT Security Support for Spaceport Command and Control System

    NASA Technical Reports Server (NTRS)

    McLain, Jeffrey

    2013-01-01

    During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

  15. Automated biometric access control system for two-man-rule enforcement

    SciTech Connect

    Holmes, J.P.; Maxwell, R.L. ); Henderson, R.W. )

    1991-01-01

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule.

  16. Managed Access by Controlled Sensing (MACS)

    SciTech Connect

    Curtiss, J.A.; Indusi, J.P.

    1994-08-01

    During chemical weapons challenge inspections, the CWC treaty allows ``alternate means`` of access to be proposed by the nation challenged. BNL`s Safeguards, Safety and Nonproliferation Division is funded by the Defense Nuclear Agency to develop a system to provide the challenge inspection team with a ``virtual presence`` within the facility while denying personal access. A general purpose configuration of a mobile station manned by site personnel and a base station manned by the challenge inspector, supported by a flexible communication system, will allow facility personnel to tailor the basic model to their site. Design of the MACS system is based on maximum use of commercial equipment that is available on the international market. Design requirements for the MACS system include methods of establishing geographical position, distance measuring equipment for use in verifying dimensions on floor plans, video and two-way audio links between the mobile unit and the base station, and portability and versatility of the equipment. The MACS platform will also support deployment of selected instrumentation which the site may offer to the challenge inspection team. This paper describes the design and construction of the prototype MACS system.

  17. Urban Studies: A Study of Bibliographic Access and Control.

    ERIC Educational Resources Information Center

    Anderson, Barbara E.

    This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

  18. 14 CFR 420.53 - Control of public access.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ..., DEPARTMENT OF TRANSPORTATION LICENSING LICENSE TO OPERATE A LAUNCH SITE Responsibilities of a Licensee § 420.53 Control of public access. (a) A licensee shall prevent unauthorized access to the launch site, and... the launch site of safety rules and emergency and evacuation procedures prior to that person's...

  19. Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

    PubMed

    Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

    2016-04-12

    This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

  20. [National pharmaceutical policy in Colombia and social security reform: access and rational use of medicines].

    PubMed

    Mejia Restrepo, Samuel; Velez Arango, Alba Lucía; Buritica Arboleda, Olga Clemencia; Arango Mejia, María Cristina; Rio Gomez, Jaime Alberto del

    2002-01-01

    Based on the new social security system in Colombia (1993), which establishes equity and mandatory care as the basis for public health care provision, the authors analyze whether the formulation and implementation of pharmaceutical policy promote accessibility, availability, and rational use of medicines, thereby contributing to equity in health. Two approaches were used: a macro approach centered on the legal framework and various actors in the reform process and a micro approach related to the processes and results in the drug supply system. The authors studied the legal instruments backing the country's pharmaceutical policy and evaluated their application, using indicators and a specific disease (diabetes mellitus) as a marker. Although there is a legal framework providing the people's right to access health care services and essential medicines, the country lacks a comprehensive pharmaceuticals policy. Most of the institutions experience problems in distributing the medicines listed under the Mandatory Health Plan, a low percentage of medicines is dispensed at zero cost, and a major portion of patients purchase medicines through associations of diabetics or rely on alternative medicine. The study unveiled several obstacles to equity in health care coverage and access to essential medicines.

  1. Pace: Privacy-Protection for Access Control Enforcement in P2P Networks

    NASA Astrophysics Data System (ADS)

    Sánchez-Artigas, Marc; García-López, Pedro

    In open environments such as peer-to-peer (P2P) systems, the decision to collaborate with multiple users — e.g., by granting access to a resource — is hard to achieve in practice due to extreme decentralization and the lack of trusted third parties. The literature contains a plethora of applications in which a scalable solution for distributed access control is crucial. This fact motivates us to propose a protocol to enforce access control, applicable to networks consisting entirely of untrusted nodes. The main feature of our protocol is that it protects both sensitive permissions and sensitive policies, and does not rely on any centralized authority. We analyze the efficiency (computational effort and communication overhead) as well as the security of our protocol.

  2. On the designing of a tamper resistant prescription RFID access control system.

    PubMed

    Safkhani, Masoumeh; Bagheri, Nasour; Naderi, Majid

    2012-12-01

    Recently, Chen et al. have proposed a novel tamper resistant prescription RFID access control system, published in the Journal of Medical Systems. In this paper we consider the security of the proposed protocol and identify some existing weaknesses. The main attack is a reader impersonation attack which allows an active adversary to impersonate a legitimate doctor, e.g. the patient's doctor, to access the patient's tag and change the patient prescription. The presented attack is quite efficient. To impersonate a doctor, the adversary should eavesdrop one session between the doctor and the patient's tag and then she can impersonate the doctor with the success probability of '1'. In addition, we present efficient reader-tag to back-end database impersonation, de-synchronization and traceability attacks against the protocol. Finally, we propose an improved version of protocol which is more efficient compared to the original protocol while provides the desired security against the presented attacks.

  3. 33 CFR 105.255 - Security measures for access control.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... prohibitions to be applied and the means of enforcing them; (3) The means used to establish the identity of... individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for any other reason... establish his or her identity in accordance with this part or to account for his or her presence. Any...

  4. 33 CFR 105.255 - Security measures for access control.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... prohibitions to be applied and the means of enforcing them; (3) The means used to establish the identity of... individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for any other reason... establish his or her identity in accordance with this part or to account for his or her presence. Any...

  5. 33 CFR 104.265 - Security measures for access control.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... prohibition to be applied and the means of enforcing them; (3) The means used to establish the identity of... individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for any other reason..., upon the request of vessel personnel or a law enforcement officer, to establish his or her identity...

  6. 33 CFR 104.265 - Security measures for access control.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... prohibition to be applied and the means of enforcing them; (3) The means used to establish the identity of... individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for any other reason..., upon the request of vessel personnel or a law enforcement officer, to establish his or her identity...

  7. 33 CFR 106.260 - Security measures for access control.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... means used to establish the identity of individuals not in possession of a TWIC and the means by which... with the individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for... facility personnel or a law enforcement officer, to establish his or her identity in accordance with...

  8. 33 CFR 106.260 - Security measures for access control.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... means used to establish the identity of individuals not in possession of a TWIC and the means by which... with the individual's claim of loss or theft. (3) If an individual cannot present his or her TWIC for... facility personnel or a law enforcement officer, to establish his or her identity in accordance with...

  9. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  10. BTG-AC: Break-The-Glass Access Control Model for Medical Data in Wireless Sensor Networks.

    PubMed

    Maw, Htoo; Xiao, Hannan; Christianson, Bruce; Malcolm, James

    2015-12-22

    Wireless Sensor Networks (WSNs) have recently attracted much interest in the research community because of their wide range of applications. An emerging application for WSNs involves their use in healthcare where they are generally termed Wireless Medical Sensor Networks (WMSNs). In a hospital, outfitting every patient with tiny, wearable, wireless vital sign sensors would allow doctors, nurses and other caregivers to continuously monitor the state of their patients. In such a scenario, patients are expected to be treated in reasonable time, so, an access control model is needed which will provide both real-time access to comprehensive medical records and detect unauthorised access to sensitive data. In emergency situations, a doctor or nurse needs to access data immediately. The loss in data availability can result in further decline in the patient's condition or can even lead to death. Therefore, the availability of data is more important than any security concern in emergency situations. To address that research issue for medical data in WSNs, we propose the Break-The-Glass Access Control (BTG-AC) model that is a modified and redesigned version of the Break-The-Glass Role-Based Access Control (BTG-RBAC) model to address data availability issue and to detect the security policy violations from both authorised and unauthorised users. Several changes within the access control engine are made in BTG-RBAC in order to make the new BTG-AC to apply and fit in WSNs. This paper presents the detailed design and development of the BTG-AC model based on a healthcare scenario. The evaluation results show that the concepts of BTG, prevention and detection mechanism, and obligation provide more flexible access than other current access control models in WSNs. Additionally, we compare the BTG-AC model with an adaptive access control model (A2C) which has similar properties, for further evaluation. Alongside with the comparison, the advantages and disadvantages of BTGAC over

  11. Personnel Access Control System Evaluation for National Ignition Facility Operations

    SciTech Connect

    Altenbach, T; Brereton, S.; Hermes, G.; Singh, M.

    2001-06-01

    The purpose of this document is to analyze the baseline Access Control System for the National Ignition Facility (NIF), and to assess its effectiveness at controlling access to hazardous locations during full NIF operations. It reviews the various hazards present during a NIF shot sequence, and evaluates the effectiveness of the applicable set of controls at preventing access while the hazards are present. It considers only those hazards that could potentially be lethal. In addition, various types of technologies that might be applicable at NIF are reviewed, as are systems currently in use at other facilities requiring access control for safety reasons. Recommendations on how this system might be modified to reduce risk are made.

  12. Integrated safeguards & security for material protection, accounting, and control.

    SciTech Connect

    Duran, Felicia Angelica; Cipiti, Benjamin B.

    2009-10-01

    Traditional safeguards and security design for fuel cycle facilities is done separately and after the facility design is near completion. This can result in higher costs due to retrofits and redundant use of data. Future facilities will incorporate safeguards and security early in the design process and integrate the systems to make better use of plant data and strengthen both systems. The purpose of this project was to evaluate the integration of materials control and accounting (MC&A) measurements with physical security design for a nuclear reprocessing plant. Locations throughout the plant where data overlap occurs or where MC&A data could be a benefit were identified. This mapping is presented along with the methodology for including the additional data in existing probabilistic assessments to evaluate safeguards and security systems designs.

  13. Process Control System Cyber Security Standards - An Overview

    SciTech Connect

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  14. Critical issues in process control system security : DHS spares project.

    SciTech Connect

    Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

    2010-10-01

    The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

  15. Health insurance and access to care among Social Security Disability Insurance beneficiaries during the Medicare waiting period.

    PubMed

    Riley, Gerald F

    2006-01-01

    For most Social Security Disability Insurance (SSDI) beneficiaries, Medicare entitlement begins 24 months after the date of SSDI entitlement. Many may experience poor access to health care during the 24-month waiting period because of a lack of insurance. National Health Interview Survey data for the period 1994-1996 were linked to Social Security and Medicare administrative records to examine health insurance status and access to care during the Medicare waiting period. Twenty-six percent of SSDI beneficiaries reported having no health insurance, with the uninsured reporting many more problems with access to care than insured individuals. Access to health insurance is especially important for people during the waiting period because of their low incomes, poor health, and weak ties to the workforce.

  16. Building a Secure Library System.

    ERIC Educational Resources Information Center

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  17. RANDOM ACCESS CONTROL OF ELECTROLUMINESCENT ELEMENTS.

    DTIC Science & Technology

    Cadmium selenide (CdSe) switches were devised to control the luminous emittance of electroluminescent cells in a solid-state display. The technique...purpose of this contract was to establish the feasibility of utilizing the hysteretic effect in cadmium selenide to provide switching and storage to an...array of electroluminescent cells by investigating the cadmium selenide material, by studying panel structure, and by investigating the addressing of

  18. The Smart Card concept applied to access control

    SciTech Connect

    Seidman, S.

    1986-01-01

    Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described.

  19. The politics of universal access: the Massachusetts Health Security Act of 1988.

    PubMed

    Goldberger, S A

    1990-01-01

    This article analyzes the passage of an unprecedented state law, promising every resident access to affordable health insurance. The Massachusetts Health Security Act of 1988 was the product of a set of political and financial pressures that had been developing for nearly a decade. Hospital, insurance, and business interests were unable to reach a new accommodation on hospital payment. This logjam created the opportunity for a policy breakthrough, but did not inherently lend itself to progressive reform. It was consumer activism that forced the traditional powers in health policy to address the interests of the uninsured. By imposing a more public-interest agenda on the process, consumers were able to change the configuration of the stalemate, but could not resolve it. The particular terms of the stalemate, however, made possible a new, more aggressive role for state government in health policy. Unable to satisfy their competing interests within a policy framework that had universal access as a goal, traditionally powerful interest groups found themselves increasingly dependent on the state to broker a new agreement. While the many concessions made to these groups are likely to prove to be the bill's undoing, the unraveling of the agreement will not end the story. The same pressures which led to passage of the Massachusetts law and which are now causing other states to act will continue to exert their effect until a more durable solution is found.

  20. RiBAC: Role Interaction Based Access Control Model for Community Computing

    NASA Astrophysics Data System (ADS)

    Jung, Youna; Masoumzadeh, Amirreza; Joshi, James B. D.; Kim, Minkoo

    Community computing is an agent-based development paradigm for ubiquitous computing systems. In a community computing system, ubiquitous services are provided by cooperation among agents. While agents cooperate, they interact with each other continuously to access data of other agents and/or to execute other agent’s actions. However, in cases of security-critical ubiquitous services such as medical or military services, an access control mechanism is necessary to prevent unauthorized access to critical data or action. In this paper, we propose a family of Role interaction Based Access Control (RiBAC) models for Community Computing, by extending the existing RBAC model to consider role interactions. As a basic model, we propose the core RiBAC model. For the convenience of management and to provide more fine-grained access control, we propose Hierarchical RiBAC (H-RiBAC), Constrained RiBAC (C-RiBAC), and Constrained Hierarchical RiBAC (CH-RiBAC) models. Finally, we extend the existing community computing framework to accommodate the specification and enforcement of RiBAC policies.

  1. Secure Communications in High Speed Fiber Optical Networks Using Code Division Multiple Access (CDMA) Transmission

    SciTech Connect

    Han, I; Bond, S; Welty, R; Du, Y; Yoo, S; Reinhardt, C; Behymer, E; Sperry, V; Kobayashi, N

    2004-02-12

    This project is focused on the development of advanced components and system technologies for secure data transmission on high-speed fiber optic data systems. This work capitalizes on (1) a strong relationship with outstanding faculty at the University of California-Davis who are experts in high speed fiber-optic networks, (2) the realization that code division multiple access (CDMA) is emerging as a bandwidth enhancing technique for fiber optic networks, (3) the realization that CDMA of sufficient complexity forms the basis for almost unbreakable one-time key transmissions, (4) our concepts for superior components for implementing CDMA, (5) our expertise in semiconductor device processing and (6) our Center for Nano and Microtechnology, which is where the majority of the experimental work was done. Here we present a novel device concept, which will push the limits of current technology, and will simultaneously solve system implementation issues by investigating new state-of-the-art fiber technologies. This will enable the development of secure communication systems for the transmission and reception of messages on deployed commercial fiber optic networks, through the CDMA phase encoding of broad bandwidth pulses. CDMA technology has been developed as a multiplexing technology, much like wavelength division multiplexing (WDM) or time division multiplexing (TDM), to increase the potential number of users on a given communication link. A novel application of the techniques created for CDMA is to generate secure communication through physical layer encoding. Physical layer encoding devices are developed which utilize semiconductor waveguides with fast carrier response times to phase encode spectral components of a secure signal. Current commercial technology, most commonly a spatial light modulator, allows phase codes to be changed at rates of only 10's of Hertz ({approx}25ms response). The use of fast (picosecond to nanosecond) carrier dynamics of semiconductors, as

  2. Secure Control Systems for the Energy Sector

    SciTech Connect

    Smith, Rhett; Stewart, John; Chavez, Adrian

    2014-10-22

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  3. Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

    NASA Astrophysics Data System (ADS)

    Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

    We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

  4. Control with a random access protocol and packet dropouts

    NASA Astrophysics Data System (ADS)

    Wang, Liyuan; Guo, Ge

    2016-08-01

    This paper investigates networked control systems whose actuators communicate with the controller via a limited number of unreliable channels. The access to the channels is decided by a so-called group random access protocol, which is modelled as a binary Markov sequence. Data packet dropouts in the channels are modelled as independent Bernoulli processes. For such systems, a systematic characterisation for controller synthesis is established and stated in terms of the transition probabilities of the Markov protocol and the packet dropout probabilities. The results are illustrated via a numerical example.

  5. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    SciTech Connect

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  6. Arms Control and National Security: Revealed through Two Case Studies

    DTIC Science & Technology

    1988-03-01

    Often, in a democratic society these watered down compromises, as they deal with arms control, fail to support arms control or national ’ 4 security...United States has made some progress in this area. Several years ago it was recognized that the communications systems were not as survivable against...defensive system. Today, SDI promises to do what was envisioned years 0 ago , that of reducing the worth of offensive weapons * .. and hopefully as a

  7. Controlling user access to electronic resources without password

    DOEpatents

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  8. Secondary retention of rubber dam: effective moisture control access considerations.

    PubMed

    Liebenberg, W H

    1995-04-01

    Primary rubber dam retention affects attachment of the latex sheet to the anchor teeth bordering the isolated working field. Secondary rubber dam retention is the provision of an effective seal at the dam-tooth junction, which is essential to the maintenance of adequate access and moisture control within the working field. Practical hints are offered to optimize access and moisture control through well-planned and properly executed secondary retention of classic rubber dam applications. In addition, innovative solutions to the limitations of general field isolation, which pertain mostly to secondary retention of the unrestrained buccal and lingual curtains of the slit dam, are introduced.

  9. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  10. Joint Access Control Based on Access Ratio and Resource Utilization for High-Speed Railway Communications

    NASA Astrophysics Data System (ADS)

    Zhou, Yuzhe; Ai, Bo

    2015-05-01

    The fast development of high-speed rails makes people's life more and more convenient. However, provisioning of quality of service of multimedia applications for users on the high-speed train is a critical task for wireless communications. Therefore, new solutions are desirable to be found to address this kind of problem. Current researches mainly focus on providing seamless broadband wireless access for high-speed mobile terminals. In this paper, an algorithm to calculate the optimal resource reservation fraction of handovers is proposed. A joint access control scheme for high-speed railway communication handover scenario is proposed. Metrics of access ratio and resource utilization ratio are considered jointly in the analysis and the performance evaluation. Simulation results show that the proposed algorithm and the scheme improve quality of service compared with other conventional schemes.

  11. Secure quantum network coding for controlled repeater networks

    NASA Astrophysics Data System (ADS)

    Shang, Tao; Li, Jiao; Liu, Jian-wei

    2016-07-01

    To realize efficient quantum communication based on quantum repeater, we propose a secure quantum network coding scheme for controlled repeater networks, which adds a controller as a trusted party and is able to control the process of EPR-pair distribution. As the key operations of quantum repeater, local operations and quantum communication are designed to adopt quantum one-time pad to enhance the function of identity authentication instead of local operations and classical communication. Scheme analysis shows that the proposed scheme can defend against active attacks for quantum communication and realize long-distance quantum communication with minimal resource consumption.

  12. Access Control for Agent-based Computing: A Distributed Approach.

    ERIC Educational Resources Information Center

    Antonopoulos, Nick; Koukoumpetsos, Kyriakos; Shafarenko, Alex

    2001-01-01

    Discusses the mobile software agent paradigm that provides a foundation for the development of high performance distributed applications and presents a simple, distributed access control architecture based on the concept of distributed, active authorization entities (lock cells), any combination of which can be referenced by an agent to provide…

  13. Secure access to patient's health records using SpeechXRays a mutli-channel biometrics platform for user authentication.

    PubMed

    Spanakis, Emmanouil G; Spanakis, Marios; Karantanas, Apostolos; Marias, Kostas

    2016-08-01

    The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

  14. Roadmap to Secure Control Systems in the Chemical Sector

    DTIC Science & Technology

    2009-09-01

    analysis of all risk factors, including physical, cyber, and human. The interaction of both internal and external process and business systems must also be...interconnectivity, but restricts its scope by addressing the cyber issues of ICS.b Interactions with physical, business, and safety systems and their security...and the fully explored ramifications as a loss of control incident propagates through multi-industry and multi-sector interactions . CONTROL SYSTEMS

  15. Access control and interlock system at the Advanced Photon Source

    SciTech Connect

    Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

    1997-08-01

    The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS`s design philosophy, configuration, hardware, functionality, validation requirements, and operational experience.

  16. 7 CFR 331.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ...; security risk assessments. 331.10 Section 331.10 Agriculture Regulations of the Department of Agriculture... individual is approved by the Administrator or the HHS Secretary following a security risk assessment by the... risk assessment to the Attorney General. (e) An individual's security risk assessment may be...

  17. 7 CFR 331.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ...; security risk assessments. 331.10 Section 331.10 Agriculture Regulations of the Department of Agriculture... individual is approved by the Administrator or the HHS Secretary following a security risk assessment by the... risk assessment to the Attorney General. (e) An individual's security risk assessment may be...

  18. Design of a Secure Local Network.

    DTIC Science & Technology

    1983-12-01

    The purpose of this study was to design a multi- level secure local network for the U.S. Air Force’s Electronic Security Command at Kelly Air Force...security access procedures implement mandatory access controls that require all users to be cleared to a security level and compartment equal to or...communicate across different networks intruder: an unauthorized agent or entity multi- level secure network: for this thesis, a network which supports

  19. Secure control systems with application to cyber-physical systems

    SciTech Connect

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  20. 33 CFR 104.405 - Format of the Vessel Security Plan (VSP).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ...) Communications; (9) Security systems and equipment maintenance; (10) Security measures for access control... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Format of the Vessel Security... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Plan (VSP) § 104.405 Format of...

  1. 33 CFR 104.405 - Format of the Vessel Security Plan (VSP).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ...) Communications; (9) Security systems and equipment maintenance; (10) Security measures for access control... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Format of the Vessel Security... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Plan (VSP) § 104.405 Format of...

  2. Controlling multiple security robots in a warehouse environment

    NASA Technical Reports Server (NTRS)

    Everett, H. R.; Gilbreath, G. A.; Heath-Pastore, T. A.; Laird, R. T.

    1994-01-01

    The Naval Command Control and Ocean Surveillance Center (NCCOSC) has developed an architecture to provide coordinated control of multiple autonomous vehicles from a single host console. The multiple robot host architecture (MRHA) is a distributed multiprocessing system that can be expanded to accommodate as many as 32 robots. The initial application will employ eight Cybermotion K2A Navmaster robots configured as remote security platforms in support of the Mobile Detection Assessment and Response System (MDARS) Program. This paper discusses developmental testing of the MRHA in an operational warehouse environment, with two actual and four simulated robotic platforms.

  3. Distributed reservation control protocols for random access broadcasting channels

    NASA Astrophysics Data System (ADS)

    Greene, E. P.; Ephremides, A.

    1981-05-01

    Attention is given to a communication network consisting of an arbitrary number of nodes which can communicate with each other via a time-division multiple access (TDMA) broadcast channel. The reported investigation is concerned with the development of efficient distributed multiple access protocols for traffic consisting primarily of single packet messages in a datagram mode of operation. The motivation for the design of the protocols came from the consideration of efficient multiple access utilization of moderate to high bandwidth (4-40 Mbit/s capacity) communication satellite channels used for the transmission of short (1000-10,000 bits) fixed length packets. Under these circumstances, the ratio of roundtrip propagation time to packet transmission time is between 100 to 10,000. It is shown how a TDMA channel can be adaptively shared by datagram traffic and constant bandwidth users such as in digital voice applications. The distributed reservation control protocols described are a hybrid between contention and reservation protocols.

  4. Distributed reservation control protocols for random access broadcasting channels

    NASA Technical Reports Server (NTRS)

    Greene, E. P.; Ephremides, A.

    1981-01-01

    Attention is given to a communication network consisting of an arbitrary number of nodes which can communicate with each other via a time-division multiple access (TDMA) broadcast channel. The reported investigation is concerned with the development of efficient distributed multiple access protocols for traffic consisting primarily of single packet messages in a datagram mode of operation. The motivation for the design of the protocols came from the consideration of efficient multiple access utilization of moderate to high bandwidth (4-40 Mbit/s capacity) communication satellite channels used for the transmission of short (1000-10,000 bits) fixed length packets. Under these circumstances, the ratio of roundtrip propagation time to packet transmission time is between 100 to 10,000. It is shown how a TDMA channel can be adaptively shared by datagram traffic and constant bandwidth users such as in digital voice applications. The distributed reservation control protocols described are a hybrid between contention and reservation protocols.

  5. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  6. 26 CFR 1.355-1 - Distribution of stock and securities of a controlled corporation.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... Holders § 1.355-1 Distribution of stock and securities of a controlled corporation. (a) Effective... in income of) the shareholders and security holders, of one or more existing businesses formerly... shareholders with respect to its stock or to its security holders in exchange for its securities....

  7. 26 CFR 1.355-1 - Distribution of stock and securities of a controlled corporation.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... Holders § 1.355-1 Distribution of stock and securities of a controlled corporation. (a) Effective... in income of) the shareholders and security holders, of one or more existing businesses formerly... shareholders with respect to its stock or to its security holders in exchange for its securities....

  8. 26 CFR 1.355-1 - Distribution of stock and securities of a controlled corporation.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... Holders § 1.355-1 Distribution of stock and securities of a controlled corporation. (a) Effective... in income of) the shareholders and security holders, of one or more existing businesses formerly... shareholders with respect to its stock or to its security holders in exchange for its securities....

  9. Randomized controlled trials in central vascular access devices: A scoping review

    PubMed Central

    Keogh, Samantha; Rickard, Claire M.

    2017-01-01

    Background Randomized controlled trials evaluate the effectiveness of interventions for central venous access devices, however, high complication rates remain. Scoping reviews map the available evidence and demonstrate evidence deficiencies to focus ongoing research priorities. Method A scoping review (January 2006–December 2015) of randomized controlled trials evaluating the effectiveness of interventions to improve central venous access device outcomes; including peripherally inserted central catheters, non-tunneled, tunneled and totally implanted venous access catheters. MeSH terms were used to undertake a systematic search with data extracted by two independent researchers, using a standardized data extraction form. Results In total, 178 trials were included (78 non-tunneled [44%]; 40 peripherally inserted central catheters [22%]; 20 totally implanted [11%]; 12 tunneled [6%]; 6 non-specified [3%]; and 22 combined device trials [12%]). There were 119 trials (68%) involving adult participants only, with 18 (9%) pediatric and 20 (11%) neonatal trials. Insertion-related themes existed in 38% of trials (67 RCTs), 35 RCTs (20%) related to post-insertion patency, with fewer trials on infection prevention (15 RCTs, 8%), education (14RCTs, 8%), and dressing and securement (12 RCTs, 7%). There were 46 different study outcomes reported, with the most common being infection outcomes (161 outcomes; 37%), with divergent definitions used for catheter-related bloodstream and other infections. Conclusion More high quality randomized trials across central venous access device management are necessary, especially in dressing and securement and patency. These can be encouraged by having more studies with multidisciplinary team involvement and consumer engagement. Additionally, there were extensive gaps within population sub-groups, particularly in tunneled devices, and in pediatrics and neonates. Finally, outcome definitions need to be unified for results to be meaningful and

  10. Creating and Maintaining Security on Campus.

    ERIC Educational Resources Information Center

    Polensky, David W.

    2002-01-01

    Describes the various components of an effective campus security program, including the master plan/needs assessment, law enforcement staffing, security technology, access control, closed circuit television systems, and emergency planning. (EV)

  11. Tag Content Access Control with Identity-based Key Exchange

    NASA Astrophysics Data System (ADS)

    Yan, Liang; Rong, Chunming

    2010-09-01

    Radio Frequency Identification (RFID) technology that used to identify objects and users has been applied to many applications such retail and supply chain recently. How to prevent tag content from unauthorized readout is a core problem of RFID privacy issues. Hash-lock access control protocol can make tag to release its content only to reader who knows the secret key shared between them. However, in order to get this shared secret key required by this protocol, reader needs to communicate with a back end database. In this paper, we propose to use identity-based secret key exchange approach to generate the secret key required for hash-lock access control protocol. With this approach, not only back end database connection is not needed anymore, but also tag cloning problem can be eliminated at the same time.

  12. Rural providers' access to online resources: a randomized controlled trial

    PubMed Central

    Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

    2016-01-01

    Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

  13. Coalition Warfare Program (CWP): secure policy controlled information query and dissemination over a Bices network

    NASA Astrophysics Data System (ADS)

    Toth, Andrew; Pham, Tien; Karr, Todd; Bent, Graham; Harries, Dominic; Knox, Alan

    2013-05-01

    In 2006, the US Army Research Laboratory (ARL) and the UK Ministry of Defence (MoD) established a collaborative research alliance with academia and industry, called the International Technology Alliance (ITA) to address fundamental issues concerning Network and Information Sciences. Under the ITA research program, a US-UK transition project on "ITA Policy Controlled Information Query and Dissemination" was funded in 2011 by OSD's Coalition Warfare Program (CWP). The goal of this CWP project is to develop an extensible capability of performing distributed federated query and information dissemination across a coalition network of distributed disparate data/information sources with access­ controlled policies. The CWP project is lead by US Army Research Laboratory (ARL) and UK Defence Science Technology Laboratory (Dstl) with software development by IBM UK and IBM US. The CWP project exploits two key technology components developed within the ITA, namely the Gaian Database and integrated Access Policy Decision and Enforcement mechanisms. The Gaian Database (GaianDB) is a Dynamic Distributed Federated Database (DDFD) that addresses a need to share information among coalition members by providing a means for policy-controlled access to data across a network of heterogeneous data sources. GaianDB implements a SQL-compliant Store-Locally-Query-Anywhere (SLQA) approach providing software applications with global access to data from any node in the database network via standard SQL queries. Security policy is stored locally and enforced at the database node level, reducing potential for unauthorized data access and waste of network bandwidth. A key metric of success for a CWP project is the transition of coalition-related technology from TRL-3 or 4 to TRL-6 or higher. Thus, the end goal of this CWP project was to demonstrate the GaianDB and policy technology within an operational environment at the NATO Intelligence Fusion Centre (NIFC) at Molesworth RAF. An initial

  14. 30 CFR 816.66 - Use of explosives: Blasting signs, warnings, and access control.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... schedule. (c) Access control. Access within the blasting area shall be controlled to prevent presence of..., and access control. 816.66 Section 816.66 Mineral Resources OFFICE OF SURFACE MINING RECLAMATION AND... STANDARDS-SURFACE MINING ACTIVITIES § 816.66 Use of explosives: Blasting signs, warnings, and access...

  15. Secure portal.

    SciTech Connect

    Nelson, Cynthia Lee

    2007-09-01

    There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allow special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal

  16. Integration of access control and ancillary information systems

    SciTech Connect

    Rodriguez, J.R.; Ahrens, J.S.

    1995-07-01

    The DOE has identified the Lawrence Livermore National Laboratory ARGUS system as the standard entry control system for the DOE Complex. ARGUS integrates several key functions, specifically, badging, entry control, and verification of clearance status. Not all sites need or can afford an ARGUS system. Such sites are therefore limited to commercial equipment which provide ARGUS like features. In this project an alternative way to integrate commercial equipment into an integrated system to include badging, access control, property control, and automated verification of clearance status has been investigated. Such a system would provide smaller sites the same functionality as is provided by ARGUS. Further, it would allow sites to fully participate in the DOE`s concept of Complex wide access control. This multi-year task is comprised of three phases. Phase 1, system requirements and definitions, and phase 2, software and hardware development, were completed during fiscal year 1994. This report covers these two phases and the demonstration system which resulted. Phase three would employ the demonstration system to evaluate system performance, identify operational limits and to integrate additional features. The demonstration system includes a badging station, a database server, a managers workstation, an entry control system, and a property protection system. The functions have been integrated through the use of custom interfaces and operator screens which greatly increase ease of use.

  17. secureBLAST.

    PubMed

    Wiezer, Arnim; Merkl, Rainer

    2003-01-01

    secureBLAST supplements NCBI wwwblast with features necessary to control in an easy manageable way usage of BLAST data sets and their update. The concept we implemented allows to offer on a single BLAST server several data sets with individually configurable access rights. Security is provided by user authentication and encryption of the http traffic via SSL. By using secureBLAST, the administration of users and databases can be done via a web interface. Therefore, secureBLAST is valuable for institutions that have to restrict access to their datasets or just want to administer BLAST servers via a web interface.

  18. 7 CFR 331.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ...; security risk assessments. 331.10 Section 331.10 Agriculture Regulations of the Department of Agriculture... individual is approved by the Administrator or the HHS Secretary following a security risk assessment by the... risk assessment to the Attorney General. (e) A person with valid approval from the HHS Secretary...

  19. 7 CFR 331.10 - Restricting access to select agents and toxins; security risk assessments.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ...; security risk assessments. 331.10 Section 331.10 Agriculture Regulations of the Department of Agriculture... individual is approved by the Administrator or the HHS Secretary following a security risk assessment by the... risk assessment to the Attorney General. (e) A person with valid approval from the HHS Secretary...

  20. DoD Needs to Improve Screening and Access Controls for General Public Tenants Leasing Housing on Military Installations (REDACTED)

    DTIC Science & Technology

    2016-04-01

    have the actual signature of the authorizing official for your organization. We cannot accept the /Signed/ symbol in place of the actual signature...Introduction DODIG-2016-072 │ 1 Introduction Objective Our audit objective was to determine whether DoD had adequate security controls in place for the... working with installations without a direct connection to NCIC via a state terminal to provide access through OpenFox. In addition, procedures for

  1. 10 CFR 37.47 - Security zones.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... security zone only through established access control points. A physical barrier is a natural or man-made... temporary security zones and in any security zone in which physical barriers or intrusion detection systems... 10 Energy 1 2014-01-01 2014-01-01 false Security zones. 37.47 Section 37.47 Energy...

  2. National Security Report: Background and Perspective on Important National Security and Defense Policy Issues. Volume 2, Issue 2, April 1998. Sales or Security? Supercomputers and Export Controls

    DTIC Science & Technology

    1998-04-01

    2 Chairman, House National Security Committee April 1998 Fromthe Chairman- Sales or Security? Supercomputers and Export Controls ilk)9o oil V e... military purposes, in Rus- fltJ Administatiii’ý’iclaxation of ers were inappropriately shipped without sia, China, and other countries ofprolifera- erc i...exuit controls. Under the required export licenses to military -re- tion concern. This shifted the burden of ~t i laxedpolicy the Administation did

  3. A study of multiple access schemes in satellite control network

    NASA Astrophysics Data System (ADS)

    Mo, Zijian; Wang, Zhonghai; Xiang, Xingyu; Wang, Gang; Chen, Genshe; Nguyen, Tien; Pham, Khanh; Blasch, Erik

    2016-05-01

    Satellite Control Networks (SCN) have provided launch control for space lift vehicles; tracking, telemetry and commanding (TTC) for on-orbit satellites; and, test support for space experiments since the 1960s. Currently, SCNs encounter a new challenge: how to maintain the high reliability of services when sharing the spectrum with emerging commercial services. To achieve this goal, the capability of multiple satellites reception is deserved as an update/modernization of SCN in the future. In this paper, we conducts an investigation of multiple access techniques in SCN scenario, e.g., frequency division multiple access (FDMA) and coded division multiple access (CDMA). First, we introduce two upgrade options of SCN based on FDMA and CDMA techniques. Correspondingly, we also provide their performance analysis, especially the system improvement in spectrum efficiency and interference mitigation. Finally, to determine the optimum upgrade option, this work uses CRISP, i.e., Cost, Risk, Installation, Supportability and Performance, as the baseline approach for a comprehensive trade study of these two options. Extensive numerical and simulation results are presented to illustrate the theoretical development.

  4. CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL

    SciTech Connect

    Kathleen A. Lee

    2008-01-01

    The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

  5. Assessing School Security: Not an Either/Or Question.

    ERIC Educational Resources Information Center

    Butterfield, Eric

    2000-01-01

    Discusses school security program assessment and strategies that try to strike a balance between security equipment and staffing needs. Also explored are where security equipment can save school districts money, access control strategies, the physical elements that often compromise security, and school security personnel hiring criteria. (GR)

  6. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470... Technology resources, and sensitive information. ... ACQUISITION REGULATION (HSAR) GENERAL ADMINISTRATIVE MATTERS Safeguarding Classified and Sensitive...

  7. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470... Technology resources, and sensitive information. ... ACQUISITION REGULATION (HSAR) GENERAL ADMINISTRATIVE MATTERS Safeguarding Classified and Sensitive...

  8. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470... Technology resources, and sensitive information. ... ACQUISITION REGULATION (HSAR) GENERAL ADMINISTRATIVE MATTERS Safeguarding Classified and Sensitive...

  9. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470... Technology resources, and sensitive information. ... ACQUISITION REGULATION (HSAR) GENERAL ADMINISTRATIVE MATTERS Safeguarding Classified and Sensitive...

  10. 30 CFR 817.66 - Use of explosives: Blasting signs, warnings, and access control.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... notification required in § 817.64(a). (c) Access control. Access within the blasting areas shall be controlled..., and access control. 817.66 Section 817.66 Mineral Resources OFFICE OF SURFACE MINING RECLAMATION AND... control. (a) Blasting signs. Blasting signs shall meet the specifications of § 817.11. The operator...

  11. 47 CFR 76.1204 - Availability of equipment performing conditional access or security functions.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 47 Telecommunication 4 2011-10-01 2011-10-01 false Availability of equipment performing... Availability of Navigation Devices § 76.1204 Availability of equipment performing conditional access or... perform conditional access functions shall make available equipment that incorporates only the...

  12. Health security and disease control: lessons from Mexico.

    PubMed

    Frenk, Julio; Gómez-Dantés, Octavio

    2011-12-30

    This paper discusses the controversy between top-down, disease-focused, vertical programs, on the one hand, and activities that have been horizontally integrated into health services, on the other, using as a reference the public health initiatives developed in Mexico in the context of a recent comprehensive health care reform. The main message is that it is possible to achieve a synthesis between vertical and horizontal strategies, and also between public health and personal health care programs. Public health and personal care are the two sides of the health system coin, and both are central to a comprehensive concept of health security. Investments in epidemiological surveillance and response clearly contribute to the control of threats facing nation-states, such as pandemics and biological warfare. At the same time, investments in the protection of individuals from threats that endanger their health would also make our world a safer place.

  13. Equity in access to health care provision under the medicare security for small scale entrepreneurs in Dar es Salaam.

    PubMed

    Urassa, J A E

    2012-03-01

    The main objective of this study was to assess equity in access to health care provision under the Medicare Security for Small Scale Entrepreneurs (SSE). Methodological triangulation was used to an exploratory and randomized cross- sectional study in order to supplement information on the topic under investigation. Questionnaires were administered to 281 respondents and 6 Focus Group Discussions (FGDs) were held with males and females. Documentary review was also used. For quantitative aspect of the study, significant associations were measured using confidence intervals (95% CI) testing. Qualitative data were analyzed with assistance of Open code software. The results show that inequalities in access to health care services were found in respect to affordability of medical care costs, distance from home to health facilities, availability of drugs as well as medical equipments and supplies. As the result of existing inequalities some of clients were not satisfied with the provided health services. The study concludes by drawing policy and research implications of the findings.

  14. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material...

  15. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material...

  16. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material...

  17. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material...

  18. 10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material...

  19. Accessibility

    EPA Pesticide Factsheets

    Federal laws, including Section 508 of the Rehabilitation Act, mandate that people with disabilities have access to the same information that someone without a disability would have. 508 standards cover electronic and information technology (EIT) products.

  20. Laboratory security and emergency response guidance for laboratories working with select agents. Centers for Disease Control and Prevention.

    PubMed

    Richmond, Jonathan Y; Nesby-O'Dell, Shanna L

    2002-12-06

    In recent years, concern has increased regarding use of biologic materials as agents of terrorism, but these same agents are often necessary tools in clinical and research microbiology laboratories. Traditional biosafety guidelines for laboratories have emphasized use of optimal work practices, appropriate containment equipment, well-designed facilities, and administrative controls to minimize risk of worker injury and to ensure safeguards against laboratory contamination. The guidelines discussed in this report were first published in 1999 (U.S. Department of Health and Human Services/CDC and National Institutes of Health. Biosafety in microbiological and biomedical laboratories [BMBL]. Richmond JY, McKinney RW, eds. 4th ed. Washington, DC: US Department of Health and Human Services, 1999 [Appendix F]). In that report, physical security concerns were addressed, and efforts were focused on preventing unauthorized entry to laboratory areas and preventing unauthorized removal of dangerous biologic agents from the laboratory. Appendix F of BMBL is now being revised to include additional information regarding personnel risk assessments, and inventory controls. The guidelines contained in this report are intended for laboratories working with select agents under biosafety-level 2, 3, or 4 conditions as described in Sections II and III of BMBL. These recommendations include conducting facility risk assessments and developing comprehensive security plans to minimize the probability of misuse of select agents. Risk assessments should include systematic, site-specific reviews of 1) physical security; 2) security of data and electronic technology systems; 3) employee security; 4) access controls to laboratory and animal areas; 5) procedures for agent inventory and accountability; 6) shipping/transfer and receiving of select agents; 7) unintentional incident and injury policies; 8) emergency response plans; and 9) policies that address breaches in security. The security plan

  1. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  2. 78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-02-01

    ... ] systems operated or maintained by certain law enforcement agencies and the Coast Guard. DATES: Comments... the maximum extent practical,'' the facility's security systems ``with compatible systems operated or... systems operated or maintained by the appropriate State and local law enforcement agencies and the...

  3. 28 CFR 16.74 - Exemption of National Security Division Systems-limited access.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... provide the target of a surveillance or collection activity with the disclosure accounting records... activity and compromise national security. For example, a target could, once made aware that collection... avoid detection. (9) Subsections (e)(4)(G), (H) and (I), and (f). These subsections are inapplicable...

  4. Against All Odds: Latinas Activate Agency to Secure Access to College

    ERIC Educational Resources Information Center

    Sapp, Vicki T.; Kiyama, Judy Marquez; Dache-Gerbino, Amalia

    2016-01-01

    This qualitative study seeks to understand Latinas' college-going behaviors by examining their agency and role in securing opportunity for college. The authors examine the activation of agency among 16 urban Latinas when navigating the structures influencing college opportunity through a cultural ecological model. Examples of agency are…

  5. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified

  6. A case study of the Secure Anonymous Information Linkage (SAIL) Gateway: a privacy-protecting remote access system for health-related research and evaluation.

    PubMed

    Jones, Kerina H; Ford, David V; Jones, Chris; Dsilva, Rohan; Thompson, Simon; Brooks, Caroline J; Heaven, Martin L; Thayer, Daniel S; McNerney, Cynthia L; Lyons, Ronan A

    2014-08-01

    With the current expansion of data linkage research, the challenge is to find the balance between preserving the privacy of person-level data whilst making these data accessible for use to their full potential. We describe a privacy-protecting safe haven and secure remote access system, referred to as the Secure Anonymised Information Linkage (SAIL) Gateway. The Gateway provides data users with a familiar Windows interface and their usual toolsets to access approved anonymously-linked datasets for research and evaluation. We outline the principles and operating model of the Gateway, the features provided to users within the secure environment, and how we are approaching the challenges of making data safely accessible to increasing numbers of research users. The Gateway represents a powerful analytical environment and has been designed to be scalable and adaptable to meet the needs of the rapidly growing data linkage community.

  7. BIOPACK: the ground controlled late access biological research facility.

    PubMed

    van Loon, Jack J W A

    2004-03-01

    Future Space Shuttle flights shall be characterized by activities necessary to further build the International Space Station, ISS. During these missions limited resources are available to conduct biological experiments in space. The Shuttles' Middeck is a very suitable place to conduct science during the ISS assembly missions or dedicated science missions. The BIOPACK, which flew its first mission during the STS-107, provides a versatile Middeck Locker based research tool for gravitational biology studies. The core facility occupies the space of only two Middeck Lockers. Experiment temperatures are controlled for bacteria, plant, invertebrate and mammalian cultures. Gravity levels and profiles can be set ranging from 0 to 2.0 x g on three independent centrifuges. This provides the experimenter with a 1.0 x g on-board reference and intermediate hypogravity and hypergravity data points to investigate e.g. threshold levels in biological responses. Temperature sensitive items can be stored in the facilities' -10 degrees C and +4 degrees C stowage areas. During STS-107 the facility also included a small glovebox (GBX) and passive temperature controlled units (PTCU). The GBX provides the experimenter with two extra levels of containment for safe sample handling. This biological research facility is a late access (L-10 hrs) laboratory, which, when reaching orbit, could automatically be starting up reducing important experiment lag-time and valuable crew time. The system is completely telecommanded when needed. During flight system parameters like temperatures, centrifuge speeds, experiment commanding or sensor readouts can be monitored and changed when needed. Although ISS provides a wide range of research facilities there is still need for an STS-based late access facility such as the BIOPACK providing experimenters with a very versatile research cabinet for biological experiments under microgravity and in-flight control conditions.

  8. Collections Security: The Preservation Perspective.

    ERIC Educational Resources Information Center

    Patkus, Beth L.

    1998-01-01

    Provides a brief review of the basic elements of library security and preservation programs as a background for an exploration of security/preservation issues, problems, and policies. Discusses environmental control, disaster preparedness, fire protection, storage and handling, and controlling access to collections. (AEF)

  9. Access to Network Login by Three-Factor Authentication for Effective Information Security.

    PubMed

    Vaithyasubramanian, S; Christy, A; Saravanan, D

    2016-01-01

    Today's technology development in the field of computer along with internet of things made huge difference in the transformation of our lives. Basic computer framework and web client need to make significant login signify getting to mail, long range interpersonal communication, internet keeping money, booking tickets, perusing online daily papers, and so forth. The login user name and secret key mapping validate if the logging user is the intended client. Secret key is assumed an indispensable part in security. The objective of MFA is to make a layered safeguard and make it more troublesome for an unauthenticated entity to get to an objective, for example, a physical area, processing gadget, system, or database. In the event that one element is bargained or broken, the assailant still has two more boundaries to rupture before effectively breaking into the objective. An endeavor has been made by utilizing three variable types of authentication. In this way managing additional secret key includes an additional layer of security.

  10. First Experiences Using XACML for Access Control in Distributed Systems

    NASA Technical Reports Server (NTRS)

    Lorch, Marcus; Proctor, Seth; Lepro, Rebekah; Kafura, Dennis; Shah, Sumit

    2003-01-01

    Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as complex as the system itself. Worse still, while there are many standards that define authentication mechanisms, the standards that address authorization are less well defined and tend to work only within homogeneous systems. This paper presents XACML, a standard access control language, as one component of a distributed and inter-operable authorization framework. Several emerging systems which incorporate XACML are discussed. These discussions illustrate how authorization can be deployed in distributed, decentralized systems. Finally, some new and future topics are presented to show where this work is heading and how it will help connect the general components of an authorization system.

  11. The Cloud's Core Virtual Infrastructure Security

    NASA Astrophysics Data System (ADS)

    Tolnai, Annette; von Solms, Sebastiaan

    Cloud service providers (CSPs) should institute the necessary security controls, including restricting physical and logical access to hypervisor and other forms of employed virtualization layers. To enact relevant security measures, the core elements communicating with the hypervisor need to be secured. A proposed security model will introduce some of the aspects that need to be secured in the virtual environment to ensure a secure and sound cloud computing environment. This paper will discuss the core aspects of the virtualized architecture explaining the security risks, including a discussion pertaining to the relevant security core concepts to mitigate the risks.

  12. A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems.

    PubMed

    Choi, Donghee; Kim, Dohoon; Park, Seog

    2015-01-01

    Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the context such as life-threatening emergencies. In this paper, we suggest an approach and framework for context sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context- and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk. The proposed framework supports quick responses to medical situations and prevents unnecessary insider data access through dynamic access authorization decisions in accordance with the severity of the context and treatment.

  13. Composable Distributed Access Control and Integrity Policies for Query-Based Wireless Sensor Networks

    DTIC Science & Technology

    2008-03-01

    multiple WSN policies. The construction, hybridization, and composition of well–known models is demonstrated to preserve security, sustaining...confidentiality in Bell–LaPadula’s model , integrity in Biba’s strict integrity model , and conflict of interest avoidance in the Chinese Wall. Using WASL, a multi...as defined by the security model . It is also be more flexible in that a policy file update is all that is required to modify the accesses permitted

  14. An Information Security Control Assessment Methodology for Organizations

    ERIC Educational Resources Information Center

    Otero, Angel R.

    2014-01-01

    In an era where use and dependence of information systems is significantly high, the threat of incidents related to information security that could jeopardize the information held by organizations is more and more serious. Alarming facts within the literature point to inadequacies in information security practices, particularly the evaluation of…

  15. Dynamic access control model for privacy preserving personalized healthcare in cloud environment.

    PubMed

    Son, Jiseong; Kim, Jeong-Dong; Na, Hong-Seok; Baik, Doo-Kwon

    2015-01-01

    When sharing and storing healthcare data in a cloud environment, access control is a central issue for preserving data privacy as a patient's personal health data may be accessed without permission from many stakeholders. Specifically, dynamic authorization for the access of data is required because personal health data is stored in cloud storage via wearable devices. Therefore, we propose a dynamic access control model for preserving the privacy of personal healthcare data in a cloud environment. The proposed model considers context information for dynamic access. According to the proposed model, access control can be dynamically determined by changing the context information; this means that even for a subject with the same role in the cloud, access permission is defined differently depending on the context information and access condition. Furthermore, we experiment the ability of the proposed model to provide correct responses by representing a dynamic access decision with real-life personalized healthcare system scenarios.

  16. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-01-26

    ... COMMISSION 17 CFR Part 240 RIN 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access... market access to customers or other persons, to implement risk management controls and supervisory... growing popularity of sponsored or direct market access arrangements where broker-dealers allow...

  17. External Labeling as a Framework for Access Control

    ERIC Educational Resources Information Center

    Rozenbroek, Thomas H.

    2012-01-01

    With the ever increasing volume of data existing on and passing through on-line resources together with a growing number of legitimate users of that information and potential adversaries, the need for better security and safeguards is immediate and critical. Currently, most of the security and safeguards afforded on-line information are provided…

  18. A Security Framework for Online Distance Learning and Training.

    ERIC Educational Resources Information Center

    Furnell, S. M.; Onions, P. D.; Bleimann, U.; Gojny, U.; Knahl, M.; Roder, H. F.; Sanders, P. W.

    1998-01-01

    Presents a generic reference model for online distance learning and discusses security issues for each stage (enrollment, study, completion, termination, suspension). Discusses a security framework (authentication and accountability, access control, intrusion detection, network communications, nonrepudiation, learning resources provider…

  19. A comprehensive Network Security Risk Model for process control networks.

    PubMed

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  20. Secure remote access to a clinical data repository using a wireless personal digital assistant (PDA).

    PubMed Central

    Duncan, R. G.; Shabot, M. M.

    2000-01-01

    TCP/IP and World-Wide-Web (WWW) technology have become the universal standards for networking and delivery of information. Personal digital assistants (PDAs), cellular telephones, and alphanumeric pagers are rapidly converging on a single pocket device that will leverage wireless TCP/IP networks and WWW protocols and can be used to deliver clinical information and alerts anytime, anywhere. We describe a wireless interface to clinical information for physicians based on Palm Corp.'s Palm VII pocket computer, a wireless digital network, encrypted data transmission, secure web servers, and a clinical data repository (CDR). PMID:11079875

  1. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

    NASA Technical Reports Server (NTRS)

    Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

    2015-01-01

    NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

  2. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  3. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  4. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  5. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  6. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  7. Design and Implementation of A DICOM PACS With Secure Access Via Internet

    DTIC Science & Technology

    2007-11-02

    system, integrating them with the medical history data. Restricted access based on privileges were design to to make reports or only to consult data...like medium, a concept of exchange of information based on images and data between doctors, services and hospitals. It is a concept of integration...alfonso/pacs.html [2] SL. Lou, Hoogstrate, HK Huang. “Automated PACS image adquisition and recovery scheme for image integrity based on the DICOM

  8. Service Independent Access Control Architecture for User Generated Content (UGC) and Its Implementation

    NASA Astrophysics Data System (ADS)

    Yamada, Akira; Kubota, Ayumu; Miyake, Yutaka; Hashimoto, Kazuo

    Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.

  9. Access to Network Login by Three-Factor Authentication for Effective Information Security

    PubMed Central

    Vaithyasubramanian, S.; Christy, A.; Saravanan, D.

    2016-01-01

    Today's technology development in the field of computer along with internet of things made huge difference in the transformation of our lives. Basic computer framework and web client need to make significant login signify getting to mail, long range interpersonal communication, internet keeping money, booking tickets, perusing online daily papers, and so forth. The login user name and secret key mapping validate if the logging user is the intended client. Secret key is assumed an indispensable part in security. The objective of MFA is to make a layered safeguard and make it more troublesome for an unauthenticated entity to get to an objective, for example, a physical area, processing gadget, system, or database. In the event that one element is bargained or broken, the assailant still has two more boundaries to rupture before effectively breaking into the objective. An endeavor has been made by utilizing three variable types of authentication. In this way managing additional secret key includes an additional layer of security. PMID:27006976

  10. Medical database security evaluation.

    PubMed

    Pangalos, G J

    1993-01-01

    Users of medical information systems need confidence in the security of the system they are using. They also need a method to evaluate and compare its security capabilities. Every system has its own requirements for maintaining confidentiality, integrity and availability. In order to meet these requirements a number of security functions must be specified covering areas such as access control, auditing, error recovery, etc. Appropriate confidence in these functions is also required. The 'trust' in trusted computer systems rests on their ability to prove that their secure mechanisms work as advertised and cannot be disabled or diverted. The general framework and requirements for medical database security and a number of parameters of the evaluation problem are presented and discussed. The problem of database security evaluation is then discussed, and a number of specific proposals are presented, based on a number of existing medical database security systems.

  11. Data Access, Ownership, and Control: Toward Empirical Studies of Access Practices.

    ERIC Educational Resources Information Center

    Hilgartner, Stephen; Brandt-Rauf, Sherry I.

    1994-01-01

    Examines how the new sociology of science can approach data access issues. A perspective is developed based on an analysis of the process of scientific production, data streams, and intellectual policy issues. (Contains 55 references.) (JLB)

  12. Self Organized Multi Agent Swarms (SOMAS) for Network Security Control

    DTIC Science & Technology

    2009-03-01

    Institute of Physics Publishing, 2000. 16. Bäck, Thomas, D. B. Fogel , and T. Michalewicz (editors). Evolutionary Computation 1 Basic Algorithms and...September 2008. 21. Berinato, Scott. “A Few Good Information Security Metrics”. CSO Security and Risk, 2005. 22. Bernstein, Daniel S., Robert Givan...editor). Foundations of Decision-Making Agents: Logic, Probability, and Modality. World Scientific Press, 2008. 38. Dembski, William . Conservation of

  13. Layered mode selection logic control for border security

    NASA Astrophysics Data System (ADS)

    Born, T.; Ferrer, G.; Wright, A. M.; Wright, A. B.

    2007-04-01

    Challenges in border security may be resolved through a team of autonomous mobile robots configured as a flexible sensor array. The robots will have a prearranged formation along a section of a border, and each robot will attempt to maintain a uniform distance with its nearest neighbors. The robots will carry sensor packages which can detect a signature that is representative of a human (for instance, a thermal signature). When a robot detects an intruder, it will move away such that it attempts to maintain a constant distance from the intruder and move away from the border (i.e. into its home territory). As the robot moves away from the border, its neighbors will move away from the border to maintain a uniform distance with the moving robot and with their fixed neighbors. The pattern of motion in the team of robots can be identified, either algorithmically by a computer or by a human monitor of a display. Unique patterns are indicative of animal movement, human movement, and mass human movement. To realize such a scheme, a new control architecture must be developed. This architecture must be fault tolerant to sensor and manipulator failures, scalable in number of agents, and adaptable to different robotic base platforms (for instance, a UGV may be appropriate at the southern border and a UAV may be appropriate at the northern border). The Central Arkansas Robotics Consortium has developed an architecture, called Layered Mode Selection Logic (LMSL), which addresses all of these concerns. The overall LMSL scheme as applied to a multi-agent flexible sensor array is described in this paper.

  14. IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

    NASA Technical Reports Server (NTRS)

    Branch, Drew A.

    2014-01-01

    Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

  15. IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

    NASA Technical Reports Server (NTRS)

    Branch, Drew

    2013-01-01

    Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

  16. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

    PubMed

    Hernández-Ramos, José L; Bernabe, Jorge Bernal; Moreno, M Victoria; Skarmeta, Antonio F

    2015-07-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

  17. Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things

    PubMed Central

    Hernández-Ramos, José L.; Bernabe, Jorge Bernal; Moreno, M. Victoria; Skarmeta, Antonio F.

    2015-01-01

    As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things. PMID:26140349

  18. 78 FR 65155 - Special Conditions: Learjet Model 45 Series Airplanes; Isolation or Security Protection of the...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-10-31

    ... navigation systems (aircraft control domain); 2. Operator business and administrative support (operator... electronic system security protection against, access by unauthorized sources internal to the airplane. The... Airplanes; Isolation or Security Protection of the Aircraft Control Domain and the Airline...

  19. 10 CFR 20.1601 - Control of access to high radiation areas.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 1 2011-01-01 2011-01-01 false Control of access to high radiation areas. 20.1601 Section 20.1601 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1601 Control of access to high radiation areas....

  20. 10 CFR 20.1602 - Control of access to very high radiation areas.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 1 2012-01-01 2012-01-01 false Control of access to very high radiation areas. 20.1602 Section 20.1602 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1602 Control of access to very high radiation...

  1. 10 CFR 20.1602 - Control of access to very high radiation areas.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 1 2010-01-01 2010-01-01 false Control of access to very high radiation areas. 20.1602 Section 20.1602 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1602 Control of access to very high radiation...

  2. 10 CFR 20.1601 - Control of access to high radiation areas.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 1 2014-01-01 2014-01-01 false Control of access to high radiation areas. 20.1601 Section 20.1601 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1601 Control of access to high radiation areas....

  3. 10 CFR 20.1601 - Control of access to high radiation areas.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 1 2010-01-01 2010-01-01 false Control of access to high radiation areas. 20.1601 Section 20.1601 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1601 Control of access to high radiation areas....

  4. 10 CFR 20.1602 - Control of access to very high radiation areas.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 1 2013-01-01 2013-01-01 false Control of access to very high radiation areas. 20.1602 Section 20.1602 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1602 Control of access to very high radiation...

  5. 10 CFR 20.1602 - Control of access to very high radiation areas.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 1 2011-01-01 2011-01-01 false Control of access to very high radiation areas. 20.1602 Section 20.1602 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1602 Control of access to very high radiation...

  6. 10 CFR 20.1602 - Control of access to very high radiation areas.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 1 2014-01-01 2014-01-01 false Control of access to very high radiation areas. 20.1602 Section 20.1602 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1602 Control of access to very high radiation...

  7. 10 CFR 20.1601 - Control of access to high radiation areas.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 1 2013-01-01 2013-01-01 false Control of access to high radiation areas. 20.1601 Section 20.1601 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1601 Control of access to high radiation areas....

  8. 10 CFR 20.1601 - Control of access to high radiation areas.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 1 2012-01-01 2012-01-01 false Control of access to high radiation areas. 20.1601 Section 20.1601 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Control of Exposure From External Sources in Restricted Areas § 20.1601 Control of access to high radiation areas....

  9. Main control computer security model of closed network systems protection against cyber attacks

    NASA Astrophysics Data System (ADS)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  10. Broadband passive optical network media access control protocols

    NASA Astrophysics Data System (ADS)

    Quayle, Alan

    1996-11-01

    Most telecommunication operators are currently deciding on how to respond to customers' needs stimulated by the synergy between compression coding of multimedia and the emergence of broadband digital networks. This paper describes a range of broadband access architectures under consideration in the full services access network initiative. All architectures have a common requirement for a broadband ATM PON. A common broadband PON applicable to many operators increases the world-wide market for the product. With greater production volumes manufacturers' costs reduce because of the experience curve effect making broadband access systems economic.

  11. Technical and Operational Analysis of the Fortress Secure Wireless Access Bridge (ES-520) in Support of Tactical Military Coalition Operations

    DTIC Science & Technology

    2008-03-01

    Media Access Control MANET Mobile Ad Hoc Networking Mbps Megabit per second MCA Multi-Channel Architecture MIL-STD Military Standard MIMO ...RESEARCH EFFORTS A. BACKGROUND The world of military communications is on the verge of massive and revolutionary change, from new generations of...and custom radio designs. This radio technology roadmap includes 802.11n Multiple-input multiple-output ( MIMO ), 4.9GHz WI-FI, etc [3]. 2. Mesh

  12. Report: EPA’s Office of Environmental Information Should Improve Ariel Rios and Potomac Yard Computer Room Security Controls

    EPA Pesticide Factsheets

    Report #12-P-0879, September 26, 2012. The security posture and in-place environmental control review of the computer rooms in the Ariel Rios and Potomac Yard buildings revealed numerous security and environmental control deficiencies.

  13. Report: EPA’s Radiation and Indoor Environments National Laboratory Should Improve Its Computer Room Security Controls

    EPA Pesticide Factsheets

    Report #12-P-0847, September 21, 2012.Our review of the security posture and in-place environmental controls of EPA’s Radiation and Indoor Environments National Laboratory computer room disclosed an array of security and environmental control deficiencies.

  14. Security System Software

    NASA Technical Reports Server (NTRS)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  15. A low power medium access control protocol for wireless medical sensor networks.

    PubMed

    Lamprinos, I; Prentza, A; Sakka, E; Koutsouris, D

    2004-01-01

    The concept of a wireless integrated network of sensors, already applied in several sectors of our everyday life, such as security, transportation and environment monitoring, can as well provide an advanced monitor and control resource for healthcare services. By networking medical sensors wirelessly, attaching them in patient's body, we create the appropriate infrastructure for continuous and real-time monitoring of patient without discomforting him. This infrastructure can improve healthcare by providing the means for flexible acquisition of vital signs, while at the same time it provides more convenience to the patient. Given the type of wireless network, traditional medium access control (MAC) protocols cannot take advantage of the application specific requirements and information characteristics occurring in medical sensor networks, such as the demand for low power consumption and the rather limited and asymmetric data traffic. In this paper, we present the architecture of a low power MAC protocol, designated to support wireless networks of medical sensors. This protocol aims to improve energy efficiency by exploiting the inherent application features and requirements. It is oriented towards the avoidance of main energy wastage sources, such as idle listening, collision and power outspending.

  16. Access Nets: Modeling Access to Physical Spaces

    NASA Astrophysics Data System (ADS)

    Frohardt, Robert; Chang, Bor-Yuh Evan; Sankaranarayanan, Sriram

    Electronic, software-managed mechanisms using, for example, radio-frequency identification (RFID) cards, enable great flexibility in specifying access control policies to physical spaces. For example, access rights may vary based on time of day or could differ in normal versus emergency situations. With such fine-grained control, understanding and reasoning about what a policy permits becomes surprisingly difficult requiring knowledge of permission levels, spatial layout, and time. In this paper, we present a formal modeling framework, called AccessNets, suitable for describing a combination of access permissions, physical spaces, and temporal constraints. Furthermore, we provide evidence that model checking techniques are effective in reasoning about physical access control policies. We describe our results from a tool that uses reachability analysis to validate security policies.

  17. The Model and Control Methods of Access to Information and Technology Resources of Automated Control Systems in Water Supply Industry

    NASA Astrophysics Data System (ADS)

    Rytov, M. Yu; Spichyack, S. A.; Fedorov, V. P.; Petreshin, D. I.

    2017-01-01

    The paper describes a formalized control model of access to information and technological resources of automated control systems at water supply enterprises. The given model considers the availability of various communication links with information systems and technological equipment. There are also studied control methods of access to information and technological resources of automated control systems at water supply enterprises. On the basis of the formalized control model and appropriate methods there was developed a software-hardware complex for rapid access to information and technological resources of automated control systems, which contains an administrator’s automated workplace and ultimate users.

  18. Poverty, food security and universal access to sexual and reproductive health services: a call for cross-movement advocacy against neoliberal globalisation.

    PubMed

    Sundari Ravindran, T K

    2014-05-01

    Universal access to sexual and reproductive health services is one of the goals of the International Conference on Population and Development of 1994. The Millennium Development Goals were intended above all to end poverty. Universal access to health and health services are among the goals being considered for the post-2015 agenda, replacing or augmenting the MDGs. Yet we are not only far from reaching any of these goals but also appear to have lost our way somewhere along the line. Poverty and lack of food security have, through their multiple linkages to health and access to health care, deterred progress towards universal access to health services, including for sexual and reproductive health needs. A more insidious influence is neoliberal globalisation. This paper describes neoliberal globalisation and the economic policies it has engendered, the ways in which it influences poverty and food security, and the often unequal impact it has had on women as compared to men. It explores the effects of neoliberal economic policies on health, health systems, and universal access to health care services, and the implications for access to sexual and reproductive health. To be an advocate for universal access to health and health care is to become an advocate against neoliberal globalisation.

  19. Open access, readership, citations: a randomized controlled trial of scientific journal publishing.

    PubMed

    Davis, Philip M

    2011-07-01

    Does free access to journal articles result in greater diffusion of scientific knowledge? Using a randomized controlled trial of open access publishing, involving 36 participating journals in the sciences, social sciences, and humanities, we report on the effects of free access on article downloads and citations. Articles placed in the open access condition (n=712) received significantly more downloads and reached a broader audience within the first year, yet were cited no more frequently, nor earlier, than subscription-access control articles (n=2533) within 3 yr. These results may be explained by social stratification, a process that concentrates scientific authors at a small number of elite research universities with excellent access to the scientific literature. The real beneficiaries of open access publishing may not be the research community but communities of practice that consume, but rarely contribute to, the corpus of literature.

  20. Access control and privilege management in electronic health record: a systematic literature review.

    PubMed

    Jayabalan, Manoj; O'Daniel, Thomas

    2016-12-01

    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

  1. Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

    NASA Technical Reports Server (NTRS)

    Chow, Edward T.; Woo, Simon S.; James, Mark; Paloulian, George K.

    2012-01-01

    As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are

  2. 33 CFR 150.604 - Who controls access to medical monitoring and exposure records?

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Who controls access to medical monitoring and exposure records? 150.604 Section 150.604 Navigation and Navigable Waters COAST GUARD... Health Safety and Health (general) § 150.604 Who controls access to medical monitoring and...

  3. 33 CFR 150.604 - Who controls access to medical monitoring and exposure records?

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Who controls access to medical... Health Safety and Health (general) § 150.604 Who controls access to medical monitoring and exposure records? If medical monitoring is performed or exposure records are maintained by an employer, the...

  4. Non-Discretionary Access Control for Decentralized Computing Systems

    DTIC Science & Technology

    1977-05-01

    Analysis and Enhancements of Computer Operating Systems, The RISOS Project, Lawrence Livermore Laboratory, Livermore, Ca., NBSIR 76-1041, National Bureau...301-307. 138 <Walter74> Walter , K. G., et al, Primitive Models for Computer Security, Case Western Reserve University, ESD-TR-74-117, HQ...Electronic Systems Division, Hanscom AFB, Ma., 23 January 1974. (NTIS# AD 778467) <Walter75> Walter , K. G., et al., Initial Structured Specifications for

  5. 32 CFR 552.109 - Routine security controls.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... center where the visitor's name, vehicle license number, purpose and duration of visit will be recorded prior to granting access. Visitor's passes for visitors to Madigan Army Medical Center and the Logistics Center/Civilian Personnel Office will be issued at the Madigan and Logistics Center gates...

  6. 32 CFR 552.109 - Routine security controls.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... center where the visitor's name, vehicle license number, purpose and duration of visit will be recorded prior to granting access. Visitor's passes for visitors to Madigan Army Medical Center and the Logistics Center/Civilian Personnel Office will be issued at the Madigan and Logistics Center gates...

  7. 32 CFR 552.109 - Routine security controls.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... center where the visitor's name, vehicle license number, purpose and duration of visit will be recorded prior to granting access. Visitor's passes for visitors to Madigan Army Medical Center and the Logistics Center/Civilian Personnel Office will be issued at the Madigan and Logistics Center gates...

  8. Issues in Public Access: The Solomons Conferences.

    ERIC Educational Resources Information Center

    Sprehe, J. Timothy

    1993-01-01

    Reports on conferences held by federal agencies in 1991 and 1992 that addressed issues of public access to electronic government information. Topics discussed include agency information dissemination programs; public access to federal computers; security controls; and user charges. A working draft policy framework on public access to government…

  9. Computer Control of a Random Access Slide Projector.

    ERIC Educational Resources Information Center

    Barker, Philip G.

    1982-01-01

    A description of a simple interface to enable the interconnection of a random access slide projector and a microcomputer is provided, as well as summaries of the role of slide images as a means of implementing graphic communication and the new activity in graphics as an area of information processing. The microcomputer interface is then detailed,…

  10. Scalable Machine Learning Framework for Behavior-Based Access Control

    DTIC Science & Technology

    2013-08-01

    rules. Dynamic events, such as subversion of credentials (e.g., theft of a Smart Card [3] such as the Common Access Card [4]) or changes in actor... Smart card handbook. Wiley, 2010. [4] DoD ID Card Reference Center, 2013, http://www.cac.mil/ [5] Hearst, Marti A., et al. "Support vector machines

  11. From Fault-Diagnosis and Performance Recovery of a Controlled System to Chaotic Secure Communication

    NASA Astrophysics Data System (ADS)

    Hsu, Wen-Teng; Tsai, Jason Sheng-Hong; Guo, Fang-Cheng; Guo, Shu-Mei; Shieh, Leang-San

    Chaotic systems are often applied to encryption on secure communication, but they may not provide high-degree security. In order to improve the security of communication, chaotic systems may need to add other secure signals, but this may cause the system to diverge. In this paper, we redesign a communication scheme that could create secure communication with additional secure signals, and the proposed scheme could keep system convergence. First, we introduce the universal state-space adaptive observer-based fault diagnosis/estimator and the high-performance tracker for the sampled-data linear time-varying system with unanticipated decay factors in actuators/system states. Besides, robustness, convergence in the mean, and tracking ability are given in this paper. A residual generation scheme and a mechanism for auto-tuning switched gain is also presented, so that the introduced methodology is applicable for the fault detection and diagnosis (FDD) for actuator and state faults to yield a high tracking performance recovery. The evolutionary programming-based adaptive observer is then applied to the problem of secure communication. Whenever the tracker induces a large control input which might not conform to the input constraint of some physical systems, the proposed modified linear quadratic optimal tracker (LQT) can effectively restrict the control input within the specified constraint interval, under the acceptable tracking performance. The effectiveness of the proposed design methodology is illustrated through tracking control simulation examples.

  12. An efficient key-management scheme for hierarchical access control in e-medicine system.

    PubMed

    Wu, Shuhua; Chen, Kefei

    2012-08-01

    In e-medicine system, the sharing of patients' medical histories scattered among medical institutions through the Internet is highly desirable. The most immediate cryptographic need certainly is an efficient key management method to solve dynamic access problems in a user hierarchy. In this paper, we propose a practical solution for dynamic access problem in a user hierarchy based on hybrid cryptosystems. When compared with Nikooghadam et al.'s scheme proposed most recently, the time complexity and the required storage space is reduced significantly. Moreover, it provides provable security, and is easy to implement. Therefore, our scheme is more suitable for e-medicine system.

  13. Environmental Assessment for Proposed Access Control and Traffic Improvements at Los Alamos National Laboratory, Los Alamos, New Mexico

    SciTech Connect

    N /A

    2002-08-23

    The National Nuclear Security Administration (NNSA) has assigned a continuing role to Los Alamos National Laboratory (LANL) in carrying out NNSA's national security mission. It is imperative that LANL continue this enduring responsibility and that NNSA adequately safeguard LANL capabilities. NNSA has identified the need to restrict vehicular access to certain areas within LANL for the purpose of permanently enhancing the physical security environment at LANL. It has also identified the need to change certain traffic flow patterns for the purpose of enhancing physical safety at LANL. The Proposed Action would include the construction of eastern and western bypass roads around the LANL Technical Area (TA) 3 area and the installation of vehicle access controls and related improvements to enhance security along Pajarito Road and in the LANL core area. This Proposed Action would modify the current roadway network and traffic patterns. It would also result in traversing Areas of Environmental Interest identified in the LANL Habitat Management Plan, demolition of part of an historic structure at Building 3-40, and traversing several potential release sites and part of the Los Alamos County landfill. The No Action Alternative was also considered. Under this alternative NNSA would not construct the eastern or western bypass roads, any access-control stations, or related improvements. Diamond Drive would continue to serve as the primary conduit for most vehicle traffic within the LANL core area regardless of actual trip destinations. The No Action Alternative does not meet NNSA's purpose and need for action. The proposed bypass road corridors traverse both developed and undeveloped areas. Several potential release sites are present. These would either be sampled and remediated in accordance with New Mexico Environment Department requirements before construction or avoided to allow for future remediation. In some cases, contaminant levels may fall below remediation thresholds

  14. Optical benchmarking of security document readers for automated border control

    NASA Astrophysics Data System (ADS)

    Valentín, Kristián.; Wild, Peter; Å tolc, Svorad; Daubner, Franz; Clabian, Markus

    2016-10-01

    Authentication and optical verification of travel documents upon crossing borders is of utmost importance for national security. Understanding the workflow and different approaches to ICAO 9303 travel document scanning in passport readers, as well as highlighting normalization issues and designing new methods to achieve better harmonization across inspection devices are key steps for the development of more effective and efficient next- generation passport inspection. This paper presents a survey of state-of-the-art document inspection systems, showcasing results of a document reader challenge investigating 9 devices with regards to optical characteristics.

  15. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

    NASA Technical Reports Server (NTRS)

    Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

    2015-01-01

    NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

  16. Regulation of the nucleosome unwrapping rate controls DNA accessibility

    PubMed Central

    North, Justin A.; Shimko, John C.; Javaid, Sarah; Mooney, Alex M.; Shoffner, Matthew A.; Rose, Sean D.; Bundschuh, Ralf; Fishel, Richard; Ottesen, Jennifer J.; Poirier, Michael G.

    2012-01-01

    Eukaryotic genomes are repetitively wrapped into nucleosomes that then regulate access of transcription and DNA repair complexes to DNA. The mechanisms that regulate extrinsic protein interactions within nucleosomes are unresolved. We demonstrate that modulation of the nucleosome unwrapping rate regulates protein binding within nucleosomes. Histone H3 acetyl-lysine 56 [H3(K56ac)] and DNA sequence within the nucleosome entry-exit region additively influence nucleosomal DNA accessibility by increasing the unwrapping rate without impacting rewrapping. These combined epigenetic and genetic factors influence transcription factor (TF) occupancy within the nucleosome by at least one order of magnitude and enhance nucleosome disassembly by the DNA mismatch repair complex, hMSH2–hMSH6. Our results combined with the observation that ∼30% of Saccharomyces cerevisiae TF-binding sites reside in the nucleosome entry–exit region suggest that modulation of nucleosome unwrapping is a mechanism for regulating transcription and DNA repair. PMID:22965129

  17. Security middleware infrastructure for DICOM images in health information systems.

    PubMed

    Kallepalli, Vijay N V; Ehikioya, Sylvanus A; Camorlinga, Sergio; Rueda, Jose A

    2003-12-01

    In health care, it is mandatory to maintain the privacy and confidentiality of medical data. To achieve this, a fine-grained access control and an access log for accessing medical images are two important aspects that need to be considered in health care systems. Fine-grained access control provides access to medical data only to authorized persons based on priority, location, and content. A log captures each attempt to access medical data. This article describes an overall middleware infrastructure required for secure access to Digital Imaging and Communication in Medicine (DICOM) images, with an emphasis on access control and log maintenance. We introduce a hybrid access control model that combines the properties of two existing models. A trust relationship between hospitals is used to make the hybrid access control model scalable across hospitals. We also discuss events that have to be logged and where the log has to be maintained. A prototype of security middleware infrastructure is implemented.

  18. Scalable Authorization in Role-Based Access Control Using Negative Permissions and Remote Authorization

    DTIC Science & Technology

    2003-01-01

    and Hongjie Xin for making this a rewarding team experience. Thanks to Mr. Michael Warres from Sun Microsystems for being prompt and meticulous in our...Windows NT), and security policies based on the Chinese wall model for separation of duties [8]. RBAC simplifies the administration of access...connection check is sort of a first wall of defense against illegitimate users, while the JavaSpace action is more specific to a particular object, known as

  19. Proximity-based access control for context-sensitive information provision in SOA-based systems

    NASA Astrophysics Data System (ADS)

    Rajappan, Gowri; Wang, Xiaofei; Grant, Robert; Paulini, Matthew

    2014-06-01

    Service Oriented Architecture (SOA) has enabled open-architecture integration of applications within an enterprise. For net-centric Command and Control (C2), this elucidates information sharing between applications and users, a critical requirement for mission success. The Information Technology (IT) access control schemes, which arbitrate who gets access to what information, do not yet have the contextual knowledge to dynamically allow this information sharing to happen dynamically. The access control might prevent legitimate users from accessing information relevant to the current mission context, since this context may be very different from the context for which the access privileges were configured. We evaluate a pair of data relevance measures - proximity and risk - and use these as the basis of dynamic access control. Proximity is a measure of the strength of connection between the user and the resource. However, proximity is not sufficient, since some data might have a negative impact, if leaked, which far outweighs importance to the subject's mission. For this, we use a risk measure to quantify the downside of data compromise. Given these contextual measures of proximity and risk, we investigate extending Attribute-Based Access Control (ABAC), which is used by the Department of Defense, and Role-Based Access Control (RBAC), which is widely used in the civilian market, so that these standards-based access control models are given contextual knowledge to enable dynamic information sharing. Furthermore, we consider the use of such a contextual access control scheme in a SOA-based environment, in particular for net-centric C2.

  20. A Healthy Approach to Fitness Center Security.

    ERIC Educational Resources Information Center

    Sturgeon, Julie

    2000-01-01

    Examines techniques for keeping college fitness centers secure while maintaining an inviting atmosphere. Building access control, preventing locker room theft, and suppressing causes for physical violence are discussed. (GR)

  1. A game-theoretical approach to multimedia social networks security.

    PubMed

    Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

    2014-01-01

    The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

  2. A Game-Theoretical Approach to Multimedia Social Networks Security

    PubMed Central

    Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

    2014-01-01

    The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders. PMID:24977226

  3. Roadmap to Secure Control Systems in the Water Sector

    DTIC Science & Technology

    2008-03-01

    CSWG Representative; Dave Edwards , Process Control Systems Forum Water and Wastewater Representative; and Kevin Morley, WSCC Secretariat. Roadmap to...Services Dave Edwards , Process Control Systems Forum/ Metropolitan Water District of Southern California Rod Graupmann, Pima County Waste Water Management...Working Group Representative BLarson@amwater.com (609) 922-0804 Dave Edwards Process Control Systems Forum Water and Wastewater Representative

  4. Fertility effects of abortion and birth control pill access for minors.

    PubMed

    Guldi, Melanie

    2008-11-01

    This article empirically assesses whether age-restricted access to abortion and the birth control pill influence minors' fertility in the United States. There is not a strong consensus in previous literature regarding the relationship between laws restricting minors' access to abortion and minors' birth rates. This is the first study to recognize that state laws in place prior to the 1973 Roe v. Wade decision enabled minors to legally consent to surgical treatment-including abortion-in some states but not in others, and to construct abortion access variables reflecting this. In this article, age-specific policy variables measure either a minor's legal ability to obtain an abortion or to obtain the birth control pill without parental involvement. I find fairly strong evidence that young women's birth rates dropped as a result of abortion access as well as evidence that birth control pill access led to a drop in birth rates among whites.

  5. The Dynamic VPN Controller. Secure Information Sharing in a Coalition Environment

    DTIC Science & Technology

    2005-03-01

    IPsec subsystem is implemented using KAME IPsec, which is included with FreeBSD-4.6. The FreeBSD kernel maintains two databases that contain the...management. SSL secured connections for DVC control. KAME (Included with FreeBSD-4.6) IPsec Subsystem. Network layer security. IP Filter [3.4.33pre2...this connection. IPsec Subsystem The FreeBSD Kernel component ( KAME ) used to encrypt / decrypt and authenticate IP packets to form the VPN. Key

  6. Security for safety critical space borne systems

    NASA Technical Reports Server (NTRS)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  7. Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

    SciTech Connect

    Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

    2008-01-01

    Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service may be provided by an information technology system or process control system, etc.). (2) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the levels of verification and validation (i.e., certification) performed on components of the specification. The certification activity may produce higher levels of assurance across different components of the specification than others. Consequently, this paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs and the basic structural and mathematical underpinnings.

  8. 77 FR 26789 - Certain Semiconductor Chips Having Synchronous Dynamic Random Access Memory Controllers and...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-05-07

    ... From the Federal Register Online via the Government Publishing Office ] INTERNATIONAL TRADE COMMISSION Certain Semiconductor Chips Having Synchronous Dynamic Random Access Memory Controllers and Products Containing Same; Determination Rescinding the Exclusion Order and Cease and Desist Orders...

  9. 75 FR 47464 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-08-06

    ... From the Federal Register Online via the Government Publishing Office LIBRARY OF CONGRESS Copyright Office 37 CFR Part 201 Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies AGENCY: Copyright Office, Library of Congress. ACTION: Final...

  10. Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

    NASA Technical Reports Server (NTRS)

    Takamura, Eduardo; Mangum, Kevin

    2016-01-01

    The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations

  11. A contextual role-based access control authorization model for electronic patient record.

    PubMed

    Motta, Gustavo H M B; Furuie, Sergio S

    2003-09-01

    The design of proper models for authorization and access control for electronic patient record (EPR) is essential to a wide scale use of EPR in large health organizations. In this paper, we propose a contextual role-based access control authorization model aiming to increase the patient privacy and the confidentiality of patient data, whereas being flexible enough to consider specific cases. This model regulates user's access to EPR based on organizational roles. It supports a role-tree hierarchy with authorization inheritance; positive and negative authorizations; static and dynamic separation of duties based on weak and strong role conflicts. Contextual authorizations use environmental information available at access time, like user/patient relationship, in order to decide whether a user is allowed to access an EPR resource. This enables the specification of a more flexible and precise authorization policy, where permission is granted or denied according to the right and the need of the user to carry out a particular job function.

  12. 15. Front security entrance to the perimeter acquisition radar building, ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    15. Front security entrance to the perimeter acquisition radar building, showing rotogates 1 and 2 and entrance door to security operations control center (SOCC), room #108 - Stanley R. Mickelsen Safeguard Complex, Perimeter Acquisition Radar Building, Limited Access Area, between Limited Access Patrol Road & Service Road A, Nekoma, Cavalier County, ND

  13. Springfield Processing Plant* (A Hypothetical Facility) SPP, Entry Control Point and Vehicle Gate Access Control Post Order

    SciTech Connect

    Baum, Gregory A.

    2014-06-01

    This hypothetical order provides the requirements and instructions for the Springfield Processing Plant (SPP) Vehicle Gate and Entry Control Point (ECP) in the perimeter access building. The purpose of this post is to prevent the theft, sabotage or diversion of nuclear material (NM), control access and exit at the protected area, and to respond to emergencies according the SPP Guard Force (GF) Contingency Plan and as directed by a Guard Force Supervisor.

  14. 32 CFR 552.109 - Routine security controls.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... registration. (2) Persons visiting Fort Lewis military personnel or their family members may be issued visitor....109 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY MILITARY RESERVATIONS AND NATIONAL CEMETERIES REGULATIONS AFFECTING MILITARY RESERVATIONS Regulation Controlling the...

  15. 32 CFR 552.109 - Routine security controls.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... registration. (2) Persons visiting Fort Lewis military personnel or their family members may be issued visitor....109 National Defense Department of Defense (Continued) DEPARTMENT OF THE ARMY MILITARY RESERVATIONS AND NATIONAL CEMETERIES REGULATIONS AFFECTING MILITARY RESERVATIONS Regulation Controlling the...

  16. Controlled quantum secure direct communication by entanglement distillation or generalized measurement

    NASA Astrophysics Data System (ADS)

    Tan, Xiaoqing; Zhang, Xiaoqian

    2016-05-01

    We propose two controlled quantum secure communication schemes by entanglement distillation or generalized measurement. The sender Alice, the receiver Bob and the controllers David and Cliff take part in the whole schemes. The supervisors David and Cliff can control the information transmitted from Alice to Bob by adjusting the local measurement angles θ _4 and θ _3. Bob can verify his secret information by classical one-way function after communication. The average amount of information is analyzed and compared for these two methods by MATLAB. The generalized measurement is a better scheme. Our schemes are secure against some well-known attacks because classical encryption and decoy states are used to ensure the security of the classical channel and the quantum channel.

  17. Increasing software testability with standard access and control interfaces

    NASA Technical Reports Server (NTRS)

    Nikora, Allen P; Some, Raphael R.; Tamir, Yuval

    2003-01-01

    We describe an approach to improving the testability of complex software systems with software constructs modeled after the hardware JTAG bus, used to provide visibility and controlability in testing digital circuits.

  18. Operation Request Gatekeeper: a software system for remote access control of diagnostic instruments in fusion experiments.

    PubMed

    Abla, G; Fredian, T W; Schissel, D P; Stillerman, J A; Greenwald, M J; Stepanov, D N; Ciarlette, D J

    2010-10-01

    Tokamak diagnostic settings are repeatedly modified to meet the changing needs of each experiment. Enabling the remote diagnostic control has significant challenges due to security and efficiency requirements. The Operation Request Gatekeeper (ORG) is a software system that addresses the challenges of remotely but securely submitting modification requests. The ORG provides a framework for screening all the requests before they enter the secure machine zone and are executed by performing user authentication and authorization, grammar validation, and validity checks. A prototype ORG was developed for the ITER CODAC that satisfies their initial requirements for remote request submission and has been tested with remote control of the KSTAR Plasma Control System. This paper describes the software design principles and implementation of ORG as well as worldwide test results.

  19. 78 FR 18664 - Delegation to the Under Secretary for Arms Control and International Security of Authority To...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-03-27

    ... Delegation to the Under Secretary for Arms Control and International Security of Authority To Concur With the Secretary of Defense Authorization of Activities of the Office of Security Cooperation in Iraq By virtue of... International Security, to the extent authorized by law, the authority to concur with a Secretary of...

  20. Fingerprint authentication via joint transform correlator and its application in remote access control of a 3D microscopic system

    NASA Astrophysics Data System (ADS)

    He, Wenqi; Lai, Hongji; Wang, Meng; Liu, Zeyi; Yin, Yongkai; Peng, Xiang

    2014-05-01

    We present a fingerprint authentication scheme based on the optical joint transform correlator (JTC) and further describe its application to the remote access control of a Network-based Remote Laboratory (NRL). It is built to share a 3D microscopy system of our realistic laboratory in Shenzhen University with the remote co-researchers in Stuttgart University. In this article, we would like to focus on the involved security issues, mainly on the verification of various remote visitors to our NRL. By making use of the JTC-based optical pattern recognition technique as well as the Personal Identification Number (PIN), we are able to achieve the aim of authentication and access control for any remote visitors. Note that only the authorized remote visitors could be guided to the Virtual Network Computer (VNC), a cross-platform software, which allows the remote visitor to access the desktop applications and visually manipulate the instruments of our NRL through the internet. Specifically to say, when a remote visitor attempts to access to our NRL, a PIN is mandatory required in advance, which is followed by fingerprint capturing and verification. Only if both the PIN and the fingerprint are correct, can one be regarded as an authorized visitor, and then he/she would get the authority to visit our NRL by the VNC. It is also worth noting that the aforementioned "two-step verification" strategy could be further applied to verify the identity levels of various remote visitors, and therefore realize the purpose of diversified visitor management.

  1. 76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-06-30

    ... COMMISSION 17 CFR Part 240 RIN 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access... establish, document, and maintain a system of risk management controls and supervisory procedures that... develop, test, and implement the relevant risk management controls and supervisory procedures...

  2. 33 CFR 165.9 - Geographic application of limited and controlled access areas and regulated navigation areas.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... and controlled access areas and regulated navigation areas. 165.9 Section 165.9 Navigation and... controlled access areas and regulated navigation areas. (a) General. The geographic application of the limited and controlled access areas and regulated navigation areas in this part are determined based...

  3. Security and Education: A Best-Case Scenario.

    ERIC Educational Resources Information Center

    Jones, Morgan

    2001-01-01

    Describes the design of Indiana's 500,000 square-foot Chesterton High School, which incorporates many security features without creating a fortress atmosphere. Features include a controlled access floor plan, security cameras, and the ability of teachers to silently page security personnel and administrators in cases of health emergencies or…

  4. MOD control center automated information systems security evolution

    NASA Technical Reports Server (NTRS)

    Owen, Rich

    1991-01-01

    The role of the technology infusion process in future Control Center Automated Information Systems (AIS) is highlighted. The following subject areas are presented in the form of the viewgraphs: goals, background, threat, MOD's AISS program, TQM, SDLC integration, payback, future challenges, and bottom line.

  5. 77 FR 23492 - Announcement of Funding Awards; Capital Fund Safety and Security Grants; Fiscal Year 2011

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-04-19

    ... Terrace, Hartford, CT Security Lighting, 06106-3728. Video Recorders. Housing Authority of the City of 244.../ 249,932 Security Access Control 2\\ Monroe Street, Norwalk, CT System/Security 06856-2926. Lighting... Lighting. FL 32202-3938. Newnan Housing Authority, 48 Ball 250,000 Security Camera System/ Street,...

  6. Cognitive Control and Lexical Access in Younger and Older Bilinguals

    ERIC Educational Resources Information Center

    Bialystok, Ellen; Craik, Fergus; Luk, Gigi

    2008-01-01

    Ninety-six participants, who were younger (20 years) or older (68 years) adults and either monolingual or bilingual, completed tasks assessing working memory, lexical retrieval, and executive control. Younger participants performed most of the tasks better than older participants, confirming the effect of aging on these processes. The effect of…

  7. Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

    PubMed Central

    Kim, Seungjoo

    2014-01-01

    There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

  8. Trust-based access control model from sociological approach in dynamic online social network environment.

    PubMed

    Baek, Seungsoo; Kim, Seungjoo

    2014-01-01

    There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

  9. An Action-Based Fine-Grained Access Control Mechanism for Structured Documents and Its Application

    PubMed Central

    Su, Mang; Li, Fenghua; Tang, Zhi; Yu, Yinyan; Zhou, Bo

    2014-01-01

    This paper presents an action-based fine-grained access control mechanism for structured documents. Firstly, we define a describing model for structured documents and analyze the application scenarios. The describing model could support the permission management on chapters, pages, sections, words, and pictures of structured documents. Secondly, based on the action-based access control (ABAC) model, we propose a fine-grained control protocol for structured documents by introducing temporal state and environmental state. The protocol covering different stages from document creation, to permission specification and usage control are given by using the Z-notation. Finally, we give the implementation of our mechanism and make the comparisons between the existing methods and our mechanism. The result shows that our mechanism could provide the better solution of fine-grained access control for structured documents in complicated networks. Moreover, it is more flexible and practical. PMID:25136651

  10. Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

    NASA Technical Reports Server (NTRS)

    Gunawan, Ryan A.

    2016-01-01

    With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

  11. Automatic Learning of Fine Operating Rules for Online Power System Security Control.

    PubMed

    Sun, Hongbin; Zhao, Feng; Wang, Hao; Wang, Kang; Jiang, Weiyong; Guo, Qinglai; Zhang, Boming; Wehenkel, Louis

    2016-08-01

    Fine operating rules for security control and an automatic system for their online discovery were developed to adapt to the development of smart grids. The automatic system uses the real-time system state to determine critical flowgates, and then a continuation power flow-based security analysis is used to compute the initial transfer capability of critical flowgates. Next, the system applies the Monte Carlo simulations to expected short-term operating condition changes, feature selection, and a linear least squares fitting of the fine operating rules. The proposed system was validated both on an academic test system and on a provincial power system in China. The results indicated that the derived rules provide accuracy and good interpretability and are suitable for real-time power system security control. The use of high-performance computing systems enables these fine operating rules to be refreshed online every 15 min.

  12. Cryptographically secure hardware random number generator dedicated for distributed measurement and control systems

    NASA Astrophysics Data System (ADS)

    Czernik, Pawel

    The chaotic signal generator based on the theory of nonlinear dynamical systems for applications in cryptographically secure distributed measurement and control systems with asymmetric resources is presented. This system was implemented on the basis of the physical chaotic electronic vibration generator in which the resonant circuit is composed of two capacitors, two resistors, coil and transistor, called the Colpitts oscillator. The presented system was designed, programmed and thoroughly tested in the term of cryptographic security in our laboratory, what there is the most important part of this publication. True cryptographic security was tested based on the author's software and the software environment called RDieHarder. The obtained results will be here presented and analyzed in detail with particular reference to the specificity of distributed measurement and control systems with asymmetric resources.

  13. An efficient controlled quantum secure direct communication and authentication by using four particle cluster states

    NASA Astrophysics Data System (ADS)

    Nanvakenari, Milad; Houshmand, Monireh

    In this paper, a three-party controlled quantum secure direct communication and authentication (QSDCA) protocol is proposed by using four particle cluster states via a quantum one-time pad and local unitary operations. In the present scheme, only under the permission of the controller, the sender and the receiver can implement secure direct communication successfully. But under any circumstances, Charlie cannot obtain the secret message. Eavesdropping detection and identity authentication are achieved with the help of the previously shared reusable base identity strings of users. This protocol is unconditionally secure in both ideal and practical noisy cases. In one transmission, a qubit of each four particle cluster state is used as controller’s permission and the same qubit with another qubit are used to recover two classical bits of information. In the proposed scheme, the efficiency is improved compared with the previous works.

  14. Designing a Machinery Control System (MCS) Security Testbed

    DTIC Science & Technology

    2014-09-01

    network LED light emitting diode LHD landing helicopter dock amphibious ship LVL level MCM mine countermeasure ship MCS machinery control systems...valve is still closed. Observe: FLSD: the red “Low Tank LVL ” LED is lit. Observe: HOS: the green “PUMP ON” LED is lit 110 Step 5. FLSD...FLSD: the red “High Tank LVL ” LED is lit and the red “Low Tank LVL ” LED is extinguished. 112 Step 6. FLSD: adjust the dial to “50”% Observe

  15. Wireless video monitoring and robot control in security applications

    NASA Astrophysics Data System (ADS)

    Nurkkala, Eero A.; Pyssysalo, Tino; Roning, Juha

    1998-10-01

    This research focuses on applications based on wireless monitoring and robot control, utilizing motion image and augmented reality. These applications include remote services and surveillance-related functions such as remote monitoring. A remote service can be, for example, a way to deliver products at a hospital or old people's home. Due to the mobile nature of the system, monitoring at places with privacy concerns is possible. On the other hand, mobility demands wireless communications. Suitable and present technologies for wireless video transfer are weighted. Identification of objects with the help of Radio Frequency Identifying (RFID) technology and facial recognition results in intelligent actions, for example, where the control of a robot does not require extensive workload from the user. In other words, tasks can be partially autonomous, RFID can be also used in augmentation of the video view with virtual objects. As a real-life experiment, a prototype environment is being constructed that consists of a robot equipped with a video camera and wireless links to the network and multimedia computer.

  16. Privacy in confidential administrative micro data: implementing statistical disclosure control in a secure computing environment.

    PubMed

    Hochfellner, Daniela; Müller, Dana; Schmucker, Alexandra

    2014-12-01

    The demand for comprehensive and innovative data is constantly growing in social science. In particular, micro data from various social security agencies become more and more attractive. In contrast to survey data, administrative data offer a census with highly reliable information but are restricted in their usage. To make them accessible for researchers, data or research output either have to be anonymized or released after disclosure review procedures have been used. This article discusses the trade-off between maintaining a high capability of research potential while protecting private information, by exploiting the data disclosure portfolio and the adopted disclosure strategies of the Research Data Center of the German Federal Employment Agency.

  17. The Security Factor in School Renovations.

    ERIC Educational Resources Information Center

    Fickes, Michael

    1998-01-01

    Discusses how one Indiana high school used its renovation as an opportunity to reevaluate the school's security design. Security considerations in the building's external and internal environment include lighting, directional signage, parking, access control technology, and issues regarding the use of closed circuit television. (GR)

  18. Policy-based secure communication with automatic key management for industrial control and automation systems

    DOEpatents

    Chernoguzov, Alexander; Markham, Thomas R.; Haridas, Harshal S.

    2016-11-22

    A method includes generating at least one access vector associated with a specified device in an industrial process control and automation system. The specified device has one of multiple device roles. The at least one access vector is generated based on one or more communication policies defining communications between one or more pairs of devices roles in the industrial process control and automation system, where each pair of device roles includes the device role of the specified device. The method also includes providing the at least one access vector to at least one of the specified device and one or more other devices in the industrial process control and automation system in order to control communications to or from the specified device.

  19. Advanced Guidance and Control for Hypersonics and Space Access

    NASA Technical Reports Server (NTRS)

    Hanson, John M.; Hall, Charles E.; Mulqueen, John A.; Jones, Robert E.

    2003-01-01

    Advanced guidance and control (AG&C) technologies are critical for meeting safety, reliability, and cost requirements for the next generation of reusable launch vehicle (RLV), whether it is fully rocket-powered or has air- breathing components. This becomes clear upon examining the number of expendable launch vehicle failures in the recent past where AG&C technologies could have saved a RLV with the same failure mode, the additional vehicle problems where t h i s technology applies, and the costs and time associated with mission design with or without all these failure issues. The state-of-the-art in guidance and control technology, as well as in computing technology, is the point where we can look to the possibility of being able to safely return a RLV in any situation where it can physically be recovered. This paper outlines reasons for AWC, current technology efforts, and the additional work needed for making this goal a reality. There are a number of approaches to AG&C that have the potential for achieving the desired goals. For some of these methods, we compare the results of tests designed to demonstrate the achievement of the goals. Tests up to now have been focused on rocket-powered vehicles; application to hypersonic air-breathers is planned. We list the test cases used to demonstrate that the desired results are achieved, briefly describe an automated test scoring method, and display results of the tests. Some of the technology components have reached the maturity level where they are ready for application to a new vehicle concept, while others are not far along in development.

  20. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  1. Steganography-based access control to medical data hidden in electrocardiogram.

    PubMed

    Mai, Vu; Khalil, Ibrahim; Ibaida, Ayman

    2013-01-01

    Steganographic techniques allow secret data to be embedded inside another host data such as an image or a text file without significant changes to the quality of the host data. In this research, we demonstrate how steganography can be used as the main mechanism to build an access control model that gives data owners complete control to their sensitive cardiac health information hidden in their own Electrocardiograms. Our access control model is able to protect the privacy of users, the confidentiality of medical data, reduce storage space and make it more efficient to upload and download large amount of data.

  2. Security during the Construction of New Nuclear Power Plants: Technical Basis for Access Authorization and Fitness-For-Duty Requirements

    SciTech Connect

    Branch, Kristi M.; Baker, Kathryn A.

    2009-09-01

    A technical letter report to the NRC summarizing the findings of a benchmarking study, literature review, and workshop with experts on current industry standards and expert judgments about needs for security during the construction phase of critical infrastructure facilities in the post-September 11 U.S. context, with a special focus on the construction phase of nuclear power plants and personnel security measures.

  3. School Security.

    ERIC Educational Resources Information Center

    Bete, Tim, Ed.

    1998-01-01

    Presents the opinions of four security experts on the issue of guns in schools. The experts respond to the following questions: will schools ever be free of weapons; will card access systems become common in public schools; will metal detectors solve school security problems; and will students ever be issued bullet-proof vests along with…

  4. Modelling of Medium Access Control (MAC) Protocols for Mobile Ad-Hoc Networks

    DTIC Science & Technology

    2005-06-01

    Slot IP Internet Protocol LAN Local Area Network MAC Medium Access Control MACAW Medium Access Protocol for Wireless LANs MANET Mobile Ad-hoc...Unforced state – It waits after entering the state until it is invoked by another process or an interrupt. It is in dark grey on this report, and red ... green in OPNET. A MAC process model is built for general initialisations of the MAC module, and to invoke the selected MAC protocol process model

  5. Analysis of Decision Factors for the Application of Information Access Controls within the Organization

    ERIC Educational Resources Information Center

    Foerster, Carl A.

    2013-01-01

    The application of access controls on internal information necessarily impacts the availability of that information for sharing inside the enterprise. The decisions establishing the degree of control are a crucial first step to balance the requirements to protect and share. This research develops a set of basic decision factors and examines other…

  6. Real time test bed development for power system operation, control and cyber security

    NASA Astrophysics Data System (ADS)

    Reddi, Ram Mohan

    The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

  7. A Decision Support System for Cost-Effectiveness Analysis for Control and Security of Computer Systems.

    DTIC Science & Technology

    1985-09-01

    Support System for Cost- Master’s Thesis Effectiveness Analysis for Control and September 1985 Security of Computer Systems 6. PERFORMING ORG . REPORT...F )3010 >~T .0 0 Find directory U Figulre 8. i reaFlw iara fies.obe ->~Ne8 DrbelExoue Controls Inc z W &Z ,~L. UJ. LiL La CA CC 449 -*LA- D. P Erase

  8. Creating a Clinical Video-Conferencing Facility in a Security-Constrained Environment Using Open-Source AccessGrid Software and Consumer Hardware

    PubMed Central

    Terrazas, Enrique; Hamill, Timothy R.; Wang, Ye; Channing Rodgers, R. P.

    2007-01-01

    The Department of Laboratory Medicine at the University of California, San Francisco (UCSF) has been split into widely separated facilities, leading to much time being spent traveling between facilities for meetings. We installed an open-source AccessGrid multi-media-conferencing system using (largely) consumer-grade equipment, connecting 6 sites at 5 separate facilities. The system was accepted rapidly and enthusiastically, and was inexpensive compared to alternative approaches. Security was addressed by aspects of the AG software and by local network administrative practices. The chief obstacles to deployment arose from security restrictions imposed by multiple independent network administration regimes, requiring a drastically reduced list of network ports employed by AG components. PMID:18693930

  9. Creating a clinical video-conferencing facility in a security-constrained environment using open-source AccessGrid software and consumer hardware.

    PubMed

    Terrazas, Enrique; Hamill, Timothy R; Wang, Ye; Channing Rodgers, R P

    2007-10-11

    The Department of Laboratory Medicine at the University of California, San Francisco (UCSF) has been split into widely separated facilities, leading to much time being spent traveling between facilities for meetings. We installed an open-source AccessGrid multi-media-conferencing system using (largely) consumer-grade equipment, connecting 6 sites at 5 separate facilities. The system was accepted rapidly and enthusiastically, and was inexpensive compared to alternative approaches. Security was addressed by aspects of the AG software and by local network administrative practices. The chief obstacles to deployment arose from security restrictions imposed by multiple independent network administration regimes, requiring a drastically reduced list of network ports employed by AG components.

  10. Secure public cloud platform for medical images sharing.

    PubMed

    Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

    2015-01-01

    Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

  11. Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value

    SciTech Connect

    Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2008-01-01

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensively collaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSES reflects the variance that may exist among the stakes one attaches to meeting each requirement. This paper summarizes the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural underpinnings.

  12. An RFID-based luggage and passenger tracking system for airport security control applications

    NASA Astrophysics Data System (ADS)

    Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

    2014-06-01

    Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

  13. 21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment programs; storage areas. 1301.72 Section... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic...

  14. 45 CFR 2508.9 - What officials are responsible for the security, management and control of Corporation record...

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Services shall have overall control and supervision of the security of all systems of records and shall be... 45 Public Welfare 4 2011-10-01 2011-10-01 false What officials are responsible for the security, management and control of Corporation record keeping systems? 2508.9 Section 2508.9 Public...

  15. 45 CFR 2508.9 - What officials are responsible for the security, management and control of Corporation record...

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Services shall have overall control and supervision of the security of all systems of records and shall be... 45 Public Welfare 4 2010-10-01 2010-10-01 false What officials are responsible for the security, management and control of Corporation record keeping systems? 2508.9 Section 2508.9 Public...

  16. 47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA)...

  17. 47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA)...

  18. 47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA)...

  19. 47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA)...

  20. 47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA)...