Science.gov

Sample records for administration information security

  1. 75 FR 64389 - Proposed Recommendation to the Social Security Administration for Occupational Information System...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-10-19

    ... From the Federal Register Online via the Government Publishing Office ] SOCIAL SECURITY ADMINISTRATION Proposed Recommendation to the Social Security Administration for Occupational Information System (OIS) Development Planning; Request for Comment AGENCY: Social Security Administration. ACTION:...

  2. National Aeronautics and Space Administration's (NASA) Automated Information Security Handbook

    NASA Technical Reports Server (NTRS)

    Roback, E.

    1991-01-01

    The NASA Automated Information Security Handbook provides NASA's overall approach to automated information systems security including discussions of such aspects as: program goals and objectives, assignment of responsibilities, risk assessment, foreign national access, contingency planning and disaster recovery, awareness training, procurement, certification, planning, and special considerations for microcomputers.

  3. Transportation Security Administration

    MedlinePlus

    ... content Official website of the Department of Homeland Security Transportation Security Administration When I fly can I bring my... ... to know if you could bring through the security checkpoint. Main menu Administrator Travel Security Screening Special ...

  4. Security of Data, Stored in Information Systems of Bulgarian Municipal Administrations

    NASA Astrophysics Data System (ADS)

    Kapralyakov, Petko

    2011-12-01

    Massive influx of information technology in municipal administrations increases their efficiency in delivering public services but increased the risk of theft of confidential information electronically. The report proposed an approach for improving information security for small municipal governments in Bulgaria through enhanced intrusion detection and prevention system.

  5. Crime Awareness and Campus Security Act. Important Information for Community College Trustees and Administrators.

    ERIC Educational Resources Information Center

    Shepard, Ira Michael; Schwartz, Allen D.

    The Crime Awareness and Campus Security Act (CACSA) of 1990 requires higher education institutions to prepare, publish, and distribute to all students and employees an annual security report disclosing campus security policies and measures, and statistical data on criminal offenses and arrests, by September 1, 1992. This report was developed to…

  6. Homeland Security and Information.

    ERIC Educational Resources Information Center

    Relyea, Harold C.

    2002-01-01

    Reviews the development of two similar policy concepts, national security and internal security, before exploring the new phrase homeland security that has become popular since the September 11 terrorist attacks. Discusses the significance of each for information policy and practice. (Author/LRW)

  7. Addressing Information Security Risk

    ERIC Educational Resources Information Center

    Qayoumi, Mohammad H.; Woody, Carol

    2005-01-01

    Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…

  8. 29 CFR 70.54 - Employee Benefits Security Administration.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 29 Labor 1 2010-07-01 2010-07-01 true Employee Benefits Security Administration. 70.54 Section 70.54 Labor Office of the Secretary of Labor PRODUCTION OR DISCLOSURE OF INFORMATION OR MATERIALS Public Records and Filings § 70.54 Employee Benefits Security Administration. (a) The annual financial...

  9. Secure Information Sharing

    2005-09-09

    We are develoing a peer-to-peer system to support secure, location independent information sharing in the scientific community. Once complete, this system will allow seamless and secure sharing of information between multiple collaborators. The owners of information will be able to control how the information is stored, managed. ano shared. In addition, users will have faster access to information updates within a collaboration. Groups collaborating on scientific experiments have a need to share information and data.more » This information and data is often represented in the form of files and database entries. In a typical scientific collaboration, there are many different locations where data would naturally be stored. This makes It difficult for collaborators to find and access the information they need. Our goal is to create a lightweight file-sharing system that makes it’easy for collaborators to find and use the data they need. This system must be easy-to-use, easy-to-administer, and secure. Our information-sharing tool uses group communication, in particular the InterGroup protocols, to reliably deliver each query to all of the current participants in a scalable manner, without having to discover all of their identities. We will use the Secure Group Layer (SGL) and Akenti to provide security to the participants of our environment, SGL will provide confldentiality, integrity, authenticity, and authorization enforcement for the InterGroup protocols and Akenti will provide access control to other resources.« less

  10. 32 CFR 1633.5 - Securing information.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 32 National Defense 6 2011-07-01 2011-07-01 false Securing information. 1633.5 Section 1633.5 National Defense Other Regulations Relating to National Defense SELECTIVE SERVICE SYSTEM ADMINISTRATION OF CLASSIFICATION § 1633.5 Securing information. The classifying authority is authorized to request and receive information whenever such...

  11. When Information Improves Information Security

    NASA Astrophysics Data System (ADS)

    Grossklags, Jens; Johnson, Benjamin; Christin, Nicolas

    This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several naïve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.

  12. Transportation Security Administration Authorization Act

    THOMAS, 111th Congress

    Rep. King, Peter T. [R-NY-3

    2010-06-24

    07/26/2010 Referred to the Subcommittee on Immigration, Citizenship, Refugees, Border Security, and International Law. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  13. Security classification of information

    SciTech Connect

    Quist, A.S.

    1993-04-01

    This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

  14. 78 FR 5116 - NASA Information Security Protection

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-24

    ... Executive Order of 13132 E.O. 13132, ``Federalism,'' 64 FR 43255 (August 4, 1999) requires regulations be... SPACE ADMINISTRATION 14 CFR Part 1203 RIN 2700-AD61 NASA Information Security Protection AGENCY..., Classified National Security Information, and appropriately to correspond with NASA's internal...

  15. 14 CFR 1203.201 - Information security objectives.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives...

  16. 12 CFR 605.501 - Information Security Officer.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Information Security Officer. 605.501 Section... Information Security Officer. (a) The Information Security Officer of the Farm Credit Administration shall be responsible for implementation and oversight of the information security program and procedures adopted by...

  17. 14 CFR 1203.201 - Information security objectives.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 14 Aeronautics and Space 5 2012-01-01 2012-01-01 false Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives...

  18. 14 CFR § 1203.201 - Information security objectives.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 14 Aeronautics and Space 5 2014-01-01 2014-01-01 false Information security objectives. § 1203.201 Section § 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives....

  19. 14 CFR 1203.201 - Information security objectives.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives...

  20. 14 CFR 1203.201 - Information security objectives.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 14 Aeronautics and Space 5 2013-01-01 2013-01-01 false Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives...

  1. 12 CFR 605.501 - Information Security Officer.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 12 Banks and Banking 6 2011-01-01 2011-01-01 false Information Security Officer. 605.501 Section... Information Security Officer. (a) The Information Security Officer of the Farm Credit Administration shall be responsible for implementation and oversight of the information security program and procedures adopted by...

  2. 76 FR 78009 - Information Collection; Implementation of Information Technology Security Provision

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-12-15

    ... ADMINISTRATION Information Collection; Implementation of Information Technology Security Provision AGENCY... new information collection requirement regarding Implementation of Information Technology Security... forms of information technology. DATES: Submit comments on or before February 13, 2012....

  3. Information for School Administrators.

    ERIC Educational Resources Information Center

    Kowitz, Gerald T.; And Others

    Modern management theory, based on the reduction of uncertainties, demands the collection and manipulation of large amounts of information. School Administrators choke in the process of trying to digest a proliferation of data, only some of which are useful. The aims of the study were to explore the extent to which large amounts of data could be…

  4. 75 FR 77934 - Small Business Information Security Task Force

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-12-14

    ... ADMINISTRATION Small Business Information Security Task Force AGENCY: U.S. Small Business Administration. ACTION... Small Business Information Security Task Force Meeting. DATES: 1 p.m., Wednesday, November 10, 2010... meeting minutes for the second meeting of the Small Business Information Security Task Force....

  5. 76 FR 11307 - Small Business Information Security Task Force

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-03-01

    ... ADMINISTRATION Small Business Information Security Task Force AGENCY: U.S. Small Business Administration. ACTION... Small Business Information Security Task Force Meeting. DATES: 1 p.m., Wednesday, January 12, 2011... meeting minutes for the third meeting of the Small Business Information Security Task Force. Chairman,...

  6. 76 FR 5232 - Small Business Information Security Task Force

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-28

    ... ADMINISTRATION Small Business Information Security Task Force AGENCY: U.S. Small Business Administration. ACTION... Small Business Information Security Task Force Meeting. DATES: 1 p.m., Wednesday, December 8, 2010... meeting minutes for the third meeting of the Small Business Information Security Task Force....

  7. 75 FR 70764 - Small Business Information Security Task Force

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-11-18

    ... ADMINISTRATION Small Business Information Security Task Force AGENCY: U.S. Small Business Administration. ACTION... Small Business Information Security Task Force Meeting. DATES: 1 p.m., Wednesday, October 13, 2010... meeting minutes for the first meeting of the Small Business Information Security Task Force....

  8. 76 FR 2142 - Employee Benefits Security Administration

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-12

    ... Administration (EBSA) published in the Federal Register on October 22, 2010, (75 FR 65263), a proposed rule under... on October 22, 2010 (75 FR 65263), is being extended until February 3, 2011. To facilitate the... Benefits Security Administration Hearing on Definition of ``Fiduciary'' AGENCY: Employee Benefits...

  9. Information Systems, Security, and Privacy.

    ERIC Educational Resources Information Center

    Ware, Willis H.

    1984-01-01

    Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

  10. 49 CFR 1542.303 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Security Directives and Information Circulars. 1542.303 Section 1542.303 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Contingency Measures § 1542.303...

  11. 76 FR 34761 - Classified National Security Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-06-14

    ... Classified National Security Information AGENCY: Marine Mammal Commission. ACTION: Notice. SUMMARY: This... information, as directed by Information Security Oversight Office regulations. FOR FURTHER INFORMATION CONTACT..., ``Classified National Security Information,'' and 32 CFR part 2001, ``Classified National Security...

  12. Leadership with Administration: Securing Administrative Support for Transforming Your Program

    ERIC Educational Resources Information Center

    Saginak, Kelli A.; Dollarhide, Colette T.

    2006-01-01

    This article provides school counselors with a plan for securing administrative support for implementing of comprehensive school counseling programs. Systems and systems theory is introduced to explain systemic change in the context of leadership. Leadership theory is presented to assist school counselors in leading systemic change and securing…

  13. Securing Information Technology in Healthcare

    PubMed Central

    Anthony, Denise; Campbell, Andrew T.; Candon, Thomas; Gettinger, Andrew; Kotz, David; Marsch, Lisa A.; Molina-Markham, Andrés; Page, Karen; Smith, Sean W.; Gunter, Carl A.; Johnson, M. Eric

    2014-01-01

    Dartmouth College’s Institute for Security, Technology, and Society conducted three workshops on securing information technology in healthcare, attended by a diverse range of experts in the field. This article summarizes the three workshops. PMID:25379030

  14. Health Information Security in Hospitals: the Application of Security Safeguards

    PubMed Central

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-01-01

    Introduction: A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. Methods: This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach’s coefficient alpha (α=0.75). Results: The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. Conclusion: According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended. PMID:27046944

  15. 20 CFR 221.3 - Social Security Administration jurisdiction.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 1 2014-04-01 2012-04-01 true Social Security Administration jurisdiction... RETIREMENT ACT JURISDICTION DETERMINATIONS § 221.3 Social Security Administration jurisdiction. The Board... Security Administration considers in determining benefits payable) to the Social Security...

  16. 20 CFR 221.3 - Social Security Administration jurisdiction.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 1 2012-04-01 2012-04-01 false Social Security Administration jurisdiction... RETIREMENT ACT JURISDICTION DETERMINATIONS § 221.3 Social Security Administration jurisdiction. The Board... Security Administration considers in determining benefits payable) to the Social Security...

  17. 20 CFR 221.3 - Social Security Administration jurisdiction.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 1 2013-04-01 2012-04-01 true Social Security Administration jurisdiction... RETIREMENT ACT JURISDICTION DETERMINATIONS § 221.3 Social Security Administration jurisdiction. The Board... Security Administration considers in determining benefits payable) to the Social Security...

  18. 75 FR 10507 - Information Security Oversight Office; National Industrial Security Program Policy Advisory...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-03-08

    ... RECORDS ADMINISTRATION Information Security Oversight Office; National Industrial Security Program Policy... regulation 41 CFR 101-6, announcement is made for a meeting of the National Industrial Security Program Policy Advisory Committee. The meeting will be held to discuss National Industrial Security...

  19. 75 FR 8096 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-023...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-23

    ... Security Administration--023 Workplace Violence Prevention Program System of Records AGENCY: Privacy Office..., ``Department of Homeland Security/Transportation Security Administration--023 Workplace Violence Prevention... and maintain records on their Workplace Violence Prevention Program. Additionally, the Department...

  20. 77 FR 50757 - Charging Standard Administrative Fees for Nonprogram-Related Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-08-22

    ... From the Federal Register Online via the Government Publishing Office ] SOCIAL SECURITY ADMINISTRATION Charging Standard Administrative Fees for Nonprogram-Related Information AGENCY: Social Security... program under the Social Security Act (Act). We expect the implementation of standard fees across...

  1. 77 FR 76076 - Information Security Oversight Office; State, Local, Tribal, and Private Sector Policy Advisory...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-12-26

    ... RECORDS ADMINISTRATION Information Security Oversight Office; State, Local, Tribal, and Private Sector... matters relating to the Classified National Security Information Program for State, Local, Tribal, and... number of individuals planning to attend must be submitted to the Information Security Oversight...

  2. Information risk and security modeling

    NASA Astrophysics Data System (ADS)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  3. Managing information technology security risk

    NASA Technical Reports Server (NTRS)

    Gilliam, David

    2003-01-01

    Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

  4. 77 FR 18716 - Transportation Security Administration Postal Zip Code Change; Technical Amendment

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-03-28

    ... SECURITY Transportation Security Administration 49 CFR Part 1572 Transportation Security Administration Postal Zip Code Change; Technical Amendment AGENCY: Transportation Security Administration, DHS. ACTION... Achuko, Office of the Chief Counsel, TSA-2, Transportation Security Administration, 601 South 12th...

  5. Methods of Organizational Information Security

    NASA Astrophysics Data System (ADS)

    Martins, José; Dos Santos, Henrique

    The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

  6. Improving Information Security Risk Management

    ERIC Educational Resources Information Center

    Singh, Anand

    2009-01-01

    manaOptimizing risk to information to protect the enterprise as well as to satisfy government and industry mandates is a core function of most information security departments. Risk management is the discipline that is focused on assessing, mitigating, monitoring and optimizing risks to information. Risk assessments and analyses are critical…

  7. 75 FR 705 - Classified National Security Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-01-05

    ... Executive Order 13526--Classified National Security Information Memorandum of December 29, 2009--Implementation of the Executive Order ``Classified National Security Information'' Order of December 29, 2009... ] Executive Order 13526 of December 29, 2009 Classified National Security Information This order prescribes...

  8. Information Security and Integrity Systems

    NASA Technical Reports Server (NTRS)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  9. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 32 National Defense 6 2013-07-01 2013-07-01 false Telecommunications automated information systems... Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems...

  10. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 32 National Defense 6 2012-07-01 2012-07-01 false Telecommunications automated information systems... Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems...

  11. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 32 National Defense 6 2014-07-01 2014-07-01 false Telecommunications automated information systems... Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Safeguarding § 2001.50 Telecommunications automated information systems...

  12. NASA Automatic Information Security Handbook

    NASA Technical Reports Server (NTRS)

    1993-01-01

    This handbook details the Automated Information Security (AIS) management process for NASA. Automated information system security is becoming an increasingly important issue for all NASA managers and with rapid advancements in computer and network technologies and the demanding nature of space exploration and space research have made NASA increasingly dependent on automated systems to store, process, and transmit vast amounts of mission support information, hence the need for AIS systems and management. This handbook provides the consistent policies, procedures, and guidance to assure that an aggressive and effective AIS programs is developed, implemented, and sustained at all NASA organizations and NASA support contractors.

  13. Security administration plan for HANDI 2000 business management system

    SciTech Connect

    Wilson, D.

    1998-09-29

    This document encompasses and standardizes the integrated approach for security within the PP and Ps applications, It also identifies the security tools and methods to be used. The Security Administration Plan becomes effective as of this document`s acceptance and will provide guidance through implementation efforts and, as a ``living document`` will support the operations and maintenance of the system.

  14. 20 CFR 221.3 - Social Security Administration jurisdiction.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 1 2011-04-01 2011-04-01 false Social Security Administration jurisdiction... RETIREMENT ACT JURISDICTION DETERMINATIONS § 221.3 Social Security Administration jurisdiction. The Board transfers jurisdiction (railroad service and compensation credits earned by the employee which the...

  15. 20 CFR 221.3 - Social Security Administration jurisdiction.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 1 2010-04-01 2010-04-01 false Social Security Administration jurisdiction... RETIREMENT ACT JURISDICTION DETERMINATIONS § 221.3 Social Security Administration jurisdiction. The Board transfers jurisdiction (railroad service and compensation credits earned by the employee which the...

  16. 29 CFR 70.54 - Employee Benefits Security Administration.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 29 Labor 1 2014-07-01 2013-07-01 true Employee Benefits Security Administration. 70.54 Section 70... Records and Filings § 70.54 Employee Benefits Security Administration. (a) The annual financial reports (Form 5500) and attachments/schedules as filed by employee benefit plans under the Employee...

  17. 76 FR 67750 - Homeland Security Information Network Advisory Committee

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-11-02

    ... SECURITY Homeland Security Information Network Advisory Committee AGENCY: Department of Homeland Security... Applicants for Appointment to Homeland Security Information Network Advisory Committee. SUMMARY: The Secretary of Homeland Security has determined that the renewal of the Homeland Security Information...

  18. 76 FR 10262 - Information Security Program

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-02-24

    ...The Federal Maritime Commission (FMC or Commission) amends its regulations relating to its Information Security Program to reflect the changes implemented by Executive Order 13526--Classified National Security Information--that took effect January 5, 2010, and which prescribes a uniform system for classifying, safeguarding, and declassifying national security information, including information......

  19. 78 FR 1878 - Agency Information Collection Activities: Administrative Rulings

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-09

    ... (77 FR 66626) on November 6, 2012, allowing for a 60-day comment period. This notice allows for an... SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Administrative Rulings AGENCY: U.S. Customs and Border Protection, Department of Homeland Security. ACTION: 30-Day...

  20. 48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 4 2014-10-01 2014-10-01 false Information Technology Security Plan and Security Authorization. 552.239-70 Section 552.239-70 Federal Acquisition Regulations System GENERAL SERVICES ADMINISTRATION CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses...

  1. An agile enterprise regulation architecture for health information security management.

    PubMed

    Chen, Ying-Pei; Hsieh, Sung-Huai; Cheng, Po-Hsun; Chien, Tsan-Nan; Chen, Heng-Shuen; Luh, Jer-Junn; Lai, Jin-Shin; Lai, Feipei; Chen, Sao-Jie

    2010-09-01

    Information security management for healthcare enterprises is complex as well as mission critical. Information technology requests from clinical users are of such urgency that the information office should do its best to achieve as many user requests as possible at a high service level using swift security policies. This research proposes the Agile Enterprise Regulation Architecture (AERA) of information security management for healthcare enterprises to implement as part of the electronic health record process. Survey outcomes and evidential experiences from a sample of medical center users proved that AERA encourages the information officials and enterprise administrators to overcome the challenges faced within an electronically equipped hospital. PMID:20815748

  2. 76 FR 40296 - Declassification of National Security Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-07-08

    ... Order, Classified National Security Information, 75 FR 733, 3 CFR, 2009 Comp., p. 412; 32 CFR part 2001... without proper authority? Authority: 44 U.S.C. 2101 to 2118; 5 U.S.C. 552; E.O. 13526, 75 FR 707, 3 CFR... RECORDS ADMINISTRATION 36 CFR Part 1260 RIN 3095-AB64 Declassification of National Security...

  3. 76 FR 62630 - Information Security Regulations

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-10-11

    ... 32 CFR Part 1902 Information Security Regulations AGENCY: Central Intelligence Agency. ACTION: Final rule. SUMMARY: The Central Intelligence agency is removing certain information security regulations... Information security regulations. PART 1902 Sec. 1902.13 0 Accordingly, under the authority of Executive...

  4. Information Sharing for IT Security Professionals

    ERIC Educational Resources Information Center

    Petersen, Rodney J.

    2008-01-01

    Information sharing is a core value for information technology (IT) security professionals. It is also a familiar concept for those who work at institutions of higher education because of their long history of collaboration and openness. Information sharing has become part of the national fabric as IT security professionals attempt to secure cyber…

  5. 75 FR 28777 - Information Collection; Financial Information Security Request Form

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-05-24

    ...; ] DEPARTMENT OF AGRICULTURE Forest Service Information Collection; Financial Information Security Request Form... Information Security Request Form. DATES: Comments must be received in writing on or before July 23, 2010 to... INFORMATION: Title: Financial Information Security Request Form. OMB Number: 0596-0204. Expiration Date...

  6. Incentive Issues in Information Security Management

    ERIC Educational Resources Information Center

    Lee, Chul Ho

    2012-01-01

    This dissertation studies three incentive issues in information security management. The first essay studies contract issues between a firm that outsources security functions and a managed security service provider (MSSP) that provides security functions to the firm. Since MSSP and firms cannot observe each other's actions, both can suffer…

  7. A Unified Approach to Information Security Compliance

    ERIC Educational Resources Information Center

    Adler, M. Peter

    2006-01-01

    The increased number of government-mandated and private contractual information security requirements in recent years has caused higher education security professionals to view information security as another aspect of regulatory or contractual compliance. The existence of fines, penalties, or loss (including bad publicity) has also increased the…

  8. 76 FR 70468 - Extension of Agency Information Collection Activity Under OMB Review: Airport Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-11-14

    ... OMB Review: Airport Security AGENCY: Transportation Security Administration, DHS. ACTION: 30-day... other forms of information technology. Information Collection Requirement Title: Airport Security, 49... is seeking to renew its OMB control number 1542-0002, Airport Security, 49 CFR part 1542....

  9. 75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-01

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration...

  10. 77 FR 3836 - Public Availability of Social Security Administration Fiscal Year (FY) 2011 Service Contract...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-01-25

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Public Availability of Social Security Administration Fiscal Year (FY) 2011 Service Contract Inventory AGENCY: Social Security Administration. ACTION: Notice of Public Availability of FY 2011...

  11. 5 CFR 930.301 - Information systems security awareness training program.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop...

  12. 5 CFR 930.301 - Information systems security awareness training program.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 5 Administrative Personnel 2 2011-01-01 2011-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop...

  13. 78 FR 6168 - Public Availability of Social Security Administration Fiscal Year (FY) 2012 Service Contract...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-29

    ... ADMINISTRATION Public Availability of Social Security Administration Fiscal Year (FY) 2012 Service Contract... Contract Inventories. SUMMARY: In accordance with Section 743 of Division C of the Consolidated... availability of the FY 2012 Service Contract inventory. This inventory provides information on FY 2012...

  14. 32 CFR 1633.5 - Securing information.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 32 National Defense 6 2013-07-01 2013-07-01 false Securing information. 1633.5 Section 1633.5... CLASSIFICATION § 1633.5 Securing information. The classifying authority is authorized to request and receive information whenever such information will assist in determining the proper classification of a registrant....

  15. Information technology security system engineering methodology

    NASA Technical Reports Server (NTRS)

    Childs, D.

    2003-01-01

    A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

  16. National Nuclear Security Administration Knowledge Base Core Table Schema Document

    SciTech Connect

    CARR,DORTHE B.

    2002-09-01

    The National Nuclear Security Administration is creating a Knowledge Base to store technical information to support the United States nuclear explosion monitoring mission. This document defines the core database tables that are used in the Knowledge Base. The purpose of this document is to present the ORACLE database tables in the NNSA Knowledge Base that on modifications to the CSS3.0 Database Schema developed in 1990. (Anderson et al., 1990). These modifications include additional columns to the affiliation table, an increase in the internal ORACLE format from 8 integers to 9 integers for thirteen IDs, and new primary and unique key definitions for six tables. It is intended to be used as a reference by researchers inside and outside of NNSA/DOE as they compile information to submit to the NNSA Knowledge Base. These ''core'' tables are separated into two groups. The Primary tables are dynamic and consist of information that can be used in automatic and interactive processing (e.g. arrivals, locations). The Lookup tables change infrequently and are used for auxiliary information used by the processing. In general, the information stored in the core tables consists of: arrivals; events, origins, associations of arrivals; magnitude information; station information (networks, site descriptions, instrument responses); pointers to waveform data; and comments pertaining to the information. This document is divided into four sections, the first being this introduction. Section two defines the sixteen tables that make up the core tables of the NNSA Knowledge Base database. Both internal (ORACLE) and external formats for the attributes are defined, along with a short description of each attribute. In addition, the primary, unique and foreign keys are defined. Section three of the document shows the relationships between the different tables by using entity-relationship diagrams. The last section, defines the columns or attributes of the various tables. Information that is

  17. [Information security in health care].

    PubMed

    Ködmön, József; Csajbók, Zoltán Ernő

    2015-07-01

    Doctors, nurses and other medical professionals are spending more and more time in front of the computer, using applications developed for general practitioners, specialized care, or perhaps an integrated hospital system. The data they handle during healing and patient care are mostly sensitive data and, therefore, their management is strictly regulated. Finding our way in the jungle of laws, regulations and policies is not simple. Notwithstanding, our lack of information does not waive our responsibility. This study summarizes the most important points of international recommendations, standards and legal regulations of the field, as well as giving practical advices for managing medical and patient data securely and in compliance with the current legal regulations. PMID:26122901

  18. A layered trust information security architecture.

    PubMed

    de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

    2014-01-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

  19. A Layered Trust Information Security Architecture

    PubMed Central

    de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

    2014-01-01

    Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

  20. A Security Audit Framework to Manage Information System Security

    NASA Astrophysics Data System (ADS)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  1. Effective Management of Information Security and Privacy

    ERIC Educational Resources Information Center

    Anderson, Alicia

    2006-01-01

    No university seems immune to cyber attacks. For many universities, such events have served as wake-up calls to develop a comprehensive information security and privacy strategy. This is no simple task, however. It involves balancing a culture of openness with a need for security and privacy. Security and privacy are not the same, and the…

  2. Three Essays on Information Security Policies

    ERIC Educational Resources Information Center

    Yang, Yubao

    2011-01-01

    Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

  3. A security architecture for health information networks.

    PubMed

    Kailar, Rajashekar; Muralidhar, Vinod

    2007-01-01

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

  4. Directory of Energy Information Administration models 1992

    SciTech Connect

    Not Available

    1992-06-01

    This directory revises and updates the ``Directory of Energy Information Administration Models,`` DOE/EIA-0293(91), Energy Information Administration (EIA), US Department of Energy, July 1991. This directory contains descriptions about each model, including the title, acronym, purpose, followed by more detailed information on characteristics, uses, and requirements. For developing models, limited information is provided. Sources for additional information are identified.

  5. Directory of Energy Information Administration models 1992

    SciTech Connect

    Not Available

    1992-06-01

    This directory revises and updates the Directory of Energy Information Administration Models,'' DOE/EIA-0293(91), Energy Information Administration (EIA), US Department of Energy, July 1991. This directory contains descriptions about each model, including the title, acronym, purpose, followed by more detailed information on characteristics, uses, and requirements. For developing models, limited information is provided. Sources for additional information are identified.

  6. 20 CFR 404.452 - Reports to Social Security Administration of earnings; wages; net earnings from self-employment.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Reports to Social Security Administration of...; and Nonpayments of Benefits § 404.452 Reports to Social Security Administration of earnings; wages...) Information required. If you are the beneficiary, your report should show your name, address, Social...

  7. 20 CFR 404.452 - Reports to Social Security Administration of earnings; wages; net earnings from self-employment.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Reports to Social Security Administration of...; and Nonpayments of Benefits § 404.452 Reports to Social Security Administration of earnings; wages...) Information required. If you are the beneficiary, your report should show your name, address, Social...

  8. 20 CFR 404.452 - Reports to Social Security Administration of earnings; wages; net earnings from self-employment.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Reports to Social Security Administration of...; and Nonpayments of Benefits § 404.452 Reports to Social Security Administration of earnings; wages...) Information required. If you are the beneficiary, your report should show your name, address, Social...

  9. Network Security: What Non-Technical Administrators Must Know

    ERIC Educational Resources Information Center

    Council, Chip

    2005-01-01

    Now it is increasingly critical that community college leaders become involved in network security and partner with their directors of information technology (IT). Network security involves more than just virus protection software and firewalls. It involves vigilance and requires top executive support. Leaders can help their IT directors to…

  10. ITIL{sup ®} and information security

    SciTech Connect

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-03-10

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

  11. NNSA Administrator Looks to Future of Nuclear Security at STRATCOM Symposium

    SciTech Connect

    Thomas D'Agostino

    2009-08-05

    Administrator Thomas P. DAgostino of the National Nuclear Security Administration (NNSA) discusses the future of the Nuclear Security Enterprise and its strategic deterrence mission in light of President Obamas unprecedented nuclear security agenda.

  12. NNSA Administrator Looks to Future of Nuclear Security at STRATCOM Symposium

    ScienceCinema

    Thomas D'Agostino

    2010-09-01

    Administrator Thomas P. DAgostino of the National Nuclear Security Administration (NNSA) discusses the future of the Nuclear Security Enterprise and its strategic deterrence mission in light of President Obamas unprecedented nuclear security agenda.

  13. Information Processing - Administrative Data Processing

    NASA Astrophysics Data System (ADS)

    Bubenko, Janis

    A three semester, 60-credit course package in the topic of Administrative Data Processing (ADP), offered in 1966 at Stockholm University (SU) and the Royal Institute of Technology (KTH) is described. The package had an information systems engineering orientation. The first semester focused on datalogical topics, while the second semester focused on the infological topics. The third semester aimed to deepen the students’ knowledge in different parts of ADP and at writing a bachelor thesis. The concluding section of this paper discusses various aspects of the department’s first course effort. The course package led to a concretisation of our discipline and gave our discipline an identity. Our education seemed modern, “just in time”, and well adapted to practical needs. The course package formed the first concrete activity of a group of young teachers and researchers. In a forty-year perspective, these people have further developed the department and the topic to an internationally well-reputed body of knowledge and research. The department has produced more than thirty professors and more than one hundred doctoral degrees.

  14. 78 FR 73819 - Information Collection; Financial Information Security Request Form

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-09

    ... Forest Service Information Collection; Financial Information Security Request Form AGENCY: Forest Service... extension with revision of a currently approved information collection, Financial Information Security... encouraged to call ahead to (703) 605-4803 to facilitate entry to the building. FOR FURTHER...

  15. Insider Threat and Information Security Management

    NASA Astrophysics Data System (ADS)

    Coles-Kemp, Lizzie; Theoharidou, Marianthi

    The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

  16. Energy Relations in Russia: Administration, Politics and Security

    ERIC Educational Resources Information Center

    Makarychev, Andrey

    2005-01-01

    This chapter analyses energy relations through a prism of three interlinked concepts: administration, politics and security. This triad describes the basic approaches to questions about technical, politicised and securitised energy. These three concepts are logically linked to one another and represent an elementary matrix; a prism through which…

  17. An Ontology Based Approach to Information Security

    NASA Astrophysics Data System (ADS)

    Pereira, Teresa; Santos, Henrique

    The semantically structure of knowledge, based on ontology approaches have been increasingly adopted by several expertise from diverse domains. Recently ontologies have been moved from the philosophical and metaphysics disciplines to be used in the construction of models to describe a specific theory of a domain. The development and the use of ontologies promote the creation of a unique standard to represent concepts within a specific knowledge domain. In the scope of information security systems the use of an ontology to formalize and represent the concepts of security information challenge the mechanisms and techniques currently used. This paper intends to present a conceptual implementation model of an ontology defined in the security domain. The model presented contains the semantic concepts based on the information security standard ISO/IEC_JTC1, and their relationships to other concepts, defined in a subset of the information security domain.

  18. 76 FR 72433 - Revision of Agency Information Collection Activity Under OMB Review: Secure Flight Program

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-11-23

    ... soliciting comments, of the following collection of information on August 3, 2011, 76 FR 46830. The... OMB Review: Secure Flight Program AGENCY: Transportation Security Administration, DHS. ACTION: 30-day... submit to Secure Flight for the purposes of watch list matching, identifying information of...

  19. Safeguarding Your Technology: Practical Guidelines for Electronic Education Information Security.

    ERIC Educational Resources Information Center

    Szuba, Tom

    This guide was developed specifically for educational administrators at the building, campus, district, system, and state levels, and is meant to serve as a framework to help them better understand why and how to effectively secure their organization's information, software, and computer and networking equipment. This document is organized into 10…

  20. Implementing healthcare information security: standards can help.

    PubMed

    Orel, Andrej; Bernik, Igor

    2013-01-01

    Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help. PMID:23542997

  1. Information Seeking Behaviour of AIOU Administrators

    ERIC Educational Resources Information Center

    Mahmood, Malik Tariq

    2005-01-01

    The main purpose of this research study is to investigate the information-seeking behavior of Allama Iqbal Open University (AIOU) administrators in Pakistan. Information is obtained by using a wide variety of informal and formal sources, human sources, Internet as well as print media. The present study found that AIOU administrators are more…

  2. A security mediator for health care information.

    PubMed Central

    Wiederhold, G.; Bilello, M.; Sarathy, V.; Qian, X.

    1996-01-01

    The TIHI (Trusted Interoperation of Healthcare Information) project addresses a security issue that arises when some information is being shared among collaborating enterprises, although not all enterprise information is sharable. It assumes that protection exists to prevent intrusion by adversaries through secure transmission and firewalls. The TIHI system design provides a gateway, owned by the enterprise security officer, to mediate queries and responses. The latter are typically transmitted via the Internet. The enterprise policy is determined by rules provided to the mediator. We show examples of typical rules. The problem and our solution, although developed in a healthcare context, is equally valid among collaborating enterprises. PMID:8947640

  3. Teaching Context in Information Security

    ERIC Educational Resources Information Center

    Bishop, Matt

    2006-01-01

    This article investigates teaching the application of technical ideas by non-technical means, especially by using puzzles to engage students. After discussing the need to teach students to evaluate contexts in which decisions about computer security must be made, we suggest questions and scenarios drawn from political science, history, as well as…

  4. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the related forms prescribed by the Social Security Administration for use by the public in applying...

  5. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the related forms prescribed by the Social Security Administration for use by the public in applying...

  6. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the related forms prescribed by the Social Security Administration for use by the public in applying...

  7. NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 1

    SciTech Connect

    Thomas D'Agostino

    2009-07-14

    Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

  8. NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 2

    SciTech Connect

    Thomas D'Agostino

    2009-07-14

    Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

  9. NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 2

    ScienceCinema

    Thomas D'Agostino

    2010-09-01

    Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

  10. NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 1

    ScienceCinema

    Thomas D'Agostino

    2010-09-01

    Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

  11. 75 FR 65511 - Employee Benefits Security Administration; Submission for OMB Review

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-10-25

    ... Federal Register on August 23, 2010 (75 FR 51843). Agency: Employee Benefits Security Administration. Type... published in the Federal Register on July 20, 1989, (54 FR 30520), the Department provided additional... information, see related notice published in the Federal Register on August 23, 2010 (75 FR 51844)....

  12. TWRS information locator database system administrator`s manual

    SciTech Connect

    Knutson, B.J., Westinghouse Hanford

    1996-09-13

    This document is a guide for use by the Tank Waste Remediation System (TWRS) Information Locator Database (ILD) System Administrator. The TWRS ILD System is an inventory of information used in the TWRS Systems Engineering process to represent the TWRS Technical Baseline. The inventory is maintained in the form of a relational database developed in Paradox 4.5.

  13. 49 CFR 1542.303 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... security measures are necessary to respond to a threat assessment or to a specific threat against civil aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator...

  14. 49 CFR 1542.303 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... security measures are necessary to respond to a threat assessment or to a specific threat against civil aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator...

  15. 49 CFR 1542.303 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... security measures are necessary to respond to a threat assessment or to a specific threat against civil aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator...

  16. 75 FR 9919 - Extension of Agency Information Collection Activity Under OMB Review: Air Cargo Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-03-04

    ... collection of information on November 16, 2009, 74 FR 58969. TSA has not received any comments. The..., Office of Information Technology (OIT), TSA-11, Transportation Security Administration, 601 South...

  17. Information Security Status in Organisations 2008

    NASA Astrophysics Data System (ADS)

    Tawileh, Anas; Hilton, Jeremy; McIntosh, Stephen

    This paper presents the results of the latest survey on information security management and pracitces in organisations. The study is based on a holistic approach to information security that does not confine itself to technical measures and technology implementations, but encompasses other equally important aspects such as human, social, motiviational and trust. In order to achieve this purpose, a comprehensive intellectual framework of the concepts of information security using Soft Systems Methodology (SSM) was utilised. The survey questions were drived from this conceptual model to ensure their coherence, completeness and relevance to the topic being addressed. The paper concludes with a discussion of the survey results and draws significant insight into the existing status of informaiton assurance in organisations that could be useful for security practitioners, researchers and managers.

  18. 78 FR 57445 - Charging Standard Administrative Fees for Nonprogram-Related Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-09-18

    ... published schedule of standardized administrative fees. \\1\\ 77 FR 50757, Aug. 22, 2012. This new standard... ADMINISTRATION Charging Standard Administrative Fees for Nonprogram-Related Information AGENCY: Social Security... we charge to recover the full cost of providing information and related services we provide to...

  19. RFID Based Context Information Security System Architecture for Securing Personal Information under Ubiquitous Environment

    NASA Astrophysics Data System (ADS)

    Song, Jae-Gu; Park, Gil-Cheol; Kim, Seoksoo

    2007-12-01

    In this study, framework for securing personal information among various contexts collected and utilized under ubiquitous environment is proposed. The proposed framework will analyze relativity among information used to determine the exposure of personal information according to circumstances where personal information is used. In addition, the study will define the definition of role-based structure and propose a structure applying password security system according to access level. Furthermore, the study will propose a method for building information security system using RFID tag information which generates context information.

  20. Quantum technology and cryptology for information security

    NASA Astrophysics Data System (ADS)

    Naqvi, Syed; Riguidel, Michel

    2007-04-01

    Cryptology and information security are set to play a more prominent role in the near future. In this regard, quantum communication and cryptography offer new opportunities to tackle ICT security. Quantum Information Processing and Communication (QIPC) is a scientific field where new conceptual foundations and techniques are being developed. They promise to play an important role in the future of information Security. It is therefore essential to have a cross-fertilizing development between quantum technology and cryptology in order to address the security challenges of the emerging quantum era. In this article, we discuss the impact of quantum technology on the current as well as future crypto-techniques. We then analyse the assumptions on which quantum computers may operate. Then we present our vision for the distribution of security attributes using a novel form of trust based on Heisenberg's uncertainty; and, building highly secure quantum networks based on the clear transmission of single photons and/or bundles of photons able to withstand unauthorized reading as a result of secure protocols based on the observations of quantum mechanics. We argue how quantum cryptographic systems need to be developed that can take advantage of the laws of physics to provide long-term security based on solid assumptions. This requires a structured integration effort to deploy quantum technologies within the existing security infrastructure. Finally, we conclude that classical cryptographic techniques need to be redesigned and upgraded in view of the growing threat of cryptanalytic attacks posed by quantum information processing devices leading to the development of post-quantum cryptography.

  1. 75 FR 18860 - Privacy Act of 1974, Department of Homeland Security Transportation Security Administration-013...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-04-13

    ... Officer Record System (FDORS), previously published on August 18, 2003 (68 FR 49496). TSA's mission is to... reflected in the final rule published on June 25, 2004, 69 FR 35536. Consistent with the Privacy Act... Security Administration--013 Federal Flight Deck Officer Record System AGENCY: Privacy Office, DHS....

  2. 75 FR 49943 - New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-08-16

    ... soliciting comments, of the following collection of information on July 29, 2009, 74 FR 37723. The collection... SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review... Information Collection Request (ICR) abstracted below to the Office of Management and Budget (OMB) for...

  3. CORBA security services for health information systems.

    PubMed

    Blobel, B; Holena, M

    1998-01-01

    The structure of healthcare systems in developed countries is changing to 'shared care', enforced by economic constraints and caused by a change in the basic conditions of care. That development results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and, as far as their domains are concerned, heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems require a high level of data protection and data security, both with respect to patient information and with respect to users. This paper, relying on experience gained through our activities in CORBAmed, describes the possibilities the CORBA middleware provides to achieve application and communication security. On the background of the overall CORBA architecture, it outlines the different security services previewed in the adopted CORBA specifications which are discussed in the context of the security requirements of healthcare information systems. Security services required in the healthcare domain but not available at the moment are mentioned. A solution is proposed, which on the one hand allows to make use of the available CORBA security services and additional ones, on the other hand remains open to other middleware approaches, such as DHE or HL7. PMID:9848400

  4. Securities Analysts as Information-Seekers.

    ERIC Educational Resources Information Center

    Baldwin, Nancy Sadler; Rice, Ronald E.

    1996-01-01

    A survey of 100 securities analysts at investment banking firms in the United States and United Kingdom showed that individual characteristics have little influence on the information sources and communication channels used by analysts, but institutional resources significantly influence the information and communication channels used, and also…

  5. Information Security and Privacy in Network Environments.

    ERIC Educational Resources Information Center

    Congress of the U.S., Washington, DC. Office of Technology Assessment.

    The use of information networks for business and government is expanding enormously. Government use of networks features prominently in plans to make government more efficient, effective, and responsive. But the transformation brought about by the networking also raises new concerns for the security and privacy of networked information. This…

  6. 49 CFR 1542.113 - Airport tenant security programs.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport..., and may be subject to civil penalties for failing to protect sensitive security information....

  7. 49 CFR 1542.113 - Airport tenant security programs.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport..., and may be subject to civil penalties for failing to protect sensitive security information....

  8. 49 CFR 1542.113 - Airport tenant security programs.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport..., and may be subject to civil penalties for failing to protect sensitive security information....

  9. 49 CFR 1542.113 - Airport tenant security programs.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport..., and may be subject to civil penalties for failing to protect sensitive security information....

  10. Information security implementations for remote monitoring

    SciTech Connect

    Nilsen, C.A.

    1997-10-01

    In September 1993, President Clinton stated the United States would ensure that its fissile material meet the {open_quotes}highest standards of safety, security, and international accountability.{close_quotes} Frequent human inspection of the material could be used to ensure these standards. However, it may be more effective and less expensive to replace these manual inspections with virtual inspections via remote monitoring technologies. A successful implementation of a comprehensive remote monitoring system, however, requires significant attention to a variety of information security issues. In pursuing Project Straight-Line and the follow-on Storage Monitoring System, Sandia National Laboratories developed remote monitoring implementations that can satisfy a variety of information security requirements. Special emphasis was given to developing methods for using the Internet to disseminate the data securely. This paper describes the various information security implementations applied to the Project Straight-Line and the Storage Monitoring System. Also included is a discussion of the security provided by the Windows NT operating system.

  11. 20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or...

  12. 20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or...

  13. 20 CFR 423.5 - Process against Social Security Administration officials in their individual capacities.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Process against Social Security Administration officials in their individual capacities. 423.5 Section 423.5 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.5 Process against Social Security Administration officials in...

  14. 20 CFR 423.5 - Process against Social Security Administration officials in their individual capacities.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Process against Social Security Administration officials in their individual capacities. 423.5 Section 423.5 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.5 Process against Social Security Administration officials in...

  15. 20 CFR 423.5 - Process against Social Security Administration officials in their individual capacities.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Process against Social Security Administration officials in their individual capacities. 423.5 Section 423.5 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.5 Process against Social Security Administration officials in...

  16. 20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or...

  17. 20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or...

  18. 20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or...

  19. 20 CFR 423.5 - Process against Social Security Administration officials in their individual capacities.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Process against Social Security Administration officials in their individual capacities. 423.5 Section 423.5 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.5 Process against Social Security Administration officials in...

  20. 20 CFR 423.5 - Process against Social Security Administration officials in their individual capacities.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Process against Social Security Administration officials in their individual capacities. 423.5 Section 423.5 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.5 Process against Social Security Administration officials in...

  1. Distributed Administrative Management Information System (DAMIS).

    ERIC Educational Resources Information Center

    Juckiewicz, Robert; Kroculick, Joseph

    Columbia University's major program to distribute its central administrative data processing to its various schools and departments is described. The Distributed Administrative Management Information System (DAMIS) will link every department and school within the university via micrcomputers, terminals, and/or minicomputers to the central…

  2. Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

    ERIC Educational Resources Information Center

    Ilvonen, Ilona

    2013-01-01

    Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

  3. The Shaping of Managers' Security Objectives through Information Security Awareness Training

    ERIC Educational Resources Information Center

    Harris, Mark A.

    2010-01-01

    Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

  4. 32 CFR 2700.51 - Information Security Oversight Committee.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be...

  5. 32 CFR 2700.51 - Information Security Oversight Committee.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be...

  6. Information Security due to Electromagnetic Environments

    NASA Astrophysics Data System (ADS)

    Sekiguchi, Hidenori; Seto, Shinji

    Generally, active electronic devices emit slightly unintentional electromagnetic noise. From long ago, electromagnetic emission levels have been regulated from the aspect of electromagnetic compatibility (EMC). Also, it has been known the electromagnetic emissions have been generated from the ON/OFF of signals in the device. Recently, it becomes a topic of conversation on the information security that the ON/OFF on a desired signal in the device can be reproduced or guessed by receiving the electromagnetic emission. For an example, a display image on a personal computer (PC) can be reconstructed by receiving and analyzing the electromagnetic emission. In sum, this fact makes known information leakage due to electromagnetic emission. “TEMPEST" that has been known as a code name originated in the U. S. Department of Defense is to prevent the information leakage caused by electromagnetic emissions. This paper reports the brief summary of the information security due to electromagnetic emissions from information technology equipments.

  7. Security for decentralized health information systems.

    PubMed

    Bleumer, G

    1994-02-01

    Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit). PMID:8188407

  8. 17 CFR 140.20 - Designation of senior official to oversee Commission use of national security information.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... to oversee Commission use of national security information. 140.20 Section 140.20 Commodity and... safeguarding of national security information received by the Commission from other agencies, to chair a... suggestions and complaints with respect to the Commission administration of its information security...

  9. 17 CFR 140.20 - Designation of senior official to oversee Commission use of national security information.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... to oversee Commission use of national security information. 140.20 Section 140.20 Commodity and... safeguarding of national security information received by the Commission from other agencies, to chair a... suggestions and complaints with respect to the Commission administration of its information security...

  10. 17 CFR 140.20 - Designation of senior official to oversee Commission use of national security information.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... to oversee Commission use of national security information. 140.20 Section 140.20 Commodity and... safeguarding of national security information received by the Commission from other agencies, to chair a... suggestions and complaints with respect to the Commission administration of its information security...

  11. Towards Changes in Information Security Education

    ERIC Educational Resources Information Center

    Hentea, Mariana; Dhillon, Harpal S.; Dhillon, Manpreet

    2006-01-01

    Despite a variety of Information Security Assurance (ISA) curricula and diverse educational models, universities often fail to provide their graduates with skills demanded by employers. There is a big discrepancy between the levels of skills expected by employers and those the graduates have after completing their studies. The authors compare the…

  12. 77 FR 749 - General Services Administration Acquisition Regulation; Implementation of Information Technology...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-01-06

    ...GSA has adopted as final, with changes, an interim rule amending the General Services Administration Acquisition Regulation (GSAR) to implement policy and guidelines to strengthen the security requirements for contracts and orders that include information technology (IT) supplies, services and...

  13. 49 CFR 1548.19 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security Directives and Information Circulars... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify indirect air carriers of security concerns. (b) When TSA determines that...

  14. 49 CFR 1548.19 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify indirect air carriers of security concerns. (b) When TSA determines that...

  15. The straight-line information security architecture

    SciTech Connect

    Nilsen, C.

    1995-08-01

    Comprehensive monitoring can provide a wealth of sensor data useful in enhancing the safety, security, and international accountability of stored nuclear material. However, care must be taken to distribute this type of data on a need to know basis to the various types of users. The following paper describes an exploratory effort on behalf of Sandia National Labs to integrate commercially available systems to securely disseminate (on a need to know basis) both classified and unclassified sensor information to a variety of users on the interact.

  16. Relationship between stakeholders' information value perception and information security behaviour

    NASA Astrophysics Data System (ADS)

    Tajuddin, Sharul; Olphert, Wendy; Doherty, Neil

    2015-02-01

    The study, reported in this paper, aims to explore the relationship between the stakeholders' perceptions about the value of information and their resultant information security behaviours. Moreover, this study seeks to explore the role of national and organisational culture in facilitating information value assignment. Information Security is a concept that formed from the recognition that information is valuable and that there is a need to protect it. The ISO 27002 defines information as an asset, which, like other important business assets, is essential to an organisation's business and consequently needs to be appropriately protected. By definition, an asset has a value to the organisation hence it requires protection. Information protection is typically accomplished through the implementation of countermeasures against the threats and vulnerabilities of information security, for example, implementation of technological processes and mechanisms such as firewall and authorization and authentication systems, set-up of deterrence procedures such as password control and enforcement of organisational policy on information handling procedures. However, evidence routinely shows that despite such measures, information security breaches and incidents are on the rise. These breaches lead to loss of information, personal records, or other data, with consequent implications for the value of the information asset. A number of studies have suggested that such problems are not related primarily to technology problems or procedural deficiencies, but rather to stakeholders' poor compliance with the security measures that are in place. Research indicates that compliance behaviour is affected by many variables including perceived costs and benefits, national and organisational culture and norms. However, there has been little research to understand the concept of information value from the perspective of those who interact with the data, and the consequences for information

  17. 78 FR 55270 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-DHS...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-09-10

    ... CFR Sec. 1560. \\1\\ 77 FR 69491 (Nov. 19, 2012). Under sec. 4012(a)(1)-(2) of the Intelligence Reform.... \\4\\ 73 FR 64018 (Oct. 28, 2008). TSA established the Secure Flight system of records and published...\\ Information collection falls under OMB Control Number 1652-0046. \\5\\ 72 FR 48392. \\6\\ 72 FR 63711. \\7\\ 77...

  18. 75 FR 28046 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-002...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-05-19

    ... Transportation Security Threat Assessment System of Records (70 FR 33383, November 8, 2005). TSA's mission is to... systems as reflected in the final rule published on June 25, 2004 in 69 FR 35536. The information is... Investigation--009 Fingerprint Identification Records System (72 FR 3410, January 1, 2007). ] Exemptions...

  19. 39 CFR 267.4 - Information security standards.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 39 Postal Service 1 2010-07-01 2010-07-01 false Information security standards. 267.4 Section 267... INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of information security standards which address the following functional aspects of information flow...

  20. 39 CFR 267.4 - Information security standards.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 39 Postal Service 1 2011-07-01 2011-07-01 false Information security standards. 267.4 Section 267... INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of information security standards which address the following functional aspects of information flow...

  1. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  2. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of...

  3. Directory of Energy Information Administration models 1996

    SciTech Connect

    1996-07-01

    This directory revises and updates the Directory of Energy Information Administration Models 1995, DOE/EIA-0293(95), Energy Information Administration (EIA), U.S. Department of Energy, July 1995. Four models have been deleted in this directory as they are no longer being used: (1) Market Penetration Model for Ground-Water Heat Pump Systems (MPGWHP); (2) Market Penetration Model for Residential Rooftop PV Systems (MPRESPV-PC); (3) Market Penetration Model for Active and Passive Solar Technologies (MPSOLARPC); and (4) Revenue Requirements Modeling System (RRMS).

  4. Government Information Policy and the Reagan Administration: An Overview and Assessment. A Symposium.

    ERIC Educational Resources Information Center

    Relyea, Harold C., Ed.

    1989-01-01

    Five articles critique various aspects of the information policies and practices of the Reagan administration. Areas discussed include management of the Freedom of Information Act, the use of national security arguments to restrict access to information, Congressional access to Executive Branch information in the Iran-Contra affair, and policies…

  5. Information System for Educational Policy and Administration.

    ERIC Educational Resources Information Center

    Clayton, J. C., Jr.

    Educational Information System (EIS) is a proposed computer-based data processing system to help schools solve current educational problems more efficiently. The system would allow for more effective administrative operations in student scheduling, financial accounting, and long range planning. It would also assist school trustees and others in…

  6. 32 CFR 154.42 - Evaluation of personnel security information.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 32 National Defense 1 2014-07-01 2014-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying...

  7. 32 CFR 154.42 - Evaluation of personnel security information.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 32 National Defense 1 2011-07-01 2011-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying...

  8. 32 CFR 154.42 - Evaluation of personnel security information.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 32 National Defense 1 2013-07-01 2013-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying...

  9. 32 CFR 154.42 - Evaluation of personnel security information.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 32 National Defense 1 2012-07-01 2012-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying...

  10. 49 CFR 8.9 - Information Security Review Committee.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 1 2010-10-01 2010-10-01 false Information Security Review Committee. 8.9 Section.../DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established a Department of Transportation Information Security Review...

  11. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... Clause 1352.239-73, Security Requirements for Information Technology Resources, is needed, contracting... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information security....

  12. Disaster at a University: A Case Study in Information Security

    ERIC Educational Resources Information Center

    Ayyagari, Ramakrishna; Tyks, Jonathan

    2012-01-01

    Security and disaster training is identified as a top Information Technology (IT) required skill that needs to be taught in Information Systems (IS) curriculums. Accordingly, information security and privacy have become core concepts in information system education. Providing IT security on a shoestring budget is always difficult and many small…

  13. 49 CFR 8.9 - Information Security Review Committee.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 1 2011-10-01 2011-10-01 false Information Security Review Committee. 8.9 Section.../DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established a Department of Transportation Information Security Review...

  14. Directory of Energy Information Administration Models 1994

    SciTech Connect

    Not Available

    1994-07-01

    This directory revises and updates the 1993 directory and includes 15 models of the National Energy Modeling System (NEMS). Three other new models in use by the Energy Information Administration (EIA) have also been included: the Motor Gasoline Market Model (MGMM), Distillate Market Model (DMM), and the Propane Market Model (PPMM). This directory contains descriptions about each model, including title, acronym, purpose, followed by more detailed information on characteristics, uses and requirements. Sources for additional information are identified. Included in this directory are 37 EIA models active as of February 1, 1994.

  15. 20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... Administration and its employees in their official capacities. 423.1 Section 423.1 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its... the Social Security Administration or the Commissioner of Social Security should be sent to the...

  16. Perceptual information from OVD diffraction security devices

    NASA Astrophysics Data System (ADS)

    Moser, Jean-Frederic; Staub, Rene; Tompkin, Wayne R.

    1996-03-01

    The criteria by which optically variable devices are judged are aesthetic, semantic, security, ergonomic, and physical/chemical. This paper addresses ergonomic aspects which relate to the human vision and perceptual-cognitive system. Applying some pertinent rules may help greatly to improve the image visual information for easier, more straight-forward reception of a persistent security message. We consider two important aspects of the human visual system that help to determine the ergonomic response to visual displays created using optical diffraction. The human visual system aspect treats the retinal source of information, which is the retinal signal produced when an image of the external world is projected on the retina. The other aspect is the underlying information-processing mechanism of our brains and its constructive operations, which yields the final perceptual information. In this paper we consider information processing methods hidden in the biology of our cognition system. Findings on the relationship between physiology and psychology, sensory results and the activities of the optic pathway and subjective brightness sensations can be applied directly in designing images. Some effects are demonstrated by video tape.

  17. 14 CFR § 1274.937 - Security requirements for unclassified information technology resources.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 14 Aeronautics and Space 5 2014-01-01 2014-01-01 false Security requirements for unclassified information technology resources. § 1274.937 Section § 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION COOPERATIVE AGREEMENTS WITH COMMERCIAL FIRMS Other Provisions and Special Conditions § 1274.937 Security...

  18. Secure medical information sharing in cloud computing.

    PubMed

    Shao, Zhiyi; Yang, Bo; Zhang, Wenzheng; Zhao, Yi; Wu, Zhenqiang; Miao, Meixia

    2015-01-01

    Medical information sharing is one of the most attractive applications of cloud computing, where searchable encryption is a fascinating solution for securely and conveniently sharing medical data among different medical organizers. However, almost all previous works are designed in symmetric key encryption environment. The only works in public key encryption do not support keyword trapdoor security, have long ciphertext related to the number of receivers, do not support receiver revocation without re-encrypting, and do not preserve the membership of receivers. In this paper, we propose a searchable encryption supporting multiple receivers for medical information sharing based on bilinear maps in public key encryption environment. In the proposed protocol, data owner stores only one copy of his encrypted file and its corresponding encrypted keywords on cloud for multiple designated receivers. The keyword ciphertext is significantly shorter and its length is constant without relation to the number of designated receivers, i.e., for n receivers the ciphertext length is only twice the element length in the group. Only the owner knows that with whom his data is shared, and the access to his data is still under control after having been put on the cloud. We formally prove the security of keyword ciphertext based on the intractability of Bilinear Diffie-Hellman problem and the keyword trapdoor based on Decisional Diffie-Hellman problem. PMID:26410315

  19. 32 CFR 2400.45 - Information Security Program Review.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Program Review....

  20. 32 CFR 2103.51 - Information Security Oversight Committee.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Oversight Committee. 2103... BE DECLASSIFIED Implementation and Review § 2103.51 Information Security Oversight Committee. The NCS Information Security Oversight Committee shall be chaired by the Staff Counsel of the National...

  1. 41 CFR 105-53.133 - Information Security Oversight Office.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false Information Security... FUNCTIONS Central Offices § 105-53.133 Information Security Oversight Office. (a) Creation and authority. The Information Security Oversight Office (ISOO), headed by the Director of ISOO, who is appointed...

  2. Examining the Relationship between Organization Systems and Information Security Awareness

    ERIC Educational Resources Information Center

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  3. 32 CFR 2400.45 - Information Security Program Review.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Program Review....

  4. 49 CFR 1549.109 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security Directives and Information Circulars... SCREENING PROGRAM Operations § 1549.109 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify certified cargo screening facilities of security concerns. (b) When...

  5. 49 CFR 1549.109 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SCREENING PROGRAM Operations § 1549.109 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify certified cargo screening facilities of security concerns. (b) When...

  6. 39 CFR 267.5 - National Security Information.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 39 Postal Service 1 2014-07-01 2014-07-01 false National Security Information. 267.5 Section 267.5... § 267.5 National Security Information. (a) Purpose and scope. The purpose of this section is to provide regulations implementing Executive Order 12356 National Security Information (hereinafter referred to as...

  7. 39 CFR 267.5 - National Security Information.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 39 Postal Service 1 2010-07-01 2010-07-01 false National Security Information. 267.5 Section 267.5... § 267.5 National Security Information. (a) Purpose and scope. The purpose of this section is to provide regulations implementing Executive Order 12356 National Security Information (hereinafter referred to as...

  8. 39 CFR 267.5 - National Security Information.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 39 Postal Service 1 2013-07-01 2013-07-01 false National Security Information. 267.5 Section 267.5... § 267.5 National Security Information. (a) Purpose and scope. The purpose of this section is to provide regulations implementing Executive Order 12356 National Security Information (hereinafter referred to as...

  9. 39 CFR 267.5 - National Security Information.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 39 Postal Service 1 2012-07-01 2012-07-01 false National Security Information. 267.5 Section 267.5... § 267.5 National Security Information. (a) Purpose and scope. The purpose of this section is to provide regulations implementing Executive Order 12356 National Security Information (hereinafter referred to as...

  10. 41 CFR 105-53.133 - Information Security Oversight Office.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Information Security... FUNCTIONS Central Offices § 105-53.133 Information Security Oversight Office. (a) Creation and authority. The Information Security Oversight Office (ISOO), headed by the Director of ISOO, who is appointed...

  11. 32 CFR 2103.51 - Information Security Oversight Committee.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Oversight Committee. 2103... BE DECLASSIFIED Implementation and Review § 2103.51 Information Security Oversight Committee. The NCS Information Security Oversight Committee shall be chaired by the Staff Counsel of the National...

  12. Data Mining for Security Information: A Survey

    SciTech Connect

    Brugger, S T; Kelley, M; Sumikawa, K; Wakumoto, S

    2001-04-19

    This paper will present a survey of the current published work and products available to do off-line data mining for computer network security information. Hundreds of megabytes of data are collected every second that are of interest to computer security professionals. This data can answer questions ranging from the proactive, ''Which machines are the attackers going to try to compromise?'' to the reactive, ''When did the intruder break into my system and how?'' Unfortunately, there's so much data that computer security professionals don't have time to sort through it all. What we need are systems that perform data mining at various levels on this corpus of data in order to ease the burden of the human analyst. Such systems typically operate on log data produced by hosts, firewalls and intrusion detection systems as such data is typically in a standard, machine readable format and usually provides information that is most relevant to the security of the system. Systems that do this type of data mining for security information fall under the classification of intrusion detection systems. It is important to point out that we are not surveying real-time intrusion detection systems. Instead, we examined what is possible when the analysis is done off-line. Doing the analysis off-line allows for a larger amount of data correlation between distant sites who transfer relevant log files periodically and may be able to take greater advantage of an archive of past logs. Such a system is not a replacement for a real-time intrusion detection system but should be used in conjunction with one. In fact, as noted previously, the logs of the real-time IDS may be one of the inputs to the data mining system. We will concentrate on the application of data mining to network connection data, as opposed to system logs or the output of real-time intrusion detection systems. We do this primarily because this data is readily obtained from firewalls or real-time intrusion detectors and it

  13. Directory of Energy Information Administration models, 1990

    SciTech Connect

    Not Available

    1990-06-04

    This directory revises and updates the Directory of Energy Information Administration Models, DOE/EIA-0293(89), Energy Information Administration (EIA), US Department of Energy, May 1989. The major changes are the inclusion of the Building Energy End-Use Model (BEEM-PC), Residential Energy End-Use Model (REEM-PC), the Refinery Yield Model Spreadsheet System (RYMSS-PC), and the Capital Stock Model (CAPSTOCK-PC). Also, the following models have been inactivated: Energy Disaggregated Input-Output Model (EDIO), Household Model of Energy (HOME3-PC), Commercial Sector Energy Model (CSEM-PC), Outer Continental Shelf Oil and Gas Supply Model (OCSM), and the Stock Module of the Intermediate Future Forecasting System (STOCK). This directory contains descriptions about each basic and auxiliary model, including the title, acronym, purpose, and type, followed by more detailed information on characteristics, uses, and requirements. For developing models, limited information is provided. Sources for additional information are identified. Included in this directory are 38 EIA models active as of March 1, 1990, as well as the PC-AEO Forecasting Model Overview and the three Subsystems for the Short-Term Integrated Forecasting System (STIFS) Model. Models that run on personal computers are identified by PC'' as part of the acronym.

  14. 44 CFR 11.14 - Administrative claim; evidence and information to be submitted.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 44 Emergency Management and Assistance 1 2010-10-01 2010-10-01 false Administrative claim; evidence and information to be submitted. 11.14 Section 11.14 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL CLAIMS Administrative Claims...

  15. 44 CFR 11.14 - Administrative claim; evidence and information to be submitted.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 44 Emergency Management and Assistance 1 2011-10-01 2011-10-01 false Administrative claim; evidence and information to be submitted. 11.14 Section 11.14 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL CLAIMS Administrative Claims...

  16. 44 CFR 11.14 - Administrative claim; evidence and information to be submitted.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 44 Emergency Management and Assistance 1 2012-10-01 2011-10-01 true Administrative claim; evidence and information to be submitted. 11.14 Section 11.14 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL CLAIMS Administrative Claims...

  17. 44 CFR 11.14 - Administrative claim; evidence and information to be submitted.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 44 Emergency Management and Assistance 1 2014-10-01 2014-10-01 false Administrative claim; evidence and information to be submitted. 11.14 Section 11.14 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL CLAIMS Administrative Claims...

  18. 78 FR 7797 - Homeland Security Information Network Advisory Committee (HSINAC)

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-02-04

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC) AGENCY: OPS/OCIO, DHS. ACTION: Committee Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security... Steigman, Department of Homeland Security, OPS CIO-D Stop 0426, 245 Murray Lane, SW., BLDG 410,...

  19. A Study of the Effect of Information Security Policies on Information Security Breaches in Higher Education Institutions

    ERIC Educational Resources Information Center

    Waddell, Stanie Adolphus

    2013-01-01

    Many articles within the literature point to the information security policy as one of the most important elements of an effective information security program. Even though this belief is continually referred to in many information security scholarly articles, very few research studies have been performed to corroborate this sentiment. Doherty and…

  20. 75 FR 38595 - Guidance to States Regarding Driver History Record Information Security, Continuity of Operation...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-07-02

    ... Federal Motor Carrier Safety Administration Guidance to States Regarding Driver History Record Information... maintaining the security of information contained in the driver history record of commercial driver's license... and disaster recovery planning to ensure the permanence of information contained in the driver...

  1. Directory of Energy Information Administration model abstracts

    SciTech Connect

    Not Available

    1987-08-11

    This report contains brief statements from the model managers about each model's title, acronym, purpose, and status, followed by more detailed information on characteristics, uses, and requirements. Sources for additional information are identified. All models ''active'' through March 1987 are included. The main body of this directory is an alphabetical list of all active EIA models. Appendix A identifies major EIA modeling systems and the models within these systems, and Appendix B identifies active EIA models by type (basic, auxiliary, and developing). A basic model is one designated by the EIA Administrator as being sufficiently important to require sustained support and public scrutiny. An auxiliary model is one designated by the EIA Administrator as being used only occasionally in analyses, and therefore requires minimal levels of documentation. A developing model is one designated by the EIA Administrator as being under development and yet of sufficient interest to require a basic level of documentation at a future date. EIA also leases models developed by proprietary software vendors. Documentation for these ''proprietary'' models is the responsibility of the companies from which they are leased. EIA has recently leased models from Chase Econometrics, Inc., Data Resources, Inc. (DRI), the Oak Ridge National Laboratory (ORNL), and Wharton Econometric Forecasting Associates (WEFA). Leased models are not abstracted here. The directory is intended for the use of energy and energy-policy analysts in the public and private sectors.

  2. 77 FR 43639 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-07-25

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA... Vocational Rehabilitation and Employment Records--VA'' (58VA21/22/28), first published at 74 FR 14865...

  3. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Virus Security. 2452.239-71 Section 2452.239-71 Federal Acquisition Regulations System DEPARTMENT OF... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor...

  4. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Virus Security. 2452.239-71 Section 2452.239-71 Federal Acquisition Regulations System DEPARTMENT OF... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor...

  5. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... Virus Security. 2452.239-71 Section 2452.239-71 Federal Acquisition Regulations System DEPARTMENT OF... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor...

  6. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... Virus Security. 2452.239-71 Section 2452.239-71 Federal Acquisition Regulations System DEPARTMENT OF... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor...

  7. Effect of Organizational Factors on Information Security Implementations

    ERIC Educational Resources Information Center

    Perez, Rafael G.

    2013-01-01

    The purpose of this quantitative inferential study is to determine the level of correlation between the organizational factors of information security awareness, balanced security processes, and organizational structure with the size of the estimation gap of information security implementations mediated by the end user intentionality. The study…

  8. Institutionalization of Information Security: Case of the Indonesian Banking Sector

    ERIC Educational Resources Information Center

    Nasution, Muhamad Faisal Fariduddin Attar

    2012-01-01

    This study focuses on the institutionalization of information security in the banking sector. This study is important to pursue since it explicates the internalization of information security governance and practices and how such internalization develops an organizational resistance towards security breach. The study argues that information…

  9. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  10. 49 CFR 8.9 - Information Security Review Committee.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 1 2013-10-01 2013-10-01 false Information Security Review Committee. 8.9 Section 8.9 Transportation Office of the Secretary of Transportation CLASSIFIED INFORMATION: CLASSIFICATION/DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established...

  11. 49 CFR 1544.305 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security Directives and Information Circulars... and Information Circulars. (a) TSA may issue an Information Circular to notify aircraft operators of... operator that receives a Security Directive or Information Circular and each person who...

  12. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  13. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  14. Information security: from classical to quantum

    NASA Astrophysics Data System (ADS)

    Barnett, Stephen M.; Brougham, Thomas

    2012-09-01

    Quantum cryptography was designed to provide a new approach to the problem of distributing keys for private-key cryptography. The principal idea is that security can be ensured by exploiting the laws of quantum physics and, in particular, by the fact that any attempt to measure a quantum state will change it uncontrollably. This change can be detected by the legitimate users of the communication channel and so reveal to them the presence of an eavesdropper. In this paper I explain (briefly) how quantum key distribution works and some of the progress that has been made towards making this a viable technology. With the principles of quantum communication and quantum key distribution firmly established, it is perhaps time to consider how efficient it can be made. It is interesting to ask, in particular, how many bits of information might reasonably be encoded securely on each photon. The use of photons entangled in their time of arrival might make it possible to achieve data rates in excess of 10 bits per photon.

  15. Transportation Security Administration Efficiency and Flexibility Act of 2011

    THOMAS, 112th Congress

    Sen. Wicker, Roger F. [R-MS

    2011-07-13

    07/13/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  16. 48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 48 Federal Acquisition Regulations System 4 2013-10-01 2013-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology...

  17. 48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 48 Federal Acquisition Regulations System 4 2011-10-01 2011-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology...

  18. 48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 48 Federal Acquisition Regulations System 4 2012-10-01 2012-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology...

  19. Applications of schema theory in information security teaching

    NASA Astrophysics Data System (ADS)

    Qiu, Chunyan; Zhao, Wei; Han, Jialing; Jiang, Jianhua

    2012-04-01

    Information security knowledge is more and more important to students in universities of finance and economics. However, mastering the skill of information security is not easy to them. Schema theory is applied into information security teaching to help students improve their skills. The teaching result shows that there is a significant difference in final exam and practice exam between the proposed model and a regular teaching model.

  20. Information security management system planning for CBRN facilities

    SciTech Connect

    Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  1. 48 CFR 2452.239-71 - Information Technology Virus Security.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor...

  2. 32 CFR 154.42 - Evaluation of personnel security information.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 32 National Defense 1 2010-07-01 2010-07-01 false Evaluation of personnel security information... personnel security information. (a) The criteria and adjudicative policy to be used in applying the... available information. Such a determination shall include consideration of the following factors: (1)...

  3. 49 CFR 1520.5 - Sensitive security information.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security..., including any— (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or other... aircraft operator. (iv) Any armed security officer procedures issued by TSA under 49 CFR part 1562....

  4. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION AGENCY... Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access to restricted data and national security......

  5. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION AGENCY... Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access to restricted data and national security......

  6. Privacy in confidential administrative micro data: implementing statistical disclosure control in a secure computing environment.

    PubMed

    Hochfellner, Daniela; Müller, Dana; Schmucker, Alexandra

    2014-12-01

    The demand for comprehensive and innovative data is constantly growing in social science. In particular, micro data from various social security agencies become more and more attractive. In contrast to survey data, administrative data offer a census with highly reliable information but are restricted in their usage. To make them accessible for researchers, data or research output either have to be anonymized or released after disclosure review procedures have been used. This article discusses the trade-off between maintaining a high capability of research potential while protecting private information, by exploiting the data disclosure portfolio and the adopted disclosure strategies of the Research Data Center of the German Federal Employment Agency. PMID:25747686

  7. 32 CFR 2004.10 - Responsibilities of the Director, Information Security Oversight Office (ISOO) [102(b)]. 1

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION... Responsibilities of the Director, Information Security Oversight Office (ISOO) . 1 1 Bracketed references pertain... 32 National Defense 6 2010-07-01 2010-07-01 false Responsibilities of the Director,...

  8. 32 CFR 2004.10 - Responsibilities of the Director, Information Security Oversight Office (ISOO) [102(b)]. 1

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION... Responsibilities of the Director, Information Security Oversight Office (ISOO) . 1 1 Bracketed references pertain... 32 National Defense 6 2011-07-01 2011-07-01 false Responsibilities of the Director,...

  9. Ascertainment of vital status through the National Death Index and the Social Security Administration.

    PubMed

    Curb, J D; Ford, C E; Pressel, S; Palmer, M; Babcock, C; Hawkins, C M

    1985-05-01

    Ascertainment of the vital status of individuals is of central importance to epidemiologic studies which monitor mortality as an end point. Utilizing identifying information collected in 1973-1974, the Hypertension Detection and Follow-up Program, a prospective, multicenter study, followed 25,362 individuals to determine eight-year mortality. In the most recent follow-up, there were 617 individuals whose vital status was not known. Available identifying information on these and on all 1,322 participants known to have died in 1979-1981 was submitted to the National Death Index (NDI) for possible confirmation of vital status. A subset of individuals who had Social Security numbers (490 lost to follow-up and 1,154 known deaths) was also submitted to the Social Security Administration (SSA). The NDI correctly identified 87.0% of the known deaths. Of the 1,154 known deaths (those with known Social Security numbers) submitted to both agencies, the NDI identified 93.1% and the SSA 83.6%. Significant variations by race and sex were noted in the identification rates, in part because of Social Security number discrepancies. False matches through the NDI matching process occurred for 10.4% of the known deaths. In the more restrictive SSA search, only 0.5% false matches resulted. For those lost to follow-up, vital status was ascertained in 57.1%. This paper describes the relative efficacy and attributes of the use of these systems to ascertain vital status. PMID:4014167

  10. 20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its... titles II, VIII, and/or XVI of the Social Security Act, summonses and complaints to be served by mail...

  11. 20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its... titles II, VIII, and/or XVI of the Social Security Act, summonses and complaints to be served by mail...

  12. 20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its... titles II, VIII, and/or XVI of the Social Security Act, summonses and complaints to be served by mail...

  13. 20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its... titles II, VIII, and/or XVI of the Social Security Act, summonses and complaints to be served by mail...

  14. Security of electronic medical information and patient privacy: what you need to know.

    PubMed

    Andriole, Katherine P

    2014-12-01

    The responsibility that physicians have to protect their patients from harm extends to protecting the privacy and confidentiality of patient health information including that contained within radiological images. The intent of HIPAA and subsequent HIPAA Privacy and Security Rules is to keep patients' private information confidential while allowing providers access to and maintaining the integrity of relevant information needed to provide care. Failure to comply with electronic protected health information (ePHI) regulations could result in financial or criminal penalties or both. Protected health information refers to anything that can reasonably be used to identify a patient (eg, name, age, date of birth, social security number, radiology examination accession number). The basic tools and techniques used to maintain medical information security and patient privacy described in this article include physical safeguards such as computer device isolation and data backup, technical safeguards such as firewalls and secure transmission modes, and administrative safeguards including documentation of security policies, training of staff, and audit tracking through system logs. Other important concepts related to privacy and security are explained, including user authentication, authorization, availability, confidentiality, data integrity, and nonrepudiation. Patient privacy and security of medical information are critical elements in today's electronic health care environment. Radiology has led the way in adopting digital systems to make possible the availability of medical information anywhere anytime, and in identifying and working to eliminate any risks to patients. PMID:25467897

  15. Information Security for Compliance with Select Agent Regulations

    PubMed Central

    Lewis, Nick; Campbell, Mark J.

    2015-01-01

    The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

  16. 20 CFR 217.7 - Claim filed with the Social Security Administration.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 1 2011-04-01 2011-04-01 false Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the...

  17. 20 CFR 217.7 - Claim filed with the Social Security Administration.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 1 2010-04-01 2010-04-01 false Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the...

  18. 76 FR 4079 - Information Technology (IT) Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-24

    ... rule in the Federal Register (73 FR 73201-73202) on December 2, 2008. The sixty day comment period... Security Policy Web site at: http://www.nasa.gov/offices/ocio/itsecurity/index.html . 0 3. Section 1804.470... located in the IT Security Web site at https://itsecurity.nasa.gov/policies/index.html . (d)...

  19. 78 FR 48076 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... Information (75 FR 707; January 5, 2010), before derivatively classifying information and at least once every... standardize the frequency of required security education training for employees of NRC licensees possessing... uniformity in the frequency of licensee security education and training programs and enhances the...

  20. 78 FR 48037 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... National Security Information, which was published in the Federal Register on January 5, 2010 (75 FR 707... implementation of the Executive Order, issued a final rule (75 FR 37254; June 28, 2010) amending 32 CFR parts... Executive Order 13526, Classified National Security Information (75 FR 707; January 5, 2010) (the...

  1. Information Security in Higher Education. Professional Paper Series, #5.

    ERIC Educational Resources Information Center

    Elliott, Raymond; And Others

    Intended to generate discussion and motivate proactive intervention in matters of information security, this paper defines and discusses some of the key issues relating to information security on college and university campuses based on in-depth interviews conducted at eight selected higher education institutions of varying size and composition in…

  2. 36 CFR 1256.46 - National security-classified information.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 36 Parks, Forests, and Public Property 3 2010-07-01 2010-07-01 false National security-classified information. 1256.46 Section 1256.46 Parks, Forests, and Public Property NATIONAL ARCHIVES AND RECORDS... Restrictions § 1256.46 National security-classified information. In accordance with 5 U.S.C. 552(b)(1),...

  3. 75 FR 45154 - National Security Division; Agency Information Collection Activities:

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-08-02

    ... National Security Division; Agency Information Collection Activities: Proposed Collection; Comments... (Foreign Agents). The Department of Justice (DOJ), National Security Division (NSD), will be submitting the... information, please write to U.S. Department of Justice, 10th & Constitution Avenue, NW., National...

  4. 42 CFR 600.350 - Privacy and security of information.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... (Eff. 1-1-15) Eligibility and Enrollment § 600.350 Privacy and security of information. The State must comply with the standards and procedures set forth in 45 CFR 155.260(b) and (c) as are applicable to the... 42 Public Health 5 2014-10-01 2014-10-01 false Privacy and security of information....

  5. A Framework for the Governance of Information Security

    ERIC Educational Resources Information Center

    Edwards, Charles K.

    2013-01-01

    Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

  6. 45 CFR 303.30 - Securing medical support information.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 45 Public Welfare 2 2011-10-01 2011-10-01 false Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT... HUMAN SERVICES STANDARDS FOR PROGRAM OPERATIONS § 303.30 Securing medical support information. (a)...

  7. 45 CFR 303.30 - Securing medical support information.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 45 Public Welfare 2 2014-10-01 2012-10-01 true Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT... HUMAN SERVICES STANDARDS FOR PROGRAM OPERATIONS § 303.30 Securing medical support information. (a)...

  8. 45 CFR 303.30 - Securing medical support information.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 45 Public Welfare 2 2010-10-01 2010-10-01 false Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT... HUMAN SERVICES STANDARDS FOR PROGRAM OPERATIONS § 303.30 Securing medical support information. (a)...

  9. How to Keep Your Health Information Private and Secure

    MedlinePlus

    ... communities, such as message boards. · Store in a personal health record (PHR) that is not offered through ... information. Here are some tips to ensure your personal health information is private and secure when accessing ...

  10. Administrative and Caseload Management Information Systems: The Case of Probation.

    ERIC Educational Resources Information Center

    Eskridge, Chris W.

    1984-01-01

    Reviews the concept, present operations, and problems of information systems in general, and in probation administration specifically. Describes two different models of information systems-administrative management information systems and caseload management information systems. Explores the feasibility of statewide, multi-state, and nationwide…

  11. 77 FR 31298 - Information Collection; Special Use Administration

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-05-25

    ... Forest Service Information Collection; Special Use Administration AGENCY: Forest Service, USDA. ACTION... revision of a currently approved information collection, Special Use Administration. DATES: Comments must...: Special Use Administration. OMB Number: 0596-0082. Expiration Date of Approval: October 31, 2012. Type...

  12. Secure sequential transmission of quantum information

    NASA Astrophysics Data System (ADS)

    Jeong, Kabgyun; Kim, Jaewan

    2015-09-01

    We propose a quantum communication protocol that can be used to transmit any quantum state, one party to another via several intermediate nodes, securely on quantum communication network. The scheme makes use of the sequentially chained and approximate version of private quantum channels satisfying certain commutation relation of n-qubit Pauli operations. In this paper, we study the sequential structure, security analysis, and efficiency of the quantum sequential transmission protocol in depth.

  13. 77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-12-18

    ... ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA... October 8, 1999 (64 FR 54930), as amended on May 3, 2000 (65 FR 25775). We will match the OPM data with data in our Medicare Database (MDB), SOR 60-0321, last published at 71 FR 42159 (July 25, 2006)....

  14. 77 FR 54943 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-09-06

    ... ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA..., Education, and Vocational Rehabilitation and Employment Records-VA'' (58VA21/22/28), published at 74 FR... FR 42159 (July 25, 2006). 2. Number of Records VA's data file will consist of approximately...

  15. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    SciTech Connect

    Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo; Mili, Ali; Trien, Joseph P

    2006-01-01

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  16. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a)...

  17. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a)...

  18. 10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a)...

  19. 20 CFR 603.9 - What safeguards and security requirements apply to disclosed information?

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 3 2012-04-01 2012-04-01 false What safeguards and security requirements apply to disclosed information? 603.9 Section 603.9 Employees' Benefits EMPLOYMENT AND TRAINING ADMINISTRATION, DEPARTMENT OF LABOR FEDERAL-STATE UNEMPLOYMENT COMPENSATION (UC) PROGRAM; CONFIDENTIALITY AND DISCLOSURE OF STATE UC...

  20. Content Sharing Based on Personal Information in Virtually Secured Space

    NASA Astrophysics Data System (ADS)

    Sohn, Hosik; Ro, Yong Man; Plataniotis, Kostantinos N.

    User generated contents (UGC) are shared in an open space like social media where users can upload and consume contents freely. Since the access of contents is not restricted, the contents could be delivered to unwanted users or misused sometimes. In this paper, we propose a method for sharing UGCs securely based on the personal information of users. With the proposed method, virtual secure space is created for contents delivery. The virtual secure space allows UGC creator to deliver contents to users who have similar personal information and they can consume the contents without any leakage of personal information. In order to verify the usefulness of the proposed method, the experiment was performed where the content was encrypted with personal information of creator, and users with similar personal information have decrypted and consumed the contents. The results showed that UGCs were securely shared among users who have similar personal information.

  1. 78 FR 4856 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-23

    ... OMB Review: Aviation Security Infrastructure Fee Records Retention AGENCY: Transportation Security... Aviation Security Infrastructure Fee (ASIF), including information about air carriers' and foreign air.... Information Collection Requirement Title: Aviation Security Infrastructure Fee Records Retention. Type...

  2. On-Line Administrative Information Systems: A Case Study.

    ERIC Educational Resources Information Center

    Sire, Paul W.

    A case study approach is used to document the on-line information system developed by the Office of Management Information and Computing at the University of Vermont. Stanford University's Project INFO On-Line Administration Information System, OASIS, was chosen as a model. The administrative system is one of two on campus, the other designed for…

  3. 49 CFR 1544.305 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... and Information Circulars. (a) TSA may issue an Information Circular to notify aircraft operators of... with an operational need-to-know. (2) Refuse to release the Security Directive or Information Circular, and information contained in either document, to persons other than those with an operational...

  4. The electronic security partnership of safety/security and information systems departments.

    PubMed

    Yow, J Art

    2012-01-01

    The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems. PMID:22423530

  5. 78 FR 4393 - Applications for New Awards; Minorities and Retirement Security Program

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-22

    ... SOCIAL SECURITY ADMINISTRATION Applications for New Awards; Minorities and Retirement Security Program... Policy, Social Security Administration. ACTION: Notice. Overview Information: Minorities and Retirement... Education (ED or the Department) and the United States Social Security Administration (SSA). The MRS...

  6. The Impact of Information Richness on Information Security Awareness Training Effectiveness

    ERIC Educational Resources Information Center

    Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

    2009-01-01

    In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

  7. Energy Information Administration new releases. Volume 1

    SciTech Connect

    1997-04-01

    This publication of the National Energy Information Center contains news items and information sources related primarily to electricity generation. News items reported on in this issue include utility compliance costs for the Clean Air Act, 1995 profits for major energy companies, and competition issues in the electric power and natural gas industries. A summary report on crude oil prices is also presented. Other information provided includes a listing of 1996 publications from the center, electronic information services, and energy data information contacts.

  8. 20 CFR 410.686b - Fee for services performed for an individual before the Social Security Administration.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... before the Social Security Administration. 410.686b Section 410.686b Employees' Benefits SOCIAL SECURITY... Representation of Parties § 410.686b Fee for services performed for an individual before the Social Security Administration. (a) General. A fee for services performed for an individual before the Social...

  9. 2 CFR 2339.500 - Who in the Social Security Administration determines that a recipient other than an individual...

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 2 Grants and Agreements 1 2013-01-01 2013-01-01 false Who in the Social Security Administration... 2339.500 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Consequences § 2339.500 Who in the Social Security Administration determines that a recipient other than...

  10. 2 CFR 2339.225 - Who in the Social Security Administration does a recipient other than an individual notify about...

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 2 Grants and Agreements 1 2013-01-01 2013-01-01 false Who in the Social Security Administration... 2339.225 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Individuals § 2339.225 Who in the Social Security Administration does a recipient other than an...

  11. 2 CFR 2339.500 - Who in the Social Security Administration determines that a recipient other than an individual...

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 2 Grants and Agreements 1 2014-01-01 2014-01-01 false Who in the Social Security Administration... 2339.500 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Consequences § 2339.500 Who in the Social Security Administration determines that a recipient other than...

  12. 2 CFR 2339.225 - Who in the Social Security Administration does a recipient other than an individual notify about...

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 2 Grants and Agreements 1 2012-01-01 2012-01-01 false Who in the Social Security Administration... 2339.225 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Individuals § 2339.225 Who in the Social Security Administration does a recipient other than an...

  13. 2 CFR 2339.225 - Who in the Social Security Administration does a recipient other than an individual notify about...

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 2 Grants and Agreements 1 2014-01-01 2014-01-01 false Who in the Social Security Administration... 2339.225 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Individuals § 2339.225 Who in the Social Security Administration does a recipient other than an...

  14. 2 CFR 2339.500 - Who in the Social Security Administration determines that a recipient other than an individual...

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 2 Grants and Agreements 1 2012-01-01 2012-01-01 false Who in the Social Security Administration... 2339.500 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Consequences § 2339.500 Who in the Social Security Administration determines that a recipient other than...

  15. 2 CFR 2339.500 - Who in the Social Security Administration determines that a recipient other than an individual...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 2 Grants and Agreements 1 2011-01-01 2011-01-01 false Who in the Social Security Administration... 2339.500 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Consequences § 2339.500 Who in the Social Security Administration determines that a recipient other than...

  16. 2 CFR 2339.225 - Who in the Social Security Administration does a recipient other than an individual notify about...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 2 Grants and Agreements 1 2011-01-01 2011-01-01 false Who in the Social Security Administration... 2339.225 Grants and Agreements Federal Agency Regulations for Grants and Agreements SOCIAL SECURITY... Individuals § 2339.225 Who in the Social Security Administration does a recipient other than an...

  17. 31 CFR 363.45 - What are the rules for judicial and administrative actions involving securities held in...

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... administrative actions involving securities held in TreasuryDirect ®? 363.45 Section 363.45 Money and Finance... Governing Securities Held in TreasuryDirect § 363.45 What are the rules for judicial and administrative actions involving securities held in TreasuryDirect ®? (a) Notice of adverse claim or pending...

  18. 31 CFR 363.45 - What are the rules for judicial and administrative actions involving securities held in...

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... administrative actions involving securities held in TreasuryDirect ®? 363.45 Section 363.45 Money and Finance... Governing Securities Held in TreasuryDirect § 363.45 What are the rules for judicial and administrative actions involving securities held in TreasuryDirect ®? (a) Notice of adverse claim or pending...

  19. 31 CFR 363.45 - What are the rules for judicial and administrative actions involving securities held in...

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... administrative actions involving securities held in TreasuryDirect ®? 363.45 Section 363.45 Money and Finance... Governing Securities Held in TreasuryDirect § 363.45 What are the rules for judicial and administrative actions involving securities held in TreasuryDirect ®? (a) Notice of adverse claim or pending...

  20. 31 CFR 363.45 - What are the rules for judicial and administrative actions involving securities held in...

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... administrative actions involving securities held in TreasuryDirect ®? 363.45 Section 363.45 Money and Finance... Governing Securities Held in TreasuryDirect § 363.45 What are the rules for judicial and administrative actions involving securities held in TreasuryDirect ®? (a) Notice of adverse claim or pending...

  1. 20 CFR 410.686b - Fee for services performed for an individual before the Social Security Administration.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... before the Social Security Administration. 410.686b Section 410.686b Employees' Benefits SOCIAL SECURITY... Representation of Parties § 410.686b Fee for services performed for an individual before the Social Security Administration. (a) General. A fee for services performed for an individual before the Social...

  2. Modeling behavioral considerations related to information security.

    SciTech Connect

    Martinez-Moyano, I. J.; Conrad, S. H.; Andersen, D. F.

    2011-01-01

    The authors present experimental and simulation results of an outcome-based learning model for the identification of threats to security systems. This model integrates judgment, decision-making, and learning theories to provide a unified framework for the behavioral study of upcoming threats.

  3. Federal Information Security Amendments Act of 2012

    THOMAS, 112th Congress

    Rep. Issa, Darrell E. [R-CA-49

    2012-03-26

    05/07/2012 Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status Passed HouseHere are the steps for Status of Legislation:

  4. Federal Information Security Amendments Act of 2013

    THOMAS, 113th Congress

    Rep. Issa, Darrell E. [R-CA-49

    2013-03-14

    04/17/2013 Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Notes: For further action, see S.2521, which became Public Law 113-283 on 12/18/2014. Tracker: This bill has the status Passed HouseHere are the steps for Status of Legislation:

  5. Protecting Office Information: Computer and Data Security.

    ERIC Educational Resources Information Center

    Davis-Newton, Hazel C.

    1986-01-01

    Discusses the nature of modern office automation, microcomputer access controls that can be activated to improve security (passwords, error lockout, palm geometry, automatic shutoff, time lock, call back), data communications controls (cryptographic transmission of data, scramblers, dial-back-devices), and management practices that may be…

  6. 36 CFR 1256.46 - National security-classified information.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 36 Parks, Forests, and Public Property 3 2012-07-01 2012-07-01 false National security-classified... Restrictions § 1256.46 National security-classified information. In accordance with 5 U.S.C. 552(b)(1), NARA... properly classified under the provisions of the pertinent Executive Order on Classified National...

  7. 36 CFR 1256.46 - National security-classified information.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 36 Parks, Forests, and Public Property 3 2011-07-01 2011-07-01 false National security-classified... Restrictions § 1256.46 National security-classified information. In accordance with 5 U.S.C. 552(b)(1), NARA... properly classified under the provisions of the pertinent Executive Order on Classified National...

  8. 36 CFR 1256.46 - National security-classified information.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true National security-classified... Restrictions § 1256.46 National security-classified information. In accordance with 5 U.S.C. 552(b)(1), NARA... properly classified under the provisions of the pertinent Executive Order on Classified National...

  9. 36 CFR 1256.46 - National security-classified information.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 36 Parks, Forests, and Public Property 3 2014-07-01 2014-07-01 false National security-classified... Restrictions § 1256.46 National security-classified information. In accordance with 5 U.S.C. 552(b)(1), NARA... properly classified under the provisions of the pertinent Executive Order on Classified National...

  10. An Examination of Issues Surrounding Information Security in California Colleges

    ERIC Educational Resources Information Center

    Butler, Robert D.

    2013-01-01

    Technological advances have provided increasing opportunities in higher education for delivering instruction and other services. However, exposure to information security attacks has been increasing as more organizations conduct their businesses online. Higher education institutions have one of the highest frequencies of security breaches as…

  11. 49 CFR 15.5 - Sensitive security information.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital... 49 CFR 1542.303, 1544.305, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security; or (iii)...

  12. 49 CFR 15.5 - Sensitive security information.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital... 49 CFR 1542.303, 1544.305, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security; or (iii)...

  13. 49 CFR 15.5 - Sensitive security information.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital... 49 CFR 1542.303, 1544.305, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security; or (iii)...

  14. 49 CFR 15.5 - Sensitive security information.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital... 49 CFR 1542.303, 1544.305, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security; or (iii)...

  15. 49 CFR 15.5 - Sensitive security information.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital... 49 CFR 1542.303, 1544.305, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security; or (iii)...

  16. Information Security Issues in Higher Education and Institutional Research

    ERIC Educational Resources Information Center

    Custer, William L.

    2010-01-01

    Information security threats to educational institutions and their data assets have worsened significantly over the past few years. The rich data stores of institutional research are especially vulnerable, and threats from security breaches represent no small risk. New genres of threat require new kinds of controls if the institution is to prevent…

  17. An Innovative Community College Program and Partnership in Information Security.

    ERIC Educational Resources Information Center

    Howard, Barbara C; Morneau, Keith A.

    This report describes an innovative network security program initiated by Northern Virginia Community College and funded with a grant from the Northern Virginia Regional Partnership. The program educates and trains students in the instillation, configuration, and troubleshooting of the hardware and software infrastructure of information security.…

  18. 49 CFR 1542.303 - Security Directives and Information Circulars.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Contingency Measures § 1542.303 Security Directives and Information Circulars. (a) TSA may issue an... either document, to those persons with an operational need-to-know. (2) Refuse to release the Security... who have an operational need to know without the prior written consent of TSA....

  19. Secure communication of medical information using mobile agents.

    PubMed

    Nikooghadam, Morteza; Zakerolhosseini, Ali

    2012-12-01

    Recently several efficient schemes are proposed to provide security of e-medicine systems. Almost all of these schemes have tried to achieve the highest security level in transmission of patients' medical information to medical institutions through a heterogeneous network like Internet. In this paper, we explain the insecurity of these schemes against "man-in-the-middle" attack. Furthermore, a dynamic mobile agent system based on hybrid cryptosystem is proposed that is both secure and also efficient in computation cost. Analyzing the security criteria confirms suitability of the proposed scheme for e-medicine systems. PMID:22569875

  20. 20 CFR 404.1362 - Treatment of social security benefits or payments where Veterans Administration pension or...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Treatment of social security benefits or...' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Wage... Security Benefits and Payments § 404.1362 Treatment of social security benefits or payments where...

  1. 20 CFR 404.1362 - Treatment of social security benefits or payments where Veterans Administration pension or...

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Treatment of social security benefits or...' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Wage... Security Benefits and Payments § 404.1362 Treatment of social security benefits or payments where...

  2. 20 CFR 404.1362 - Treatment of social security benefits or payments where Veterans Administration pension or...

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Treatment of social security benefits or...' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Wage... Security Benefits and Payments § 404.1362 Treatment of social security benefits or payments where...

  3. Agents Based e-Commerce and Securing Exchanged Information

    NASA Astrophysics Data System (ADS)

    Al-Jaljouli, Raja; Abawajy, Jemal

    Mobile agents have been implemented in e-Commerce to search and filter information of interest from electronic markets. When the information is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described, which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol usingSymbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data-authenticity, origin confidentiality and data non-repudiability.

  4. Coordinating UAV information for executing national security-oriented collaboration

    NASA Astrophysics Data System (ADS)

    Isenor, Anthony W.; Allard, Yannick; Lapinski, Anna-Liesa S.; Demers, Hugues; Radulescu, Dan

    2014-10-01

    Unmanned Aerial Vehicles (UAVs) are being used by numerous nations for defence-related missions. In some cases, the UAV is considered a cost-effective means to acquire data such as imagery over a location or object. Considering Canada's geographic expanse, UAVs are also being suggested as a potential platform for use in surveillance of remote areas, such as northern Canada. However, such activities are typically associated with security as opposed to defence. The use of a defence platform for security activities introduces the issue of information exchange between the defence and security communities and their software applications. This paper explores the flow of information from the system used by the UAVs employed by the Royal Canadian Navy. Multiple computers are setup, each with the information system used by the UAVs, including appropriate communication between the systems. Simulated data that may be expected from a typical maritime UAV mission is then fed into the information system. The information structures common to the Canadian security community are then used to store and transfer the simulated data. The resulting data flow from the defence-oriented UAV system to the security-oriented information structure is then displayed using an open source geospatial application. Use of the information structures and applications relevant to the security community avoids the distribution restrictions often associated with defence-specific applications.

  5. 75 FR 34093 - Information Collection; General Program Administration

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-06-16

    ... Farm Service Agency Information Collection; General Program Administration AGENCY: Farm Service Agency... General Program Administration. DATES: We will consider comments that we receive by August 16, 2010...: Farm Loan Programs--General Program Administration (7 CFR part 761). OMB Number: 0560-0238....

  6. Information Security Management - Part Of The Integrated Management System

    NASA Astrophysics Data System (ADS)

    Manea, Constantin Adrian

    2015-07-01

    The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

  7. 39 CFR 267.5 - National Security Information.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... national security information at USPS Headquarters and to provide functional direction to the field. (v) In... USPS Headquarters and provide functional direction to each Regional Records Control Officer; (vii)...

  8. BUSINESS ADMINISTRATION, SECRETARIAL SCIENCE PROGRAM. SURVEY INFORMATION.

    ERIC Educational Resources Information Center

    Manitowoc Technical Inst., WI. School of Business.

    THE SECRETARIAL SCIENCE PROGRAM OF MANITOWOC TECHNICAL INSTITUTE IS DESCRIBED TO ASSIST AN EVALUATION TEAM IN THEIR STUDY OF THE BUSINESS ADMINISTRATION-ACCOUNTING MAJOR PROGRAM OF THE SCHOOL. THE OBJECTIVES OF THE 2-YEAR POST-HIGH SCHOOL PROGRAM ARE TO -- (1) PROVIDE INSTRUCTION IN THE SKILLS, KNOWLEDGE, AND UNDERSTANDINGS OF THE SECRETARIAL…

  9. 78 FR 73868 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-DHS...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-09

    ... August 4, 2006 in 71 FR 44223. This updated system will be included in DHS' inventory of record systems.... Electronic access is limited by computer security measures that are strictly enforced. TSA file areas are... rule published on August 4, 2006 in 71 FR 44223. Dated: November 21, 2013. Karen L. Neuman...

  10. 75 FR 18867 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-011...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-04-13

    ... Security Intelligence Service (TSIS) Operations Files System of Records (69 FR 71828, December 10, 2004...(j)(2), (k)(1), (k)(2) and (k)(5) as reflected in the final rule published on August 4, 2006 in 71 FR...)(2), and (k)(5) as reflected in the final rule published on August 4, 2006, in 71 FR 44223....

  11. How Homeland Security Affects Spatial Information

    ERIC Educational Resources Information Center

    Zellmer, Linda

    2004-01-01

    A recent article in Security-Focus described the fact that several U.S. government buildings in Washington DC could no longer be clearly seen by people using MapQuest's aerial photo database. In addition, the photos of these buildings were altered at the Web sites wherein they are posted at the request of the U.S. Secret Service. This is an…

  12. An Integrative Behavioral Model of Information Security Policy Compliance

    PubMed Central

    Kim, Sang Hoon; Yang, Kyung Hoon; Park, Sunyoung

    2014-01-01

    The authors found the behavioral factors that influence the organization members' compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members' attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1) the study is expected to play a role of the baseline for future research about organization members' compliance with the information security policy, (2) the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3) the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training programs suppressing

  13. Limitations on information-theoretically-secure quantum homomorphic encryption

    NASA Astrophysics Data System (ADS)

    Yu, Li; Pérez-Delgado, Carlos A.; Fitzsimons, Joseph F.

    2014-11-01

    Homomorphic encryption is a form of encryption which allows computation to be carried out on the encrypted data without the need for decryption. The success of quantum approaches to related tasks in a delegated computation setting has raised the question of whether quantum mechanics may be used to achieve information-theoretically-secure fully homomorphic encryption. Here we show, via an information localization argument, that deterministic fully homomorphic encryption necessarily incurs exponential overhead if perfect security is required.

  14. How secure is your information system? An investigation into actual healthcare worker password practices.

    PubMed

    Cazier, Joseph A; Medlin, B Dawn

    2006-01-01

    For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed. PMID:18066366

  15. How Secure Is Your Information System? An Investigation into Actual Healthcare Worker Password Practices

    PubMed Central

    Cazier, Joseph A; Medlin, B. Dawn

    2006-01-01

    For most healthcare information systems, passwords are the first line of defense in keeping patient and administrative records private and secure. However, this defense is only as strong as the passwords employees chose to use. A weak or easily guessed password is like an open door to the medical records room, allowing unauthorized access to sensitive information. In this paper, we present the results of a study of actual healthcare workers' password practices. In general, the vast majority of these passwords have significant security problems on several dimensions. Implications for healthcare professionals are discussed. PMID:18066366

  16. 10 CFR 10.33 - Action by the Deputy Executive Director for Information Services and Administration and Chief...

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 1 2012-01-01 2012-01-01 false Action by the Deputy Executive Director for Information... SECURITY INFORMATION OR AN EMPLOYMENT CLEARANCE Procedures § 10.33 Action by the Deputy Executive Director... Administration and Chief Information Officer or the Commission shall give due recognition to the favorable...

  17. 10 CFR 10.33 - Action by the Deputy Executive Director for Information Services and Administration and Chief...

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 1 2010-01-01 2010-01-01 false Action by the Deputy Executive Director for Information Services and Administration and Chief Information Officer. 10.33 Section 10.33 Energy NUCLEAR REGULATORY COMMISSION CRITERIA AND PROCEDURES FOR DETERMINING ELIGIBILITY FOR ACCESS TO RESTRICTED DATA OR NATIONAL SECURITY INFORMATION OR AN...

  18. 10 CFR 10.33 - Action by the Deputy Executive Director for Information Services and Administration and Chief...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 1 2011-01-01 2011-01-01 false Action by the Deputy Executive Director for Information... SECURITY INFORMATION OR AN EMPLOYMENT CLEARANCE Procedures § 10.33 Action by the Deputy Executive Director... Administration and Chief Information Officer or the Commission shall give due recognition to the favorable...

  19. Information Security Management Practices of K-12 School Districts

    ERIC Educational Resources Information Center

    Nyachwaya, Samson

    2013-01-01

    The research problem addressed in this quantitative correlational study was the inadequacy of sound information security management (ISM) practices in K-12 school districts, despite their increasing ownership of information assets. Researchers have linked organizational and sociotechnical factors to the implementation of information security…

  20. Three Essays on Information Technology Security Management in Organizations

    ERIC Educational Resources Information Center

    Gupta, Manish

    2011-01-01

    Increasing complexity and sophistication of ever evolving information technologies has spurred unique and unprecedented challenges for organizations to protect their information assets. Companies suffer significant financial and reputational damage due to ineffective information technology security management, which has extensively been shown to…

  1. The European cooperative approach to securing critical information infrastructure.

    PubMed

    Purser, Steve

    2011-10-01

    This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps. PMID:22130342

  2. Multicriteria Evaluation and Sensitivity Analysis on Information Security

    NASA Astrophysics Data System (ADS)

    Syamsuddin, Irfan

    2013-05-01

    Information security plays a significant role in recent information society. Increasing number and impact of cyber attacks on information assets have resulted the increasing awareness among managers that attack on information is actually attack on organization itself. Unfortunately, particular model for information security evaluation for management levels is still not well defined. In this study, decision analysis based on Ternary Analytic Hierarchy Process (T-AHP) is proposed as a novel model to aid managers who responsible in making strategic evaluation related to information security issues. In addition, sensitivity analysis is applied to extend our analysis by using several "what-if" scenarios in order to measure the consistency of the final evaluation. Finally, we conclude that the final evaluation made by managers has a significant consistency shown by sensitivity analysis results.

  3. Management Information Systems: Applications to Educational Administration.

    ERIC Educational Resources Information Center

    Witkin, Belle Ruth

    An orientation to management information systems (MIS) is offered which presents information about MIS in the context of public education and suggests some considerations that should be taken into account in designing and operating such systems. MIS is defined as a set of operating procedures that act as a control system to automatically provide…

  4. Blood Donor Locator Service--Social Security Administration. Final rules.

    PubMed

    1991-12-24

    We are issuing these final regulations to govern the Blood Donor Locator Service, which we will establish and conduct, as required by section 8008 of the Technical and Miscellaneous Revenue Act of 1988 (Pub. L. 100-647). Under these regulations, we will furnish to participating States at their request the last known personal mailing address (residence or post office box) of blood donors whose blood donation shows that they are or may be infected with the human immunodeficiency virus (HIV) which causes acquired immune deficiency syndrome, if the State or an authorized blood donation facility has been unable to locate the donors. If our records or those of the Internal Revenue Service (IRS) contain an adequate personal mailing address for the donor, we will provide it to the State so that the State or the blood donation facility can inform the donor that he or she may need medical care and treatment. PMID:10116070

  5. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a...

  6. Explore Awareness of Information Security: Insights from Cognitive Neuromechanism.

    PubMed

    Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

    2015-01-01

    With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment. PMID:26587017

  7. Explore Awareness of Information Security: Insights from Cognitive Neuromechanism

    PubMed Central

    Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

    2015-01-01

    With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment. PMID:26587017

  8. 75 FR 47311 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-08-05

    ... OMB Review: Aviation Security Infrastructure Fee Records Retention AGENCY: Transportation Security... retention of certain information necessary for TSA to help set the Aviation Security Infrastructure Fee... Title: Aviation Security Infrastructure Fee Records Retention. Type of Request: Extension of a...

  9. 78 FR 46594 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-01

    ... OMB Review: Aviation Security Customer Satisfaction Performance Measurement Passenger Survey AGENCY... satisfaction of aviation security in an effort to more efficiently manage its security screening performance at.... Information Collection Requirement Title: Aviation Security Customer Satisfaction Performance...

  10. Supplemental Security Income: determining disability for a child under age 18. Social Security Administration. Final rules.

    PubMed

    2000-09-11

    On February 11, 1997, we published interim final rules with a request for comments to implement the Supplemental Security Income (SSI) childhood disability provisions of sections 211 and 212 of Public Law (Pub. L.) 104-193, the Personal Responsibility and Work Opportunity Reconciliation Act of 1996. We are now publishing revised final rules in response to public comments. We are also conforming our rules to amendments to Public Law 104-193 made by the Balanced Budget Act of 1997, Public Law 105-33. Finally, we are simplifying and clarifying some rules in keeping with the President's goal of using plain language in regulations. PMID:11503639

  11. Directory of Energy Information Administration models 1989

    SciTech Connect

    Not Available

    1989-05-24

    This directory contains descriptions about each basic and auxiliary model, including the title, acronym, purpose, and type, followed by more detailed information on characteristics, uses, and requirements. For developing models, limited information is provided. Sources for additional information are identified. Included in this directory are 40 EIA models active as of March 1, 1989, as well as the PC-AEO Forecasting Model Overview and the three Subsystems for the Short-Term Integrated Forecasting System (STIFS) Model. Models that run on personal computers are identified by ''PC'' as part of the acronym. The main body of this directory is an alphabetical listing of all basic and auxiliary EIA models. Appendix A identifies major EIA modeling systems and the models within these systems, and Appendix B identifies EIA models by type (basic or auxiliary). Appendix C lists developing models and contact persons for those models.

  12. Examining the Impact of Non-Technical Security Management Factors on Information Security Management in Health Informatics

    ERIC Educational Resources Information Center

    Imam, Abbas H.

    2013-01-01

    Complexity of information security has become a major issue for organizations due to incessant threats to information assets. Healthcare organizations are particularly concerned with security owing to the inherent vulnerability of sensitive information assets in health informatics. While the non-technical security management elements have been at…

  13. Secure information display by use of multiple decoding masks

    NASA Astrophysics Data System (ADS)

    Yamamoto, Hirotsugu; Hayasaki, Yoshio; Nishida, Nobuo

    2004-10-01

    Security has become an important issue as information technology has become increasingly pervasive in our everyday lives. Security risks arise with a display that shows decrypted information. In this paper, we propose a secure information display technique by use of visual cryptography. Its decryption requires no special computing devices and is implemented using only human vision. To improve security of the key to decode the encrypted displayed image, multiple decoding masks have been constructed based on visual secret sharing scheme. The proposed display appears as a random pattern to anyone who looks at it unless the person views the displayed image through stacked multiple decoding masks. We have constructed code sets to share the secret image information with a displayed image and multiple decoding masks. The decoding process is a kind of optical processing based on spatial encoding and it needs no computer calculation, which means that no decrypted data exists in a computer system. Thus, the proposed display technique is secure against theft of the decrypted data and eavesdropping of the display signals, and provides a limited viewing zone. Multiple decoding masks increase security of the decoding masks.

  14. The Social Security Administration's Youth Transition Demonstration Projects: Interim Report on Transition WORKS

    ERIC Educational Resources Information Center

    Fraker, Thomas; Black, Alison; Mamun, Arif; Manno, Michelle; Martinez, John; O'Day, Bonnie; O'Toole, Meghan; Rangarajan, Anu; Reed, Debbie

    2011-01-01

    The Social Security Administration is funding a random assignment evaluation of six demonstration projects to improve employment and other outcomes for youth ages 14 to 25 who are either receiving disability benefits or are at high risk of receiving them in the future. This report reviews the Youth Transition Demonstration (YTD) projects, located…

  15. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  16. Security of information in IT systems

    NASA Astrophysics Data System (ADS)

    Kaliczynska, Malgorzata

    2005-02-01

    The aim of the paper is to increase human awareness of the dangers connected with social engineering methods of obtaining information. The article demonstrates psychological and sociological methods of influencing people used in the attacks on IT systems. Little known techniques are presented about one of the greater threats that is electromagnetic emission or corona effect. Moreover, the work shows methods of protecting against this type of dangers. Also, in the paper one can find information on devices made according to the TEMPEST technology. The article not only discusses the methods of gathering information, but also instructs how to protect against its out-of-control loss.

  17. An Information System for an Educational Administrator.

    ERIC Educational Resources Information Center

    Lewis, S. G.

    The Management Systems Series consists of documents of interest to persons concerned with the management of public resources. Operation PEP (Prepare Educational Planners), which called for a three-day session of instruction on Executive (Management Information Systems) was documented in detail as part of this series. This portion attempts to…

  18. Security of healthcare information systems based on the CORBA middleware.

    PubMed

    Blobel, B; Holena, M

    1997-01-01

    The development of healthcare systems in accordance to the "Shared Care" paradigm results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems demand a high level of data protection and data security, both with respect to patient information and with respect to users. The security concepts and measures available and additionally needed in health information systems based on CORBA architecture are described in this paper. The proposed security solution is also open to other middleware approaches, such as DHE or HL7. PMID:10179515

  19. 76 FR 81827 - Declassification of National Security Information

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-12-29

    ... Order, Classified National Security Information,'' 75 FR 733, 3 CFR, 2009 Comp., p. 412; 32 CFR Part...@nara.gov . ] SUPPLEMENTARY INFORMATION: On July 8, 2011, NARA published a proposed rule (76 FR 40296... without proper authority? Authority: 44 U.S.C. 2101 to 2118; 5 U.S.C. 552; E.O. 13526, 75 FR 707, 3...

  20. National Security and Information Technology: The New Regulatory Option?

    ERIC Educational Resources Information Center

    Irwin, Manley R.

    1987-01-01

    Summarizes recent developments in information technology research and development, telecommunication services, telephone manufacturing, telecommunication networks, information processing, and U.S. import/export policy. It is concluded that government regulation as a policy strategy depends on how one defines national security. (Author/CLB)

  1. Secure and Privacy-Preserving Distributed Information Brokering

    ERIC Educational Resources Information Center

    Li, Fengjun

    2010-01-01

    As enormous structured, semi-structured and unstructured data are collected and archived by organizations in many realms ranging from business to health networks to government agencies, the needs for efficient yet secure inter-organization information sharing naturally arise. Unlike early information sharing approaches that only involve a small…

  2. Information Networks Secured by the Laws of Physics

    NASA Astrophysics Data System (ADS)

    Kish, Laszlo B.; Peper, Ferdinand

    In this paper, we survey the state of the art of the secure key exchange method that is secured by the laws of classical statistical physics, and involves the Kirchhoff's law and the generalized Johnson noise equation, too. We discuss the major characteristics and advantages of these schemes especially in comparison with quantum encryption, and analyze some of the technical challenges of its implementation, too. Finally, we outline some ideas about how to use already existing and currently used wire lines, such as power lines, phone lines, internet lines to implement unconditionally secure information networks.

  3. 49 CFR 1520.5 - Sensitive security information.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security..., including any— (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or...

  4. 49 CFR 1520.5 - Sensitive security information.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security..., including any— (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or...

  5. 49 CFR 1520.5 - Sensitive security information.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security..., including any— (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or...

  6. 49 CFR 1520.5 - Sensitive security information.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... under 49 CFR 1542.303, 1544.305, 1548.19, or other authority; (ii) Issued by the Coast Guard under the Maritime Transportation Security Act, 33 CFR part 6, or 33 U.S.C. 1221 et seq. related to maritime security..., including any— (i) Information circular issued by TSA under 49 CFR 1542.303, 1544.305, 1548.19, or...

  7. Directory of energy information administration models 1995

    SciTech Connect

    1995-07-13

    This updated directory has been published annually; after this issue, it will be published only biennially. The Disruption Impact Simulator Model in use by EIA is included. Model descriptions have been updated according to revised documentation approved during the past year. This directory contains descriptions about each model, including title, acronym, purpose, followed by more detailed information on characteristics, uses, and requirements. Sources for additional information are identified. Included are 37 EIA models active as of February 1, 1995. The first group is the National Energy Modeling System (NEMS) models. The second group is all other EIA models that are not part of NEMS. Appendix A identifies major EIA modeling systems and the models within these systems. Appendix B is a summary of the `Annual Energy Outlook` Forecasting System.

  8. Directory of Energy Information Administration Models 1993

    SciTech Connect

    Not Available

    1993-07-06

    This directory contains descriptions about each model, including the title, acronym, purpose, followed by more detailed information on characteristics, uses, and requirements. Sources for additional information are identified. Included in this directory are 35 EIA models active as of May 1, 1993. Models that run on personal computers are identified by ``PC`` as part of the acronym. EIA is developing new models, a National Energy Modeling System (NEMS), and is making changes to existing models to include new technologies, environmental issues, conservation, and renewables, as well as extend forecast horizon. Other parts of the Department are involved in this modeling effort. A fully operational model is planned which will integrate completed segments of NEMS for its first official application--preparation of EIA`s Annual Energy Outlook 1994. Abstracts for the new models will be included in next year`s version of this directory.

  9. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  10. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  11. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  12. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  13. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  14. Directory of Energy Information Administration Model Abstracts

    SciTech Connect

    Not Available

    1986-07-16

    This directory partially fulfills the requirements of Section 8c, of the documentation order, which states in part that: The Office of Statistical Standards will annually publish an EIA document based on the collected abstracts and the appendices. This report contains brief statements about each model's title, acronym, purpose, and status, followed by more detailed information on characteristics, uses, and requirements. Sources for additional information are identified. All models active through March 1985 are included. The main body of this directory is an alphabetical list of all active EIA models. Appendix A identifies major EIA modeling systems and the models within these systems, and Appendix B identifies active EIA models by type (basic, auxiliary, and developing). EIA also leases models developed by proprietary software vendors. Documentation for these proprietary models is the responsibility of the companies from which they are leased. EIA has recently leased models from Chase Econometrics, Inc., Data Resources, Inc. (DRI), the Oak Ridge National Laboratory (ORNL), and Wharton Econometric Forecasting Associates (WEFA). Leased models are not abstracted here. The directory is intended for the use of energy and energy-policy analysts in the public and private sectors.

  15. National Aeronautics and Space Administration Scientific and Technical Information Programs.

    ERIC Educational Resources Information Center

    Pinelli, Thomas E., Ed.

    1990-01-01

    Eleven articles discuss informational and educational programs of the National Aeronautics and Space Administration (NASA). Some of the areas discussed include scientific and technical information management, the new Space and Earth Science Information Systems, transfer of technology to other industries, intellectual property issues, and the…

  16. A secure and robust information hiding technique for covert communication

    NASA Astrophysics Data System (ADS)

    Parah, S. A.; Sheikh, J. A.; Hafiz, A. M.; Bhat, G. M.

    2015-08-01

    The unprecedented advancement of multimedia and growth of the internet has made it possible to reproduce and distribute digital media easier and faster. This has given birth to information security issues, especially when the information pertains to national security, e-banking transactions, etc. The disguised form of encrypted data makes an adversary suspicious and increases the chance of attack. Information hiding overcomes this inherent problem of cryptographic systems and is emerging as an effective means of securing sensitive data being transmitted over insecure channels. In this paper, a secure and robust information hiding technique referred to as Intermediate Significant Bit Plane Embedding (ISBPE) is presented. The data to be embedded is scrambled and embedding is carried out using the concept of Pseudorandom Address Vector (PAV) and Complementary Address Vector (CAV) to enhance the security of the embedded data. The proposed ISBPE technique is fully immune to Least Significant Bit (LSB) removal/replacement attack. Experimental investigations reveal that the proposed technique is more robust to various image processing attacks like JPEG compression, Additive White Gaussian Noise (AWGN), low pass filtering, etc. compared to conventional LSB techniques. The various advantages offered by ISBPE technique make it a good candidate for covert communication.

  17. The Acquisition and Utilization of Technical Information by Administrative Agencies

    ERIC Educational Resources Information Center

    Sabatier, Paul

    1978-01-01

    Through a review and integration of heretofore rather distinct literatures, this paper develops preliminary conceptual frameworks of the variables affecting the acquisition and utilization of technical information by administrative agencies. (Author/IRT)

  18. 31 CFR 363.45 - What are the rules for judicial and administrative actions involving securities held in...

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... savings bond, or the registered owner of an undelivered gift security held in TreasuryDirect. ... administrative actions involving securities held in TreasuryDirect ®? 363.45 Section 363.45 Money and Finance... Governing Securities Held in TreasuryDirect § 363.45 What are the rules for judicial and...

  19. 20 CFR 404.455 - Request by Social Security Administration for reports of earnings and estimated earnings; effect...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Request by Social Security Administration for....455 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Deductions; Reductions; and Nonpayments of Benefits § 404.455 Request by Social...

  20. 20 CFR 404.455 - Request by Social Security Administration for reports of earnings and estimated earnings; effect...

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Request by Social Security Administration for....455 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Deductions; Reductions; and Nonpayments of Benefits § 404.455 Request by Social...

  1. 20 CFR 404.455 - Request by Social Security Administration for reports of earnings and estimated earnings; effect...

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Request by Social Security Administration for....455 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Deductions; Reductions; and Nonpayments of Benefits § 404.455 Request by Social...

  2. 20 CFR 404.455 - Request by Social Security Administration for reports of earnings and estimated earnings; effect...

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Request by Social Security Administration for....455 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Deductions; Reductions; and Nonpayments of Benefits § 404.455 Request by Social...

  3. 20 CFR 404.455 - Request by Social Security Administration for reports of earnings and estimated earnings; effect...

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Request by Social Security Administration for....455 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Deductions; Reductions; and Nonpayments of Benefits § 404.455 Request by Social...

  4. Develop security architecture for both in-house healthcare information systems and electronic patient record

    NASA Astrophysics Data System (ADS)

    Zhang, Jianguo; Chen, Xiaomeng; Zhuang, Jun; Jiang, Jianrong; Zhang, Xiaoyan; Wu, Dongqing; Huang, H. K.

    2003-05-01

    In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

  5. Guidelines for contingency planning NASA (National Aeronautics and Space Administration) ADP security risk reduction decision studies

    NASA Technical Reports Server (NTRS)

    Tompkins, F. G.

    1984-01-01

    Guidance is presented to NASA Computer Security Officials for determining the acceptability or unacceptability of ADP security risks based on the technical, operational and economic feasibility of potential safeguards. The risk management process is reviewed as a specialized application of the systems approach to problem solving and information systems analysis and design. Reporting the results of the risk reduction analysis to management is considered. Report formats for the risk reduction study are provided.

  6. Implementation of an advanced clinical and administrative hospital information system.

    PubMed

    Vegoda, P R; Dyro, J F

    1986-01-01

    Over the last six years since University Hospital opened, the University Hospital Information System (UHIS) has continued to evolve to what is today an advanced administrative and clinical information system. At University Hospital UHIS is the way of conducting business. A wide range of patient care applications are operational including Patient Registration, ADT for Inpatient/Outpatient/Emergency Room visits, Advanced Order Entry/Result Reporting, Medical Records, Lab Automated Data Acquisition/Quality Control, Pharmacy, Radiology, Dietary, Respiratory Therapy, ECG, EEG, Cardiology, Physical/Occupational Therapy and Nursing. These systems and numerous financial systems have been installed in a highly tuned, efficient computer system. All applications are real-time, on-line, and data base oriented. Each system is provided with multiple data security levels, forward file recovery, and dynamic transaction backout of in-flight tasks. Sensitive medical information is safeguarded by job function passwords, identification codes, need-to-know master screens and terminal keylocks. University Hospital has an IBM 3083 CPU with five 3380 disk drives, four dual density tape drives, and a 3705 network controller. The network of 300 terminals and 100 printers is connected to the computer center by an RF broadband cable. The software is configured around the IBM/MVS operating system using CICS as the telecommunication monitor, IMS as the data base management system and PCS/ADS as the application enabling tool. The most extensive clinical system added to UHIS is the Physiological Monitoring/Patient Data Management System with serves 92 critical care beds. In keeping with the Hospital's philosophy of integrated computing, the PMS/PDMS with its network of minicomputers was linked to the UHIS system. In a pilot program, remote access to UHIS through the IBM personal computer has been implemented in several physician offices in the local community, further extending the communications

  7. Information technology security at the Advanced Photon Source.

    SciTech Connect

    Sidorowicz, K. V.; McDowell, W.; APS Engineering Support Division

    2007-01-01

    The proliferation of 'botnets,' phishing schemes, denial-of-service attacks, root kits, and other cyber attack schemes designed to capture a system or network creates a climate of concern for system administrators, especially for those managing accelerator and large experimental-physics facilities, as they are very public targets. This paper will describe the steps being taken at the Advanced Photon Source (APS) to protect the infrastructure of the overall network with emphasis on security for the APS control system.

  8. 75 FR 18863 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-006...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-04-13

    ... records notice titled, DHS/TSA-006 Correspondence Matters Tracking System Records (CMTR) (68 FR 49496... the Federal Register on June 25, 2004 (69 FR 35536). Consistent with the Privacy Act, information... (69 FR 35536). However, TSA will consider individual requests to determine whether or not...

  9. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted...

  10. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted...

  11. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted...

  12. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted...

  13. 10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted...

  14. Information security risk management for computerized health information systems in hospitals: a case study of Iran

    PubMed Central

    Zarei, Javad; Sadoughi, Farahnaz

    2016-01-01

    Background In recent years, hospitals in Iran – similar to those in other countries – have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. Materials and methods This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts’ opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Results Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Conclusion Information security risk management is not followed by Iran’s hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran’s Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran. PMID:27313481

  15. Information Security Analysis Using Game Theory and Simulation

    SciTech Connect

    Schlicher, Bob G; Abercrombie, Robert K

    2012-01-01

    Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions are always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.

  16. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a chemical facility. (a) Information to determine security risk. In order...

  17. Federal Agency and Federal Library Reports: Library of Congress; Center for the Book; Federal Library and Information Center Committee; National Agricultural Library; National Library of Medicine; United States Government Printing Office; National Technical Information Service; National Archives and Records Administration; National Center for Education Statistics Library Statistics Program; National Commission on Libraries and Information Science; National Library of Education; Educational Resources Information Center.

    ERIC Educational Resources Information Center

    Fischer, Audrey; Cole, John Y.; Tarr, Susan M.; Carey, Len; Mehnert, Robert; Sherman, Andrew M.; Davis, Linda; Leahy, Debra W.; Chute, Adrienne; Willard, Robert S.; Dunn, Christina

    2003-01-01

    Includes annual reports from 12 federal agencies and libraries that discuss security, budgets, legislation, digital projects, preservation, government role, information management, personnel changes, collections, databases, financial issues, services, administration, Web sites, access to information, customer service, statistics, international…

  18. Administrator Highlights U.S.-Georgian Nuclear Security Cooperation in Tbilisi

    SciTech Connect

    Thomas D'Agostino

    2010-07-16

    NNSA Administrator Thomas D'Agostino highlighted the strong U.S.-Georgian cooperation on nuclear security issues during a day-long visit to the Republic of Georgia in mid-June. He briefed the media at availability at the Tbilisi airport. In April 2009, President Obama outlined an ambitious agenda to secure vulnerable nuclear material around the world within four years, calling the danger of a terrorist acquiring nuclear weapons "the most immediate and extreme threat to global security." In this year's State of the Union, he called the threat of nuclear weapons, "the greatest danger to the American people." In order to meet that challenge, the President's FY2011 Budget Request includes close to $2.7 billion for the National Nuclear Security Administration's Defense Nuclear Nonproliferation program -- an increase of 25.7 percent over FY2010. Included in that request is NNSA's Second Line of Defense (SLD) program, which works around the world to strengthen the capability of foreign governments to deter, detect, and interdict illicit trafficking in nuclear and other radioactive materials across international borders and through the global maritime shipping system.

  19. Administrator Highlights U.S.-Georgian Nuclear Security Cooperation in Tbilisi

    ScienceCinema

    Thomas D'Agostino

    2010-09-01

    NNSA Administrator Thomas D'Agostino highlighted the strong U.S.-Georgian cooperation on nuclear security issues during a day-long visit to the Republic of Georgia in mid-June. He briefed the media at availability at the Tbilisi airport. In April 2009, President Obama outlined an ambitious agenda to secure vulnerable nuclear material around the world within four years, calling the danger of a terrorist acquiring nuclear weapons "the most immediate and extreme threat to global security." In this year's State of the Union, he called the threat of nuclear weapons, "the greatest danger to the American people." In order to meet that challenge, the President's FY2011 Budget Request includes close to $2.7 billion for the National Nuclear Security Administration's Defense Nuclear Nonproliferation program -- an increase of 25.7 percent over FY2010. Included in that request is NNSA's Second Line of Defense (SLD) program, which works around the world to strengthen the capability of foreign governments to deter, detect, and interdict illicit trafficking in nuclear and other radioactive materials across international borders and through the global maritime shipping system.

  20. 77 FR 72814 - Information Collection; Secure Rural Schools Act

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-12-06

    ... Forest Service Information Collection; Secure Rural Schools Act AGENCY: Forest Service, USDA. ACTION... announces the intention of the Forest Service to seek approval to renew and revise a currently approved... Forest Service is seeking comments from all interested individuals and organizations on renewal...

  1. Information Security in the Age of Cloud Computing

    ERIC Educational Resources Information Center

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  2. 15 CFR 2008.18 - Information Security Oversight Committee.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 15 Commerce and Foreign Trade 3 2011-01-01 2011-01-01 false Information Security Oversight Committee. 2008.18 Section 2008.18 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE...

  3. 15 CFR 2008.18 - Information Security Oversight Committee.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 15 Commerce and Foreign Trade 3 2010-01-01 2010-01-01 false Information Security Oversight Committee. 2008.18 Section 2008.18 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE...

  4. 15 CFR 2008.18 - Information Security Oversight Committee.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 15 Commerce and Foreign Trade 3 2014-01-01 2014-01-01 false Information Security Oversight Committee. 2008.18 Section 2008.18 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE...

  5. 15 CFR 2008.18 - Information Security Oversight Committee.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 15 Commerce and Foreign Trade 3 2013-01-01 2013-01-01 false Information Security Oversight Committee. 2008.18 Section 2008.18 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE...

  6. 15 CFR 2008.18 - Information Security Oversight Committee.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 15 Commerce and Foreign Trade 3 2012-01-01 2012-01-01 false Information Security Oversight Committee. 2008.18 Section 2008.18 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE...

  7. An Undergraduate Information Security Program: More than a Curriculum

    ERIC Educational Resources Information Center

    Woodward, Belle; Imboden, Thomas; Martin, Nancy L.

    2013-01-01

    This paper describes the implementation of an information security program at a large Midwestern university. The initial work is briefly summarized and improvements that have occurred over time are described. Current activities and future plans are discussed. This paper offers insight and lessons learned for organizations that have or are…

  8. Information Uncertainty to Compare Qualitative Reasoning Security Risk Assessment Results

    SciTech Connect

    Chavez, Gregory M; Key, Brian P; Zerkle, David K; Shevitz, Daniel W

    2009-01-01

    The security risk associated with malevolent acts such as those of terrorism are often void of the historical data required for a traditional PRA. Most information available to conduct security risk assessments for these malevolent acts is obtained from subject matter experts as subjective judgements. Qualitative reasoning approaches such as approximate reasoning and evidential reasoning are useful for modeling the predicted risk from information provided by subject matter experts. Absent from these approaches is a consistent means to compare the security risk assessment results. Associated with each predicted risk reasoning result is a quantifiable amount of information uncertainty which can be measured and used to compare the results. This paper explores using entropy measures to quantify the information uncertainty associated with conflict and non-specificity in the predicted reasoning results. The measured quantities of conflict and non-specificity can ultimately be used to compare qualitative reasoning results which are important in triage studies and ultimately resource allocation. Straight forward extensions of previous entropy measures are presented here to quantify the non-specificity and conflict associated with security risk assessment results obtained from qualitative reasoning models.

  9. 78 FR 54862 - Information Collection; General Program Administration

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-09-06

    ...In accordance with the Paperwork Reduction Act of 1995, the Farm Service Agency (FSA) is seeking comments from all interested individuals and organizations on an extension of a currently approved information collection associated with FSA's Farm Loan Programs (FLP) General Program Administration. The information collected is used to ensure that applicants meet statutory eligibility......

  10. Energy Information Administration New Releases, July--August 1990

    SciTech Connect

    Jacobus, P.; Springer, I.

    1990-09-01

    New Releases'' is Energy Information Administration's news letter, which reports its activities, publications, and machine-readable data files and modeling programs. For each publication or report, an abstract, subscription price, availability, and other bibliographical information are included. It covers crude oil, natural gas, and natural gas liquids reserves, coal, electricity, nuclear fuel, renewable energy and conservation, and petroleum. Order forms are also provided.

  11. 76 FR 27002 - Information Collection; National Recreation Program Administration

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-05-10

    ... of Respondents: 37,500. Estimated Annual Number of Responses per Respondent: 1. Estimated Total... and assumptions used; (3) ways to enhance the quality, utility, and clarity of the information to be... Forest Service Information Collection; National Recreation Program Administration AGENCY: Forest...

  12. 76 FR 34886 - General Services Administration Acquisition Regulation; Implementation of Information Technology...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-06-15

    ... of Information Technology Security Provision AGENCY: Office of Acquisition Policy, General Services... to implement policy and guidelines for contracts and orders that include information technology (IT... information technology (IT) supplies, services and systems with security requirements. Comment...

  13. 78 FR 34665 - Homeland Security Information Network Advisory Committee (HSINAC); Meeting

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-06-10

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC); Meeting AGENCY: OPS/OCIO, DHS... Security Information Network Advisory Committee (HSINAC) will meet on Tuesday, June 25th, 2013 from 1 p.m...: http://www.dhs.gov/homeland-security-information-network-advisory-committee . There is a meeting...

  14. 44 CFR 8.3 - Senior FEMA official responsible for the information security program.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the...

  15. 7 CFR 1962.14 - Account and security information in UCC cases.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 7 Agriculture 14 2013-01-01 2013-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written request from the borrower, the Agency must inform the borrower of the security...

  16. 7 CFR 1962.14 - Account and security information in UCC cases.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 7 Agriculture 14 2010-01-01 2009-01-01 true Account and security information in UCC cases. 1962.14... Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written request from the borrower, the Agency must inform the borrower of the security and the total...

  17. 44 CFR 8.3 - Senior FEMA official responsible for the information security program.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the...

  18. 10 CFR 2.911 - Admissibility of restricted data or other national security information.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data or other National Security...

  19. 44 CFR 8.3 - Senior FEMA official responsible for the information security program.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the...

  20. 7 CFR 1962.14 - Account and security information in UCC cases.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 7 Agriculture 14 2011-01-01 2011-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written request from the borrower, the Agency must inform the borrower of the security...

  1. 7 CFR 1962.14 - Account and security information in UCC cases.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 7 Agriculture 14 2014-01-01 2014-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written request from the borrower, the Agency must inform the borrower of the security...

  2. 10 CFR 2.911 - Admissibility of restricted data or other national security information.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data or other National Security...

  3. 7 CFR 1962.14 - Account and security information in UCC cases.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 7 Agriculture 14 2012-01-01 2012-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written request from the borrower, the Agency must inform the borrower of the security...

  4. 44 CFR 8.3 - Senior FEMA official responsible for the information security program.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the...

  5. 76 FR 38179 - Information Collection; General Services Administration; Information Specific to a Contract or...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-06-29

    ... methodology; and ways to enhance the quality, utility, and clarity of the information to be collected. DATES...: 126,870. Responses per Respondent: 1.36. Total Responses: 172,500 Hours Per Response: .399 Total... ADMINISTRATION Information Collection; General Services Administration; Information Specific to a Contract...

  6. Special nuclear material information, security classification guidance. Instruction

    SciTech Connect

    Flickinger, A.

    1982-12-03

    The Instruction reissues DoD Instruction 5210.67, July 5, 1979, and provides security classification guidance for information concerning significant quantities of special nuclear material, other than that contained in nuclear weapons and that used in the production of energy in the reactor plant of nuclear-powered ships. Security classification guidance for these data in the latter two applications is contained in Joint DoE/DoD Nuclear Weapons Classification Guide and Joint DoE/DoD Classification Guide for the Naval Nuclear Propulsion Program.

  7. Assessing and Comparing Information Security in Swiss Hospitals

    PubMed Central

    Hirschel, Jürg; Schlienger, Thomas; Businger, Walter; Zbinden, Alex M

    2012-01-01

    Background Availability of information in hospitals is an important prerequisite for good service. Significant resources have been invested to improve the availability of information, but it is also vital that the security of this information can be guaranteed. Objective The goal of this study was to assess information security in hospitals through a questionnaire based on the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) standard ISO/IEC 27002, evaluating Information technology – Security techniques – Code of practice for information-security management, with a special focus on the effect of the hospitals’ size and type. Methods The survey, set up as a cross-sectional study, was conducted in January 2011. The chief information officers (CIOs) of 112 hospitals in German-speaking Switzerland were invited to participate. The online questionnaire was designed to be fast and easy to complete to maximize participation. To group the analyzed controls of the ISO/IEC standard 27002 in a meaningful way, a factor analysis was performed. A linear score from 0 (not implemented) to 3 (fully implemented) was introduced. The scores of the hospitals were then analyzed for significant differences in any of the factors with respect to size and type of hospital. The participating hospitals were offered a benchmark report about their status. Results The 51 participating hospitals had an average score of 51.1% (range 30.6% - 81.9%) out of a possible 100% where all items in the questionnaire were fully implemented. Room for improvement could be identified, especially for the factors covering “process and quality management” (average score 1.3 ± 0.8 out of a maximum of 3) and “organization and risk management” (average score 1.3 ± 0.7 out of a maximum of 3). Private hospitals scored significantly higher than university hospitals in the implementation of “security zones” and “backup” (P = .008

  8. 75 FR 10545 - Occupational Information Development Advisory Panel Meeting

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-03-08

    ... ADMINISTRATION Occupational Information Development Advisory Panel Meeting AGENCY: Social Security Administration... System Development Project activities and the proposed integration with Panel activities; subcommittee...: Occupational Information Development Advisory Panel, Social Security Administration, 6401 Security Boulevard,...

  9. Individual social security accounts: issues in assessing administrative feasibility and costs.

    PubMed

    Olsen, K A; Salisbury, D L

    1998-11-01

    Whether to add individual accounts (IAs) to the Social Security system is a highly political issue. But almost lost in the debate so far have been any practical considerations about how to administer such accounts. Any discussion of whether to create individual accounts must also address the basic but critical questions of how they would work: Who would run them? What would they cost? Logistically, are they even possible? This EBRI Issue Brief provides an overview of the most salient administrative issues facing the current Social Security reform debate--issues that challenge proponents to carefully think through how their proposals could be implemented so as to achieve their policy goals. The options and difficulties in administering IAs raise concerns that cut across ideology. The object of this report is neither to dissuade the advocates nor support the critics of individual accounts. Rather, it is to bring practical considerations to a political debate that has largely ignored the pragmatic challenges of whether IAs would be too complex for participants to understand or too difficult for record keepers to administer. The major findings in this analysis include: Adding individual accounts to Social Security could be the largest undertaking in the history of the U.S. financial market, and no system to date has the capacity to administer such a system. The number of workers currently covered by Social Security--the largest single entitlement program in the nation--is at least four times higher than the combined number of all tax-favored employment-based retirement accounts in the United States, which are administered by hundreds of entities. Direct comparisons between employment-based retirement savings plans and Social Security reform are tenuous at best. Social Security covers workers and businesses that are disproportionately excluded from employment-based plans. Because of these differences, a system of individual Social Security accounts would be more

  10. A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2015-08-01

    Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency. PMID:26084587

  11. 14 CFR 11.35 - Does FAA include sensitive security information and proprietary information in the Federal Docket...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... RULEMAKING PROCEDURES Rulemaking Procedures General § 11.35 Does FAA include sensitive security information and proprietary information in the Federal Docket Management System (FDMS)? (a) Sensitive security information. You should not submit sensitive security information to the rulemaking docket, unless you...

  12. 14 CFR 11.35 - Does FAA include sensitive security information and proprietary information in the Federal Docket...

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... RULEMAKING PROCEDURES Rulemaking Procedures General § 11.35 Does FAA include sensitive security information and proprietary information in the Federal Docket Management System (FDMS)? (a) Sensitive security information. You should not submit sensitive security information to the rulemaking docket, unless you...

  13. 14 CFR 11.35 - Does FAA include sensitive security information and proprietary information in the Federal Docket...

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... RULEMAKING PROCEDURES Rulemaking Procedures General § 11.35 Does FAA include sensitive security information and proprietary information in the Federal Docket Management System (FDMS)? (a) Sensitive security information. You should not submit sensitive security information to the rulemaking docket, unless you...

  14. 14 CFR 11.35 - Does FAA include sensitive security information and proprietary information in the Federal Docket...

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... RULEMAKING PROCEDURES Rulemaking Procedures General § 11.35 Does FAA include sensitive security information and proprietary information in the Federal Docket Management System (FDMS)? (a) Sensitive security information. You should not submit sensitive security information to the rulemaking docket, unless you...

  15. 14 CFR 11.35 - Does FAA include sensitive security information and proprietary information in the Federal Docket...

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... RULEMAKING PROCEDURES Rulemaking Procedures General § 11.35 Does FAA include sensitive security information and proprietary information in the Federal Docket Management System (FDMS)? (a) Sensitive security information. You should not submit sensitive security information to the rulemaking docket, unless you...

  16. 14 CFR 1274.937 - Security requirements for unclassified information technology resources.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... Computer Security Act of 1987 (40 U.S.C. 1441 et seq.) and the Government Information Security Reform Act... cooperative agreement, receive annual IT security training in NASA IT Security policies, procedures, computer... 14 Aeronautics and Space 5 2012-01-01 2012-01-01 false Security requirements for...

  17. 14 CFR 1274.937 - Security requirements for unclassified information technology resources.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... Computer Security Act of 1987 (40 U.S.C. 1441 et seq.) and the Government Information Security Reform Act... cooperative agreement, receive annual IT security training in NASA IT Security policies, procedures, computer... 14 Aeronautics and Space 5 2013-01-01 2013-01-01 false Security requirements for...

  18. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  19. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  20. Informal Workers in Thailand: Occupational Health and Social Security Disparities.

    PubMed

    Kongtip, Pornpimol; Nankongnab, Noppanun; Chaikittiporn, Chalermchai; Laohaudomchok, Wisanti; Woskie, Susan; Slatin, Craig

    2015-08-01

    Informal workers in Thailand lack employee status as defined under the Labor Protection Act (LPA). Typically, they do not work at an employer's premise; they work at home and may be self-employed or temporary workers. They account for 62.6 percent of the Thai workforce and have a workplace accident rate ten times higher than formal workers. Most Thai Labor laws apply only to formal workers, but some protect informal workers in the domestic, home work, and agricultural sectors. Laws that protect informal workers lack practical enforcement mechanisms and are generally ineffective because informal workers lack employment contracts and awareness of their legal rights. Thai social security laws fail to provide informal workers with treatment of work-related accidents, diseases, and injuries; unemployment and retirement insurance; and workers' compensation. The article summarizes the differences in protections available for formal and informal sector workers and measures needed to decrease these disparities in coverage. PMID:25995374

  1. Secure authentication system that generates seed from biometric information.

    PubMed

    Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

    2005-02-10

    As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics. PMID:15751854

  2. 10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Physical Security § 95.25 Protection of National...

  3. 14 CFR 1274.937 - Security requirements for unclassified information technology resources.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Security requirements for unclassified... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security... for Information Technology security for all systems connected to a NASA network or operated by...

  4. 14 CFR 1274.937 - Security requirements for unclassified information technology resources.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Security requirements for unclassified... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security... for Information Technology security for all systems connected to a NASA network or operated by...

  5. Information Security Awareness On-Line Materials Design with Knowledge Maps

    ERIC Educational Resources Information Center

    Shaw, Ruey-Shiang; Keh, Huan-Chao; Huang, Nan-Ching; Huang, Tien-Chuan

    2011-01-01

    Information Security Awareness, though known as a primary and important issue in the domain of Information Security, CSI computer crime and security survey showed poor security awareness training in public and private sectors. In many studies, the authors have found that the usage of knowledge maps helps the process of learning and conception…

  6. 78 FR 35295 - Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-06-12

    ... SECURITY Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity...-NEW. SUMMARY: The Department of Homeland Security, Cybersecurity Education Office, will submit the....gov . SUPPLEMENTARY INFORMATION: Title II, Homeland Security Act, 6 U.S.C. 121(d)(1) To...

  7. 10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.907 Notice of intent to introduce restricted data or national security... be impracticable for it to avoid the introduction of Restricted Data or National Security...

  8. 10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.907 Notice of intent to introduce restricted data or national security... be impracticable for it to avoid the introduction of Restricted Data or National Security...

  9. European Public Administration Information Systems on the Internet.

    ERIC Educational Resources Information Center

    Ruiz, Maria Jesus Fernandez; Ullate, Jose Maria Angos; Aguaron, Isaac Bolea

    One of the principal challenges in public administration is adapting to needs derived from the application of new technologies that impact directly on managing as well as transmitting information and in supplying it accurately to the citizens. The Bangemann Report calls attention to the important role played in the development of the information…

  10. 76 FR 80329 - Information Collection; Grazing Permit Administration Forms

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-12-23

    ... Total Annual Burden on Respondents: 1950 hours. Comment Is Invited Comment is invited on: (1) Whether... validity of the methodology and assumptions used; (3) ways to enhance the quality, utility, and clarity of... Forest Service Information Collection; Grazing Permit Administration Forms AGENCY: Forest Service,...

  11. Security core to the edge: securing critical information through enhanced Cross Domain Systems (CDS) to the tactical edge

    NASA Astrophysics Data System (ADS)

    Farroha, Bassam S.; Farroha, Deborah L.; Whitfield, Melinda M.

    2010-04-01

    This paper analyzes secure data sharing outside its security domain with services, agencies, coalition partners and state/local authorities. There is a high demand for multiple levels of secure data at the tactical edge; however the threat level at that point is elevated compared to the enterprise environment. This paper investigates the requirements, technologies and risk mitigation techniques for securely sharing information with the tactical warfighter while protecting the data and the information systems from intruders and malware. The new CD Systems need to eliminate the stovepipe architectures and open the doors to share information across traditional and non-traditional domain boundaries.

  12. 20 CFR 655.665 - Notice to the Department of Homeland Security and the Employment and Training Administration.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 20 Employees' Benefits 3 2010-04-01 2010-04-01 false Notice to the Department of Homeland Security and the Employment and Training Administration. 655.665 Section 655.665 Employees' Benefits EMPLOYMENT... Activities in U.S. Ports § 655.665 Notice to the Department of Homeland Security and the Employment...

  13. Breaching the Security of the Kaiser Permanente Internet Patient Portal: the Organizational Foundations of Information Security

    PubMed Central

    Collmann, Jeff; Cooper, Ted

    2007-01-01

    This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients’ questions, medical advice) for over 800 Kaiser Permanente (KP) members through KP Online, a web-enabled health care portal. The authors obtained and analyzed multiple types of qualitative data about this incident including interviews with KP staff, incident reports, root cause analyses, and media reports. Reasons at multiple levels account for the breach, including the architecture of the information system, the motivations of individual staff members, and differences among the subcultures of individual groups within as well as technical and social relations across the Kaiser IT program. None of these reasons could be classified, strictly speaking, as “security violations.” This case study, thus, suggests that, to protect sensitive patient information, health care organizations should build safe organizational contexts for complex health information systems in addition to complying with good information security practice and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) of 1996. PMID:17213500

  14. Thresholds of information leakage for speech security outside meeting rooms.

    PubMed

    Robinson, Matthew; Hopkins, Carl; Worrall, Ken; Jackson, Tim

    2014-09-01

    This paper describes an approach to provide speech security outside meeting rooms where a covert listener might attempt to extract confidential information. Decision-based experiments are used to establish a relationship between an objective measurement of the Speech Transmission Index (STI) and a subjective assessment relating to the threshold of information leakage. This threshold is defined for a specific percentage of English words that are identifiable with a maximum safe vocal effort (e.g., "normal" speech) used by the meeting participants. The results demonstrate that it is possible to quantify an offset that links STI with a specific threshold of information leakage which describes the percentage of words identified. The offsets for male talkers are shown to be approximately 10 dB larger than for female talkers. Hence for speech security it is possible to determine offsets for the threshold of information leakage using male talkers as the "worst case scenario." To define a suitable threshold of information leakage, the results show that a robust definition can be based upon 1%, 2%, or 5% of words identified. For these percentages, results are presented for offset values corresponding to different STI values in a range from 0.1 to 0.3. PMID:25190390

  15. Resistance and Security Index of Networks: Structural Information Perspective of Network Security

    NASA Astrophysics Data System (ADS)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-06-01

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks.

  16. Resistance and Security Index of Networks: Structural Information Perspective of Network Security

    PubMed Central

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-01-01

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks. PMID:27255783

  17. Resistance and Security Index of Networks: Structural Information Perspective of Network Security.

    PubMed

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-01-01

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks. PMID:27255783

  18. The systems approach to airport security: The FAA (Federal Aviation Administration)/BWI (Baltimore-Washington International) Airport demonstration project

    SciTech Connect

    Caskey, D.L.; Olascoaga, M.T.

    1990-01-01

    Sandia National Laboratories has been involved in designing, installing and evaluating security systems for various applications during the past 15 years. A systems approach to security that evolved from this experience was applied to aviation security for the Federal Aviation Administration. A general systems study of aviation security in the United States was concluded in 1987. One result of the study was a recommendation that an enhanced security system concept designed to meet specified objectives be demonstrated at an operational airport. Baltimore-Washington International Airport was selected as the site for the demonstration project which began in 1988 and will be completed in 1992. This article introduced the systems approach to airport security and discussed its application at Baltimore-Washington International Airport. Examples of design features that could be included in an enhanced security concept also were presented, including details of the proposed Ramps Area Intrusion Detection System (RAIDS).

  19. Statistical process control based chart for information systems security

    NASA Astrophysics Data System (ADS)

    Khan, Mansoor S.; Cui, Lirong

    2015-07-01

    Intrusion detection systems have a highly significant role in securing computer networks and information systems. To assure the reliability and quality of computer networks and information systems, it is highly desirable to develop techniques that detect intrusions into information systems. We put forward the concept of statistical process control (SPC) in computer networks and information systems intrusions. In this article we propose exponentially weighted moving average (EWMA) type quality monitoring scheme. Our proposed scheme has only one parameter which differentiates it from the past versions. We construct the control limits for the proposed scheme and investigate their effectiveness. We provide an industrial example for the sake of clarity for practitioner. We give comparison of the proposed scheme with EWMA schemes and p chart; finally we provide some recommendations for the future work.

  20. Secure Information Exchange Gateway for Electric Grid Operations

    SciTech Connect

    Robertson, F. Russell; Carroll, J. Ritchie; Sanders, William; Yardley, Timothy; Heine, Erich; Hadley, Mark; McKinnon, David; Motteler, Barbara; Giri, Jay; Walker, William; McCartha, Esrick

    2014-09-30

    The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

  1. Facial Recognition in Uncontrolled Conditions for Information Security

    NASA Astrophysics Data System (ADS)

    Xiao, Qinghan; Yang, Xue-Dong

    2010-12-01

    With the increasing use of computers nowadays, information security is becoming an important issue for private companies and government organizations. Various security technologies have been developed, such as authentication, authorization, and auditing. However, once a user logs on, it is assumed that the system would be controlled by the same person. To address this flaw, we developed a demonstration system that uses facial recognition technology to periodically verify the identity of the user. If the authenticated user's face disappears, the system automatically performs a log-off or screen-lock operation. This paper presents our further efforts in developing image preprocessing algorithms and dealing with angled facial images. The objective is to improve the accuracy of facial recognition under uncontrolled conditions. To compare the results with others, the frontal pose subset of the Face Recognition Technology (FERET) database was used for the test. The experiments showed that the proposed algorithms provided promising results.

  2. Secure quantum private information retrieval using phase-encoded queries

    NASA Astrophysics Data System (ADS)

    Olejnik, Lukasz

    2011-08-01

    We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett.PRLTAO0031-900710.1103/PhysRevLett.100.230502 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

  3. Secure quantum private information retrieval using phase-encoded queries

    SciTech Connect

    Olejnik, Lukasz

    2011-08-15

    We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

  4. Secure Retrieval of FFTF Testing, Design, and Operating Information

    SciTech Connect

    Butner, R. Scott; Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah

    2009-10-01

    One of the goals of the Advanced Fuel Cycle Initiative (AFCI) is to preserve the knowledge that has been gained in the United States on Liquid Metal Reactors (LMR). In addition, preserving LMR information and knowledge is part of a larger international collaborative activity conducted under the auspices of the International Atomic Energy Agency (IAEA). A similar program is being conducted for EBR-II at the Idaho Nuclear Laboratory (INL) and international programs are also in progress. Knowledge preservation at the FFTF is focused on the areas of design, construction, startup, and operation of the reactor. As the primary function of the FFTF was testing, the focus is also on preserving information obtained from irradiation testing of fuels and materials. This information will be invaluable when, at a later date, international decisions are made to pursue new LMRs. In the interim, this information may be of potential use for international exchanges with other LMR programs around the world. At least as important in the United States, which is emphasizing large-scale computer simulation and modeling, this information provides the basis for creating benchmarks for validating and testing these large scale computer programs. Although the preservation activity with respect to FFTF information as discussed below is still underway, the team of authors above is currently retrieving and providing experimental and design information to the LMR modeling and simulation efforts for use in validating their computer models. On the Hanford Site, the FFTF reactor plant is one of the facilities intended for decontamination and decommissioning consistent with the cleanup mission on this site. The reactor facility has been deactivated and is being maintained in a cold and dark minimal surveillance and maintenance mode until final decommissioning is pursued. In order to ensure protection of information at risk, the program to date has focused on sequestering and secure retrieval

  5. Controlled information destruction: the final frontier in preserving information security for every organisation

    NASA Astrophysics Data System (ADS)

    Curiac, Daniel-Ioan; Pachia, Mihai

    2015-05-01

    Information security represents the cornerstone of every data processing system that resides in an organisation's trusted network, implementing all necessary protocols, mechanisms and policies to be one step ahead of possible threats. Starting from the need to strengthen the set of security services, in this article we introduce a new and innovative process named controlled information destruction (CID) that is meant to secure sensitive data that are no longer needed for the organisation's future purposes but would be very damaging if revealed. The disposal of this type of data has to be controlled carefully in order to delete not only the information itself but also all its splinters spread throughout the network, thus denying any possibility of recovering the information after its alleged destruction. This process leads to a modified model of information assurance and also reconfigures the architecture of any information security management system. The scheme we envisioned relies on a reshaped information lifecycle, which reveals the impact of the CID procedure directly upon the information states.

  6. Development of Information Security-Focused Incident Prevention Measures for Critical Information Infrastructure in Japan

    NASA Astrophysics Data System (ADS)

    Kobayashi, Hideaki; Watanabe, Kenji; Watanabe, Takahito; Nagayasu, Yukinobu

    In recent years, the dilemma of cyber attacks by malicious third parties targeting security vulnerabilities in information and communication systems has emerged, resulting in security incidents. This situation suggests that the establishment of proactive efforts and recurrence prevention measures are becoming imperative, especially in critical infrastructure sectors.This paper provides an analysis of 58 security incident cases, which occurred in critical infrastructures worldwide and were published in media. The purpose of the analysis is to conclude to a valid list of recurrence prevention measures that constitute good practices.

  7. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security clearances and access to classified information... EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified information. (a) No person without a security clearance will have...

  8. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security clearances and access to classified information... EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified information. (a) No person without a security clearance will have...

  9. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security clearances and access to classified information... EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified information. (a) No person without a security clearance will have...

  10. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security clearances and access to classified information... EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified information. (a) No person without a security clearance will have...

  11. 10 CFR 110.121 - Security clearances and access to classified information.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security clearances and access to classified information... EQUIPMENT AND MATERIAL Special Procedures for Classified Information in Hearings § 110.121 Security clearances and access to classified information. (a) No person without a security clearance will have...

  12. 75 FR 733 - Implementation of the Executive Order, ``Classified National Security Information''

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-01-05

    ... National Security Information'' Memorandum for the Heads of Executive Departments and Agencies Today I have signed an executive order entitled, ``Classified National Security Information'' (the ``order''), which... Director of the Information Security Oversight Office (ISOO) a copy of the department or agency...

  13. Incorporating Global Information Security and Assurance in I.S. Education

    ERIC Educational Resources Information Center

    White, Garry L.; Hewitt, Barbara; Kruck, S. E.

    2013-01-01

    Over the years, the news media has reported numerous information security incidents. Because of identity theft, terrorism, and other criminal activities, President Obama has made information security a national priority. Not only is information security and assurance an American priority, it is also a global issue. This paper discusses the…

  14. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities....609 Registration of securities information processors: form of application and amendments. (a) An application for the registration of a securities information processor shall be filed on Form SIP (§...

  15. Exploring Factors that Influence Students' Behaviors in Information Security

    ERIC Educational Resources Information Center

    Yoon, Cheolho; Hwang, Jae-Won; Kim, Rosemary

    2012-01-01

    Due to the ever-increasing use of the Internet, information security has become a critical issue in society. This is especially the case for young adults who have different attitudes towards information security practices. In this research, we examine factors that motivate college students' information security behaviors. Based on the concept…

  16. 10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a...

  17. 10 CFR 2.903 - Protection of restricted data and national security information.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... Restricted Data and/or National Security Information § 2.903 Protection of restricted data and national security information. Nothing in this subpart shall relieve any person from safeguarding Restricted Data or National Security Information in accordance with the applicable provisions of laws of the United States...

  18. 10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a...

  19. 10 CFR 2.903 - Protection of restricted data and national security information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... Restricted Data and/or National Security Information § 2.903 Protection of restricted data and national security information. Nothing in this subpart shall relieve any person from safeguarding Restricted Data or National Security Information in accordance with the applicable provisions of laws of the United States...

  20. 10 CFR 2.911 - Admissibility of restricted data or other national security information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted...

  1. 10 CFR 2.903 - Protection of restricted data and national security information.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... Security Information § 2.903 Protection of restricted data and national security information. Nothing in... 10 Energy 1 2014-01-01 2014-01-01 false Protection of restricted data and national security information. 2.903 Section 2.903 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND...

  2. 10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a...

  3. 10 CFR 2.903 - Protection of restricted data and national security information.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... Restricted Data and/or National Security Information § 2.903 Protection of restricted data and national security information. Nothing in this subpart shall relieve any person from safeguarding Restricted Data or National Security Information in accordance with the applicable provisions of laws of the United States...

  4. 10 CFR 2.911 - Admissibility of restricted data or other national security information.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted...

  5. 10 CFR 2.903 - Protection of restricted data and national security information.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... Security Information § 2.903 Protection of restricted data and national security information. Nothing in... 10 Energy 1 2013-01-01 2013-01-01 false Protection of restricted data and national security information. 2.903 Section 2.903 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND...

  6. 10 CFR 2.911 - Admissibility of restricted data or other national security information.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted...

  7. 76 FR 4362 - Extension of Agency Information Collection Activity Under OMB Review: Air Cargo Security...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-01-25

    ... Information Collection Request (ICR). OMB Control Number: 1652-0040. Form(s): Aviation Security Known Shipper..., Aviation Security Known Shipper Verification Form. Affected Public: The collections of information that... using the Aviation Security Known Shipper Verification Form and subsequently enter that information...

  8. Energy Information Administration (EIA) new releases, January--February 1994

    SciTech Connect

    1994-03-01

    This report is the Jan-Feb 1994 issue of the Energy Information Administration (EIA) New Releases publication. Highlighted articles include: efficiency gains slow growth in U.S. energy demand, dependency on oil imports continues to climb; new EIA report details status of U.S. coal industry; EIA assesses residential vehicle fuel consumption in the U.S.; EIA plans new survey on alternative-fuel vehicles.

  9. 78 FR 42761 - Proposed Information Collection-2014 Election Administration and Voting Survey; Comment Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-07-17

    ... COMMISSION Proposed Information Collection--2014 Election Administration and Voting Survey; Comment Request... this proposed information collection (2014 Election Administration and Voting Survey) to the Director of the Office of Management and Budget for approval. The 2014 Election Administration and...

  10. A secure and efficiently searchable health information architecture.

    PubMed

    Yasnoff, William A

    2016-06-01

    Patient-centric repositories of health records are an important component of health information infrastructure. However, patient information in a single repository is potentially vulnerable to loss of the entire dataset from a single unauthorized intrusion. A new health record storage architecture, the personal grid, eliminates this risk by separately storing and encrypting each person's record. The tradeoff for this improved security is that a personal grid repository must be sequentially searched since each record must be individually accessed and decrypted. To allow reasonable search times for large numbers of records, parallel processing with hundreds (or even thousands) of on-demand virtual servers (now available in cloud computing environments) is used. Estimated search times for a 10 million record personal grid using 500 servers vary from 7 to 33min depending on the complexity of the query. Since extremely rapid searching is not a critical requirement of health information infrastructure, the personal grid may provide a practical and useful alternative architecture that eliminates the large-scale security vulnerabilities of traditional databases by sacrificing unnecessary searching speed. PMID:27109933

  11. Fast massive preventive security and information communication systems

    NASA Astrophysics Data System (ADS)

    Akopian, David; Chen, Philip; Miryakar, Susheel; Kumar, Abhinav

    2008-04-01

    We present a fast massive information communication system for data collection from distributive sources such as cell phone users. As a very important application one can mention preventive notification systems when timely notification and evidence communication may help to improve safety and security through wide public involvement by ensuring easy-to-access and easy-to-communicate information systems. The technology significantly simplifies the response to the events and will help e.g. special agencies to gather crucial information in time and respond as quickly as possible. Cellular phones are nowadays affordable for most of the residents and became a common personal accessory. The paper describes several ways to design such systems including existing internet access capabilities of cell phones or downloadable specialized software. We provide examples of such designs. The main idea is in structuring information in predetermined way and communicating data through a centralized gate-server which will automatically process information and forward it to a proper destination. The gate-server eliminates a need in knowing contact data and specific local community infrastructure. All the cell phones will have self-localizing capability according to FCC E911 mandate, thus the communicated information can be further tagged automatically by location and time information.

  12. Laboratory Information Management System Chain of Custody: Reliability and Security

    PubMed Central

    Tomlinson, J. J.; Elliott-Smith, W.; Radosta, T.

    2006-01-01

    A chain of custody (COC) is required in many laboratories that handle forensics, drugs of abuse, environmental, clinical, and DNA testing, as well as other laboratories that want to assure reliability of reported results. Maintaining a dependable COC can be laborious, but with the recent establishment of the criteria for electronic records and signatures by US regulatory agencies, laboratory information management systems (LIMSs) are now being developed to fully automate COCs. The extent of automation and of data reliability can vary, and FDA- and EPA-compliant electronic signatures and system security are rare. PMID:17671623

  13. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Registration of securities information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND...

  14. Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

    ERIC Educational Resources Information Center

    Edwards, Gregory

    2011-01-01

    Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

  15. Design of a RESTful web information system for drug prescription and administration.

    PubMed

    Bianchi, Lorenzo; Paganelli, Federica; Pettenati, Maria Chiara; Turchi, Stefano; Ciofi, Lucia; Iadanza, Ernesto; Giuli, Dino

    2014-05-01

    Drug prescription and administration processes strongly impact on the occurrence of risks in medical settings for they can be sources of adverse drug events (ADEs). A properly engineered use of information and communication technologies has proven to be a promising approach to reduce these risks. In this study, we propose PHARMA, a web information system which supports healthcare staff in the secure cooperative execution of drug prescription, transcription and registration tasks. PHARMA allows the easy sharing and management of documents containing drug-related information (i.e., drug prescriptions, medical reports, screening), which is often inconsistent and scattered across different information systems and heterogeneous organization domains (e.g., departments, other hospital facilities). PHARMA enables users to access such information in a consistent and secure way, through the adoption of REST and web-oriented design paradigms and protocols. We describe the implementation of the PHARMA prototype, and we discuss the results of the usability evaluation that we carried out with the staff of a hospital in Florence, Italy. PMID:24107986

  16. "Glitch Logic" and Applications to Computing and Information Security

    NASA Technical Reports Server (NTRS)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  17. Resilience to Leaking — Dynamic Systems Modeling of Information Security

    PubMed Central

    Hamacher, Kay

    2012-01-01

    Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack ‘unjust’ systems or ‘conspiracies’. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for ‘just’ and ‘unjust’ entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the ‘conspiracy’). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean’ in direct adversary relations, but do not necessarily increase public benefit and societal immunization to ‘conspiracies’. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here. PMID:23227151

  18. Resilience to leaking--dynamic systems modeling of information security.

    PubMed

    Hamacher, Kay

    2012-01-01

    Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack 'unjust' systems or 'conspiracies'. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for 'just' and 'unjust' entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the 'conspiracy'). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean' in direct adversary relations, but do not necessarily increase public benefit and societal immunization to 'conspiracies'. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here. PMID:23227151

  19. 76 FR 11835 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-03-03

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA... . (SSA) Social Security Administration, DCBFM, Attn: Reports Clearance Officer, 1333 Annex Building,...

  20. 77 FR 62593 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-10-15

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA... . (SSA) Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107 Altmeyer...

  1. 78 FR 56264 - Agency Information Collection Activities: Comment Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-09-12

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Comment Request The Social Security Administration (SSA....gov . (SSA), Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107...

  2. 75 FR 4606 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-01-28

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA....gov . (SSA), Social Security Administration, DCBFM, Attn: Reports Clearance Officer, 1340...

  3. 78 FR 26843 - Agency Information Collection Activities; Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-05-08

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities; Proposed Request The Social Security Administration (SSA... . (SSA) Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107 Altmeyer...

  4. 77 FR 62592 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-10-15

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA... . (SSA) Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107 Altmeyer...

  5. 78 FR 65745 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-11-01

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA... ; (SSA), Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107 Altmeyer...

  6. 78 FR 59411 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-09-26

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA... . (SSA), Social Security Administration, DCRDP, Attn: Reports Clearance Director, 107 Altmeyer...

  7. 75 FR 69515 - Agency Information Collection Activities: Proposed Request

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-11-12

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Agency Information Collection Activities: Proposed Request The Social Security Administration (SSA....gov . (SSA) Social Security Administration, DCBFM, Attn: Reports Clearance Officer, 1333...

  8. Information security governance: a risk assessment approach to health information systems protection.

    PubMed

    Williams, Patricia A H

    2013-01-01

    It is no small task to manage the protection of healthcare data and healthcare information systems. In an environment that is demanding adaptation to change for all information collection, storage and retrieval systems, including those for of e-health and information systems, it is imperative that good information security governance is in place. This includes understanding and meeting legislative and regulatory requirements. This chapter provides three models to educate and guide organisations in this complex area, and to simplify the process of information security governance and ensure appropriate and effective measures are put in place. The approach is risk based, adapted and contextualized for healthcare. In addition, specific considerations of the impact of cloud services, secondary use of data, big data and mobile health are discussed. PMID:24018517

  9. National Nuclear Security Administration Nonproliferation Graduate Fellowship Program Annual Report in Brief: October 2007 - May 2008

    SciTech Connect

    Berkman, Clarissa O.; Fankhauser, Jana G.; Sandusky, Jessica A.

    2009-05-01

    This abbreviated Annual Report covers program activities of the National Nuclear Security Administration (NNSA) Nonproliferation Graduate Fellowship Program (NGFP) from October 2007 through May 2008--the timeframe between the last Annual Report (which covered activities through September 2007) and the next report (which will begin with June 2008 activities). In that timeframe, the NGFP continued building a solid foundation as the program began reaping the benefits of recently implemented changes. This report is organized by Fellowship class and the pertinent program activities for each, including: October 2007 Recruiting events and final applications (Class of 2008) Winter 2007 Selection and hiring (Class of 2008) Spring 2008 Career development roundtables (Class of 2007) Orientation planning (Class of 2008) Recruitment planning and university outreach (Class of 2009) May 2008 Closing ceremony (Class of 2007)

  10. 10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... Protection of National Security Information and Restricted Data in storage. (a) Secret matter,...

  11. 10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... Protection of National Security Information and Restricted Data in storage. (a) Secret matter,...

  12. 10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... Protection of National Security Information and Restricted Data in storage. (a) Secret matter,...

  13. 10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... Protection of National Security Information and Restricted Data in storage. (a) Secret matter,...

  14. Protecting National Security Information: An Overview of Federal Policy and Practice: A Symposium.

    ERIC Educational Resources Information Center

    Relyea, Harold C.; And Others

    1984-01-01

    A series of eight articles explores the impact of national security powers on government information policy and practice. Topics discussed include: the Freedom of Information Act; recommended standards for security classification; federal legislation dealing with national security; and national controls on scientific communication. (CLB)

  15. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  16. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  17. 78 FR 89 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-01-02

    ..., --Legislative Updates, and --Update of NIST Computer Security Division. Note that agenda items may change... National Institute of Standards and Technology Announcing an Open Meeting of the Information Security and.... SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, February...

  18. 77 FR 58980 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-09-25

    ..., --Presentation/Discussion on Radios used by federal civilian agencies, and --Update of NIST Computer Security... National Institute of Standards and Technology Announcing an Open Meeting of the Information Security and.... SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, October 10,...

  19. 78 FR 71631 - Committee Name: Homeland Security Information Network Advisory Committee (HSINAC)

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-11-29

    ... SECURITY Committee Name: Homeland Security Information Network Advisory Committee (HSINAC) AGENCY... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Information Network..., an online web-conferencing tool and via teleconference. The meeting will be open to the public....

  20. 48 CFR 1352.239-72 - Security requirements for information technology resources.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Security requirements...