The Evaluation of Land Ecological Safety of Chengchao Iron Mine Based on PSR and MEM

NASA Astrophysics Data System (ADS)

Jin, Xiangdong; Chen, Yong

2018-01-01

Land ecological security is of vital importance to local security and sustainable development of mining activities. The study has analyzed the potential causal chains between the land ecological security of Iron Mine mining environment, mine resource and the social-economic background. On the base of Pressure-State-Response model, the paper set up a matter element evaluation model of land ecological security, and applies it in Chengchao iron mine. The evaluation result proves to be effective in land ecological evaluation.

MDA-based EHR application security services.

PubMed

Blobel, Bernd; Pharow, Peter

2004-01-01

Component-oriented, distributed, virtual EHR systems have to meet enhanced security and privacy requirements. In the context of advanced architectural paradigms such as component-orientation, model-driven, and knowledge-based, standardised security services needed have to be specified and implemented in an integrated way following the same paradigm. This concerns the deployment of formal models, meta-languages, reference models such as the ISO RM-ODP, and development as well as implementation tools. International projects' results presented proceed on that streamline.

A Collaborative Secure Localization Algorithm Based on Trust Model in Underwater Wireless Sensor Networks

PubMed Central

Han, Guangjie; Liu, Li; Jiang, Jinfang; Shu, Lei; Rodrigues, Joel J.P.C.

2016-01-01

Localization is one of the hottest research topics in Underwater Wireless Sensor Networks (UWSNs), since many important applications of UWSNs, e.g., event sensing, target tracking and monitoring, require location information of sensor nodes. Nowadays, a large number of localization algorithms have been proposed for UWSNs. How to improve location accuracy are well studied. However, few of them take location reliability or security into consideration. In this paper, we propose a Collaborative Secure Localization algorithm based on Trust model (CSLT) for UWSNs to ensure location security. Based on the trust model, the secure localization process can be divided into the following five sub-processes: trust evaluation of anchor nodes, initial localization of unknown nodes, trust evaluation of reference nodes, selection of reference node, and secondary localization of unknown node. Simulation results demonstrate that the proposed CSLT algorithm performs better than the compared related works in terms of location security, average localization accuracy and localization ratio. PMID:26891300

Airport security inspection process model and optimization based on GSPN

NASA Astrophysics Data System (ADS)

Mao, Shuainan

2018-04-01

Aiming at the efficiency of airport security inspection process, Generalized Stochastic Petri Net is used to establish the security inspection process model. The model is used to analyze the bottleneck problem of airport security inspection process. The solution to the bottleneck is given, which can significantly improve the efficiency and reduce the waiting time by adding the place for people to remove their clothes and the X-ray detector.

A provably-secure ECC-based authentication scheme for wireless sensor networks.

PubMed

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

PubMed Central

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

Information security system based on virtual-optics imaging methodology and public key infrastructure

NASA Astrophysics Data System (ADS)

Peng, Xiang; Zhang, Peng; Cai, Lilong

In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

A model of airport security work flow based on petri net

NASA Astrophysics Data System (ADS)

Dong, Xinming

2017-09-01

Extremely long lines at airports in the United States have been sharply criticized. In order to find out the bottleneck in the existing security system and put forward reasonable improvement plans and proposal, the Petri net model and the Markov Chain are introduced in this paper. This paper uses data collected by transportation Security Agency (TSA), assuming the data can represent the average level of all airports in the Unites States, to analysis the performance of security check system. By calculating the busy probabilities and the utilization probabilities, the bottleneck is found. Moreover, recommendation is given based on the parameters’ modification in Petri net model.

Research in DRM architecture based on watermarking and PKI

NASA Astrophysics Data System (ADS)

Liu, Ligang; Chen, Xiaosu; Xiao, Dao-ju; Yi, Miao

2005-02-01

Analyze the virtue and disadvantage of the present digital copyright protecting system, design a kind of security protocol model of digital copyright protection, which equilibrium consider the digital media"s use validity, integrality, security of transmission, and trade equity, make a detailed formalize description to the protocol model, analyze the relationship of the entities involved in the digital work copyright protection. The analysis of the security and capability of the protocol model shows that the model is good at security and practicability.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach-A Case Study for the City of Wuhan in China.

PubMed

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-06-15

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study-simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan.

Hybrid cloud: bridging of private and public cloud computing

NASA Astrophysics Data System (ADS)

Aryotejo, Guruh; Kristiyanto, Daniel Y.; Mufadhol

2018-05-01

Cloud Computing is quickly emerging as a promising paradigm in the recent years especially for the business sector. In addition, through cloud service providers, cloud computing is widely used by Information Technology (IT) based startup company to grow their business. However, the level of most businesses awareness on data security issues is low, since some Cloud Service Provider (CSP) could decrypt their data. Hybrid Cloud Deployment Model (HCDM) has characteristic as open source, which is one of secure cloud computing model, thus HCDM may solve data security issues. The objective of this study is to design, deploy and evaluate a HCDM as Infrastructure as a Service (IaaS). In the implementation process, Metal as a Service (MAAS) engine was used as a base to build an actual server and node. Followed by installing the vsftpd application, which serves as FTP server. In comparison with HCDM, public cloud was adopted through public cloud interface. As a result, the design and deployment of HCDM was conducted successfully, instead of having good security, HCDM able to transfer data faster than public cloud significantly. To the best of our knowledge, Hybrid Cloud Deployment model is one of secure cloud computing model due to its characteristic as open source. Furthermore, this study will serve as a base for future studies about Hybrid Cloud Deployment model which may relevant for solving big security issues of IT-based startup companies especially in Indonesia.

Design and implementation of a secure workflow system based on PKI/PMI

NASA Astrophysics Data System (ADS)

Yan, Kai; Jiang, Chao-hui

2013-03-01

As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

77 FR 70213 - Capital, Margin, and Segregation Requirements for Security-Based Swap Dealers and Major Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-23

...In accordance with the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (``Dodd-Frank Act''), the Securities and Exchange Commission (``Commission''), pursuant to the Securities Exchange Act of 1934 (``Exchange Act''), is proposing capital and margin requirements for security-based swap dealers (``SBSDs'') and major security-based swap participants (``MSBSPs''), segregation requirements for SBSDs, and notification requirements with respect to segregation for SBSDs and MSBSPs. The Commission also is proposing to increase the minimum net capital requirements for broker-dealers permitted to use the alternative internal model-based method for computing net capital (``ANC broker-dealers'').

Mechanisms of Power within a Community-Based Food Security Planning Process

ERIC Educational Resources Information Center

McCullum, Christine; Pelletier, David; Barr, Donald; Wilkins, Jennifer; Habicht, Jean-Pierre

2004-01-01

A community food security movement has begun to address problems of hunger and food insecurity by utilizing a community-based approach. Although various models have been implemented, little empirical research has assessed how power operates within community-based food security initiatives. The purpose of this research was to determine how power…

Information security system quality assessment through the intelligent tools

NASA Astrophysics Data System (ADS)

Trapeznikov, E. V.

2018-04-01

The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

Capturing security requirements for software systems.

PubMed

El-Hadary, Hassan; El-Kassas, Sherif

2014-07-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

PubMed Central

El-Hadary, Hassan; El-Kassas, Sherif

2014-01-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Specifying Skill-Based Training Strategies and Devices: A Model Description

DTIC Science & Technology

1990-06-01

Technical Report 897 Specifying Skill-Based Training N Strategies and Devices: A Model Description I Paui J. Sticha and Mark Schlager Human Resources...unlimied 90 ’ Technical Report 897 Specifying Skill-Based Training Strategies and Devices: A Model Description Paul J. Sticha and Mark Schlager Human...SECURITY CLASSIFICATION OF THIS PAGE Form Approved REPORT DOCUMENTATION PAGE FMNo o7 ote la. REPORT SECURITY CLASSIFICATION lb. RESTRICTWE MARKINGS

Security of medical multimedia.

PubMed

Tzelepi, S; Pangalos, G; Nikolacopoulou, G

2002-09-01

The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

Campus network security model study

NASA Astrophysics Data System (ADS)

Zhang, Yong-ku; Song, Li-ren

2011-12-01

Campus network security is growing importance, Design a very effective defense hacker attacks, viruses, data theft, and internal defense system, is the focus of the study in this paper. This paper compared the firewall; IDS based on the integrated, then design of a campus network security model, and detail the specific implementation principle.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach—A Case Study for the City of Wuhan in China

PubMed Central

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-01-01

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study—simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan. PMID:28617348

Automating Risk Analysis of Software Design Models

PubMed Central

Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P.

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance. PMID:25136688

Automating risk analysis of software design models.

PubMed

Frydman, Maxime; Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance.

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Psychological Separation, Attachment Security, Vocational Self-Concept Crystallization, and Career Indecision: A Structural Equation Analysis.

ERIC Educational Resources Information Center

Tokar, David M.; Withrow, Jason R.; Hall, Rosalie J.; Moradi, Bonnie

2003-01-01

Structural equation modeling was used to test theoretically based models in which psychological separation and attachment security variables were related to career indecision and those relations were mediated through vocational self-concept crystallization. Results indicated that some components of separation and attachment security did relate to…

Security risk assessment: applying the concepts of fuzzy logic.

PubMed

Bajpai, Shailendra; Sachdeva, Anish; Gupta, J P

2010-01-15

Chemical process industries (CPI) handling hazardous chemicals in bulk can be attractive targets for deliberate adversarial actions by terrorists, criminals and disgruntled employees. It is therefore imperative to have comprehensive security risk management programme including effective security risk assessment techniques. In an earlier work, it has been shown that security risk assessment can be done by conducting threat and vulnerability analysis or by developing Security Risk Factor Table (SRFT). HAZOP type vulnerability assessment sheets can be developed that are scenario based. In SRFT model, important security risk bearing factors such as location, ownership, visibility, inventory, etc., have been used. In this paper, the earlier developed SRFT model has been modified using the concepts of fuzzy logic. In the modified SRFT model, two linguistic fuzzy scales (three-point and four-point) are devised based on trapezoidal fuzzy numbers. Human subjectivity of different experts associated with previous SRFT model is tackled by mapping their scores to the newly devised fuzzy scale. Finally, the fuzzy score thus obtained is defuzzyfied to get the results. A test case of a refinery is used to explain the method and compared with the earlier work.

Hybrid network defense model based on fuzzy evaluation.

PubMed

Cho, Ying-Chiang; Pan, Jen-Yi

2014-01-01

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network's existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter's inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

Constructing RBAC Based Security Model in u-Healthcare Service Platform

PubMed Central

Shin, Moon Sun; Jeon, Heung Seok; Ju, Yong Wan; Lee, Bum Ju; Jeong, Seon-Phil

2015-01-01

In today's era of aging society, people want to handle personal health care by themselves in everyday life. In particular, the evolution of medical and IT convergence technology and mobile smart devices has made it possible for people to gather information on their health status anytime and anywhere easily using biometric information acquisition devices. Healthcare information systems can contribute to the improvement of the nation's healthcare quality and the reduction of related cost. However, there are no perfect security models or mechanisms for healthcare service applications, and privacy information can therefore be leaked. In this paper, we examine security requirements related to privacy protection in u-healthcare service and propose an extended RBAC based security model. We propose and design u-healthcare service integration platform (u-HCSIP) applying RBAC security model. The proposed u-HCSIP performs four main functions: storing and exchanging personal health records (PHR), recommending meals and exercise, buying/selling private health information or experience, and managing personal health data using smart devices. PMID:25695104

Constructing RBAC based security model in u-healthcare service platform.

PubMed

Shin, Moon Sun; Jeon, Heung Seok; Ju, Yong Wan; Lee, Bum Ju; Jeong, Seon-Phil

2015-01-01

In today's era of aging society, people want to handle personal health care by themselves in everyday life. In particular, the evolution of medical and IT convergence technology and mobile smart devices has made it possible for people to gather information on their health status anytime and anywhere easily using biometric information acquisition devices. Healthcare information systems can contribute to the improvement of the nation's healthcare quality and the reduction of related cost. However, there are no perfect security models or mechanisms for healthcare service applications, and privacy information can therefore be leaked. In this paper, we examine security requirements related to privacy protection in u-healthcare service and propose an extended RBAC based security model. We propose and design u-healthcare service integration platform (u-HCSIP) applying RBAC security model. The proposed u-HCSIP performs four main functions: storing and exchanging personal health records (PHR), recommending meals and exercise, buying/selling private health information or experience, and managing personal health data using smart devices.

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

PubMed

Gope, Prosanta; Amin, Ruhul

2016-11-01

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

Trustworthy data collection from implantable medical devices via high-speed security implementation based on IEEE 1363.

PubMed

Hu, Fei; Hao, Qi; Lukowiak, Marcin; Sun, Qingquan; Wilhelm, Kyle; Radziszowski, Stanisław; Wu, Yao

2010-11-01

Implantable medical devices (IMDs) have played an important role in many medical fields. Any failure in IMDs operations could cause serious consequences and it is important to protect the IMDs access from unauthenticated access. This study investigates secure IMD data collection within a telehealthcare [mobile health (m-health)] network. We use medical sensors carried by patients to securely access IMD data and perform secure sensor-to-sensor communications between patients to relay the IMD data to a remote doctor's server. To meet the requirements on low computational complexity, we choose N-th degree truncated polynomial ring (NTRU)-based encryption/decryption to secure IMD-sensor and sensor-sensor communications. An extended matryoshkas model is developed to estimate direct/indirect trust relationship among sensors. An NTRU hardware implementation in very large integrated circuit hardware description language is studied based on industry Standard IEEE 1363 to increase the speed of key generation. The performance analysis results demonstrate the security robustness of the proposed IMD data access trust model.

Simple protocols for oblivious transfer and secure identification in the noisy-quantum-storage model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schaffner, Christian

2010-09-15

We present simple protocols for oblivious transfer and password-based identification which are secure against general attacks in the noisy-quantum-storage model as defined in R. Koenig, S. Wehner, and J. Wullschleger [e-print arXiv:0906.1030]. We argue that a technical tool from Koenig et al. suffices to prove security of the known protocols. Whereas the more involved protocol for oblivious transfer from Koenig et al. requires less noise in storage to achieve security, our ''canonical'' protocols have the advantage of being simpler to implement and the security error is easier control. Therefore, our protocols yield higher OT rates for many realistic noise parameters.more » Furthermore, a proof of security of a direct protocol for password-based identification against general noisy-quantum-storage attacks is given.« less

Security Verification Techniques Applied to PatchLink COTS Software

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Powell, John D.; Bishop, Matt; Andrew, Chris; Jog, Sameer

2006-01-01

Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink's UNIX Agent, a Commercial-Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.

Putting food on the public health table: Making food security relevant to regional health authorities.

PubMed

Rideout, Karen; Seed, Barbara; Ostry, Aleck

2006-01-01

Food security is emerging as an increasingly important public health issue. The purpose of this paper is to describe a conceptual model and five classes of food security indicators for regional health authorities (RHAs): direct, indirect, consequence, process, and supra-regional. The model was developed after a review of the food security literature and interviews with British Columbia community nutritionists and public health officials. We offer this conceptual model as a practical tool to help RHAs develop a comprehensive framework and use specific indicators, in conjunction with public health nutritionists and other community stakeholders. We recommend using all five classes of indicator together to ensure a complete assessment of the full breadth of food security. This model will be useful for Canadian health authorities wishing to take a holistic community-based approach to public health nutrition to develop more effective policies and programs to maximize food security. The model and indicators offer a rational process that could be useful for collaborative multi-stakeholder initiatives to improve food security.

Application of Lightweight Formal Methods to Software Security

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Powell, John D.; Bishop, Matt

2005-01-01

Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which species security properties in a library that can be reused by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The Flexible Modeling Framework (FMF) is a model based verijkation instrument that uses Promela and the SPIN model checker. The Property Based Tester (PBT) uses TASPEC and a Text Execution Monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles.

Origins of Secure Base Script Knowledge and the Developmental Construction of Attachment Representations

PubMed Central

Waters, Theodore E. A.; Ruiz, Sarah K.; Roisman, Glenn I.

2016-01-01

Increasing evidence suggests that attachment representations take at least two forms—a secure base script and an autobiographical narrative of childhood caregiving experiences. This study presents data from the first 26 years of the Minnesota Longitudinal Study of Risk and Adaptation (N = 169), examining the developmental origins of secure base script knowledge in a high-risk sample, and testing alternative models of the developmental sequencing of the construction of attachment representations. Results demonstrated that secure base script knowledge was predicted by observations of maternal sensitivity across childhood and adolescence. Further, findings suggest that the construction of a secure base script supports the development of a coherent autobiographical representation of childhood attachment experiences with primary caregivers by early adulthood. PMID:27302650

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

Secure Base Narrative Representations and Intimate Partner Violence: A Dyadic Perspective

PubMed Central

Karakurt, Gunnur; Silver, Kristin E.; Keiley, Margaret K.

2015-01-01

This study aimed to understand the relationship between secure base phenomena and dating violence among couples. Within a relationship, a secure base can be defined as a balancing act of proximity-seeking and exploration at various times and contexts with the assurance of a caregiver’s availability and responsiveness in emotionally distressing situations. Participants were 87 heterosexual couples. The Actor-Partner Interdependence Model was used to examine the relationship between each partner’s scores on secure base representational knowledge and intimate partner violence. Findings demonstrated that women’s secure base representational knowledge had a significant direct negative effect on the victimization of both men and women, while men’s secure base representational knowledge did not have any significant partner or actor effects. Therefore, findings suggest that women with insecure attachments may be more vulnerable to being both the victims and the perpetrators of PMID:27445432

Security Requirements Management in Software Product Line Engineering

NASA Astrophysics Data System (ADS)

Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

NASA Astrophysics Data System (ADS)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and to indicate degradations.

Provably-Secure (Chinese Government) SM2 and Simplified SM2 Key Exchange Protocols

PubMed Central

Nam, Junghyun; Kim, Moonseong

2014-01-01

We revisit the SM2 protocol, which is widely used in Chinese commercial applications and by Chinese government agencies. Although it is by now standard practice for protocol designers to provide security proofs in widely accepted security models in order to assure protocol implementers of their security properties, the SM2 protocol does not have a proof of security. In this paper, we prove the security of the SM2 protocol in the widely accepted indistinguishability-based Bellare-Rogaway model under the elliptic curve discrete logarithm problem (ECDLP) assumption. We also present a simplified and more efficient version of the SM2 protocol with an accompanying security proof. PMID:25276863

Reducing software security risk through an integrated approach research initiative model based verification of the Secure Socket Layer (SSL) Protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2003-01-01

This document discusses the verification of the Secure Socket Layer (SSL) communication protocol as a demonstration of the Model Based Verification (MBV) portion of the verification instrument set being developed under the Reducing Software Security Risk (RSSR) Trough an Integrated Approach research initiative. Code Q of the National Aeronautics and Space Administration (NASA) funds this project. The NASA Goddard Independent Verification and Validation (IV&V) facility manages this research program at the NASA agency level and the Assurance Technology Program Office (ATPO) manages the research locally at the Jet Propulsion Laboratory (California institute of Technology) where the research is being carried out.

Network Security Risk Assessment System Based on Attack Graph and Markov Chain

NASA Astrophysics Data System (ADS)

Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian

2017-10-01

Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.

Hybrid Network Defense Model Based on Fuzzy Evaluation

PubMed Central

2014-01-01

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network's existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter's inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture. PMID:24574870

Double Cluster Heads Model for Secure and Accurate Data Fusion in Wireless Sensor Networks

PubMed Central

Fu, Jun-Song; Liu, Yun

2015-01-01

Secure and accurate data fusion is an important issue in wireless sensor networks (WSNs) and has been extensively researched in the literature. In this paper, by combining clustering techniques, reputation and trust systems, and data fusion algorithms, we propose a novel cluster-based data fusion model called Double Cluster Heads Model (DCHM) for secure and accurate data fusion in WSNs. Different from traditional clustering models in WSNs, two cluster heads are selected after clustering for each cluster based on the reputation and trust system and they perform data fusion independently of each other. Then, the results are sent to the base station where the dissimilarity coefficient is computed. If the dissimilarity coefficient of the two data fusion results exceeds the threshold preset by the users, the cluster heads will be added to blacklist, and the cluster heads must be reelected by the sensor nodes in a cluster. Meanwhile, feedback is sent from the base station to the reputation and trust system, which can help us to identify and delete the compromised sensor nodes in time. Through a series of extensive simulations, we found that the DCHM performed very well in data fusion security and accuracy. PMID:25608211

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

Security issues of Internet-based biometric authentication systems: risks of Man-in-the-Middle and BioPhishing on the example of BioWebAuth

NASA Astrophysics Data System (ADS)

Zeitz, Christian; Scheidat, Tobias; Dittmann, Jana; Vielhauer, Claus; González Agulla, Elisardo; Otero Muras, Enrique; García Mateo, Carmen; Alba Castro, José L.

2008-02-01

Beside the optimization of biometric error rates the overall security system performance in respect to intentional security attacks plays an important role for biometric enabled authentication schemes. As traditionally most user authentication schemes are knowledge and/or possession based, firstly in this paper we present a methodology for a security analysis of Internet-based biometric authentication systems by enhancing known methodologies such as the CERT attack-taxonomy with a more detailed view on the OSI-Model. Secondly as proof of concept, the guidelines extracted from this methodology are strictly applied to an open source Internet-based biometric authentication system (BioWebAuth). As case studies, two exemplary attacks, based on the found security leaks, are investigated and the attack performance is presented to show that during the biometric authentication schemes beside biometric error performance tuning also security issues need to be addressed. Finally, some design recommendations are given in order to ensure a minimum security level.

Approach to spatial information security based on digital certificate

NASA Astrophysics Data System (ADS)

Cong, Shengri; Zhang, Kai; Chen, Baowen

2005-11-01

With the development of the online applications of geographic information systems (GIS) and the spatial information services, the spatial information security becomes more important. This work introduced digital certificates and authorization schemes into GIS to protect the crucial spatial information combining the techniques of the role-based access control (RBAC), the public key infrastructure (PKI) and the privilege management infrastructure (PMI). We investigated the spatial information granularity suited for sensitivity marking and digital certificate model that fits the need of GIS security based on the semantics analysis of spatial information. It implements a secure, flexible, fine-grained data access based on public technologies in GIS in the world.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

A secured e-tendering modeling using misuse case approach

NASA Astrophysics Data System (ADS)

Mohd, Haslina; Robie, Muhammad Afdhal Muhammad; Baharom, Fauziah; Darus, Norida Muhd; Saip, Mohamed Ali; Yasin, Azman

2016-08-01

Major risk factors relating to electronic transactions may lead to destructive impacts on trust and transparency in the process of tendering. Currently, electronic tendering (e-tendering) systems still remain uncertain in issues relating to legal and security compliance and most importantly it has an unclear security framework. Particularly, the available systems are lacking in addressing integrity, confidentiality, authentication, and non-repudiation in e-tendering requirements. Thus, one of the challenges in developing an e-tendering system is to ensure the system requirements include the function for secured and trusted environment. Therefore, this paper aims to model a secured e-tendering system using misuse case approach. The modeling process begins with identifying the e-tendering process, which is based on the Australian Standard Code of Tendering (AS 4120-1994). It is followed by identifying security threats and their countermeasure. Then, the e-tendering was modelled using misuse case approach. The model can contribute to e-tendering developers and also to other researchers or experts in the e-tendering domain.

Land Ecological Security Evaluation of Underground Iron Mine Based on PSR Model

NASA Astrophysics Data System (ADS)

Xiao, Xiao; Chen, Yong; Ruan, Jinghua; Hong, Qiang; Gan, Yong

2018-01-01

Iron ore mine provides an important strategic resource to the national economy while it also causes many serious ecological problems to the environment. The study summed up the characteristics of ecological environment problems of underground iron mine. Considering the mining process of underground iron mine, we analysis connections between mining production, resource, environment and economical background. The paper proposed a land ecological security evaluation system and method of underground iron mine based on Pressure-State-Response model. Our application in Chengchao iron mine proves its efficiency and promising guide on land ecological security evaluation.

Information Technology Security Professionals' Knowledge and Use Intention Based on UTAUT Model

ERIC Educational Resources Information Center

Kassa, Woldeloul

2016-01-01

Information technology (IT) security threats and vulnerabilities have become a major concern for organizations in the United States. However, there has been little research on assessing the effect of IT security professionals' knowledge on the use of IT security controls. This study examined the unified theory of acceptance and use of technology…

Origins of Secure Base Script Knowledge and the Developmental Construction of Attachment Representations.

PubMed

Waters, Theodore E A; Ruiz, Sarah K; Roisman, Glenn I

2017-01-01

Increasing evidence suggests that attachment representations take at least two forms: a secure base script and an autobiographical narrative of childhood caregiving experiences. This study presents data from the first 26 years of the Minnesota Longitudinal Study of Risk and Adaptation (N = 169), examining the developmental origins of secure base script knowledge in a high-risk sample and testing alternative models of the developmental sequencing of the construction of attachment representations. Results demonstrated that secure base script knowledge was predicted by observations of maternal sensitivity across childhood and adolescence. Furthermore, findings suggest that the construction of a secure base script supports the development of a coherent autobiographical representation of childhood attachment experiences with primary caregivers by early adulthood. © 2016 The Authors. Child Development © 2016 Society for Research in Child Development, Inc.

A game-theoretical approach to multimedia social networks security.

PubMed

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

A Game-Theoretical Approach to Multimedia Social Networks Security

PubMed Central

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders. PMID:24977226

Secure Base Scripts are Associated with Maternal Parenting Behavior across Contexts and Reflective Functioning among Trauma-Exposed Mothers

PubMed Central

Huth-Bocks, Alissa C.; Muzik, Maria; Beeghly, Marjorie; Earls, Lauren; Stacks, Ann M.

2015-01-01

There is growing evidence that ‘secure-base scripts’ (Waters & Waters, 2006) are an important part of the cognitive underpinnings of internal working models of attachment. Recent research in middle class samples has shown that secure-base scripts are linked to maternal attachment-oriented behavior and child outcomes. However, little is known about the correlates of secure base scripts in higher-risk samples. Participants in the current study included 115 mothers who were oversampled for childhood maltreatment and their infants. Results revealed that a higher level of secure base scriptedness was significantly related to more positive and less negative maternal parenting in both unstructured free play and structured teaching contexts, and to higher reflective functioning scores on the Parent Development Interview-Revised Short Form (Slade, Aber, Berger, Bresgi, & Kaplan, 2003). Associations with parent-child secure base scripts, specifically, indicate some level of relationship-specificity in attachment scripts. Many, but not all, significant associations remained after controlling for family income and maternal age. Findings suggest that assessing secure base scripts among mothers known to be at risk for parenting difficulties may be important for interventions aimed at altering problematic parental representations and caregiving behavior. PMID:25319230

Secure open cloud in data transmission using reference pattern and identity with enhanced remote privacy checking

NASA Astrophysics Data System (ADS)

Vijay Singh, Ran; Agilandeeswari, L.

2017-11-01

To handle the large amount of client’s data in open cloud lots of security issues need to be address. Client’s privacy should not be known to other group members without data owner’s valid permission. Sometime clients are fended to have accessing with open cloud servers due to some restrictions. To overcome the security issues and these restrictions related to storing, data sharing in an inter domain network and privacy checking, we propose a model in this paper which is based on an identity based cryptography in data transmission and intermediate entity which have client’s reference with identity that will take control handling of data transmission in an open cloud environment and an extended remote privacy checking technique which will work at admin side. On behalf of data owner’s authority this proposed model will give best options to have secure cryptography in data transmission and remote privacy checking either as private or public or instructed. The hardness of Computational Diffie-Hellman assumption algorithm for key exchange makes this proposed model more secure than existing models which are being used for public cloud environment.

Distributed intrusion detection system based on grid security model

NASA Astrophysics Data System (ADS)

Su, Jie; Liu, Yahui

2008-03-01

Grid computing has developed rapidly with the development of network technology and it can solve the problem of large-scale complex computing by sharing large-scale computing resource. In grid environment, we can realize a distributed and load balance intrusion detection system. This paper first discusses the security mechanism in grid computing and the function of PKI/CA in the grid security system, then gives the application of grid computing character in the distributed intrusion detection system (IDS) based on Artificial Immune System. Finally, it gives a distributed intrusion detection system based on grid security system that can reduce the processing delay and assure the detection rates.

Using software security analysis to verify the secure socket layer (SSL) protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2004-01-01

nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

U.S. Patent Pending, Information Security Analysis Using Game Theory and Simulation, U.S. Patent Application No.: 14/097,840

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G

Vulnerability in security of an information system is quantitatively predicted. The information system may receive malicious actions against its security and may receive corrective actions for restoring the security. A game oriented agent based model is constructed in a simulator application. The game ABM model represents security activity in the information system. The game ABM model has two opposing participants including an attacker and a defender, probabilistic game rules and allowable game states. A specified number of simulations are run and a probabilistic number of the plurality of allowable game states are reached in each simulation run. The probability ofmore » reaching a specified game state is unknown prior to running each simulation. Data generated during the game states is collected to determine a probability of one or more aspects of security in the information system.« less

A Learning-Based Approach to Reactive Security

NASA Astrophysics Data System (ADS)

Barth, Adam; Rubinstein, Benjamin I. P.; Sundararajan, Mukund; Mitchell, John C.; Song, Dawn; Bartlett, Peter L.

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker's incentives and knowledge.

Entropy Measurement for Biometric Verification Systems.

PubMed

Lim, Meng-Hui; Yuen, Pong C

2016-05-01

Biometric verification systems are designed to accept multiple similar biometric measurements per user due to inherent intrauser variations in the biometric data. This is important to preserve reasonable acceptance rate of genuine queries and the overall feasibility of the recognition system. However, such acceptance of multiple similar measurements decreases the imposter's difficulty of obtaining a system-acceptable measurement, thus resulting in a degraded security level. This deteriorated security needs to be measurable to provide truthful security assurance to the users. Entropy is a standard measure of security. However, the entropy formula is applicable only when there is a single acceptable possibility. In this paper, we develop an entropy-measuring model for biometric systems that accepts multiple similar measurements per user. Based on the idea of guessing entropy, the proposed model quantifies biometric system security in terms of adversarial guessing effort for two practical attacks. Excellent agreement between analytic and experimental simulation-based measurement results on a synthetic and a benchmark face dataset justify the correctness of our model and thus the feasibility of the proposed entropy-measuring approach.

Using a Prediction Model to Manage Cyber Security Threats.

PubMed

Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

Using a Prediction Model to Manage Cyber Security Threats

PubMed Central

Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

Quantum random oracle model for quantum digital signature

NASA Astrophysics Data System (ADS)

Shang, Tao; Lei, Qi; Liu, Jianwei

2016-10-01

The goal of this work is to provide a general security analysis tool, namely, the quantum random oracle (QRO), for facilitating the security analysis of quantum cryptographic protocols, especially protocols based on quantum one-way function. QRO is used to model quantum one-way function and different queries to QRO are used to model quantum attacks. A typical application of quantum one-way function is the quantum digital signature, whose progress has been hampered by the slow pace of the experimental realization. Alternatively, we use the QRO model to analyze the provable security of a quantum digital signature scheme and elaborate the analysis procedure. The QRO model differs from the prior quantum-accessible random oracle in that it can output quantum states as public keys and give responses to different queries. This tool can be a test bed for the cryptanalysis of more quantum cryptographic protocols based on the quantum one-way function.

Being in Community: A Food Security Themed Approach to Public Scholarship

ERIC Educational Resources Information Center

Harrison, Barbara; Nelson, Connie; Stroink, Mirella

2013-01-01

For six years the Food Security Research Network at Lakehead University, Canada, has been engaged in an interdisciplinary theme-based service-learning initiative focusing on food security. Informed by complexity theory, the contextual fluidity partnership model brings community partners, students, and faculty into a nexus through which new…

Seluge++: A Secure Over-the-Air Programming Scheme in Wireless Sensor Networks

PubMed Central

Doroodgar, Farzan; Razzaque, Mohammad Abdur; Isnin, Ismail Fauzi

2014-01-01

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge. PMID:24618781

Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

PubMed

Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

2014-03-11

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

PubMed

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

PubMed Central

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

An access control model with high security for distributed workflow and real-time application

NASA Astrophysics Data System (ADS)

Han, Ruo-Fei; Wang, Hou-Xiang

2007-11-01

The traditional mandatory access control policy (MAC) is regarded as a policy with strict regulation and poor flexibility. The security policy of MAC is so compelling that few information systems would adopt it at the cost of facility, except some particular cases with high security requirement as military or government application. However, with the increasing requirement for flexibility, even some access control systems in military application have switched to role-based access control (RBAC) which is well known as flexible. Though RBAC can meet the demands for flexibility but it is weak in dynamic authorization and consequently can not fit well in the workflow management systems. The task-role-based access control (T-RBAC) is then introduced to solve the problem. It combines both the advantages of RBAC and task-based access control (TBAC) which uses task to manage permissions dynamically. To satisfy the requirement of system which is distributed, well defined with workflow process and critically for time accuracy, this paper will analyze the spirit of MAC, introduce it into the improved T&RBAC model which is based on T-RBAC. At last, a conceptual task-role-based access control model with high security for distributed workflow and real-time application (A_T&RBAC) is built, and its performance is simply analyzed.

Development of a Lithospheric Model and Geophysical Data Base for North Africa.

DTIC Science & Technology

1996-07-19

Department of Energy Office of Non-Proliferation and National Security MONITORED BY Phillips Laboratory CONTRACT No. F 19628-C-0104 The views and...Worldwide Standardized Seismograph Netowrk stations locatdd:.&t regional distances from magnitude greater than 5.•0 earthquakes occurring within N6rth... SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 19. SECURITY CLASSIFICATION 20. LIMITATION OF ABSTRACTOF REPORT OF THIS PAGE OF ABSTRACT

Statistical Models for Predicting Threat Detection From Human Behavior.

PubMed

Kelley, Timothy; Amon, Mary J; Bertenthal, Bennett I

2018-01-01

Users must regularly distinguish between secure and insecure cyber platforms in order to preserve their privacy and safety. Mouse tracking is an accessible, high-resolution measure that can be leveraged to understand the dynamics of perception, categorization, and decision-making in threat detection. Researchers have begun to utilize measures like mouse tracking in cyber security research, including in the study of risky online behavior. However, it remains an empirical question to what extent real-time information about user behavior is predictive of user outcomes and demonstrates added value compared to traditional self-report questionnaires. Participants navigated through six simulated websites, which resembled either secure "non-spoof" or insecure "spoof" versions of popular websites. Websites also varied in terms of authentication level (i.e., extended validation, standard validation, or partial encryption). Spoof websites had modified Uniform Resource Locator (URL) and authentication level. Participants chose to "login" to or "back" out of each website based on perceived website security. Mouse tracking information was recorded throughout the task, along with task performance. After completing the website identification task, participants completed a questionnaire assessing their security knowledge and degree of familiarity with the websites simulated during the experiment. Despite being primed to the possibility of website phishing attacks, participants generally showed a bias for logging in to websites versus backing out of potentially dangerous sites. Along these lines, participant ability to identify spoof websites was around the level of chance. Hierarchical Bayesian logistic models were used to compare the accuracy of two-factor (i.e., website security and encryption level), survey-based (i.e., security knowledge and website familiarity), and real-time measures (i.e., mouse tracking) in predicting risky online behavior during phishing attacks. Participant accuracy in identifying spoof and non-spoof websites was best captured using a model that included real-time indicators of decision-making behavior, as compared to two-factor and survey-based models. Findings validate three widely applicable measures of user behavior derived from mouse tracking recordings, which can be utilized in cyber security and user intervention research. Survey data alone are not as strong at predicting risky Internet behavior as models that incorporate real-time measures of user behavior, such as mouse tracking.

Information Systems Security Products and Services Catalogue.

DTIC Science & Technology

1992-01-01

pricing information on the Motorola Portable DES Receiver Station and Portable DES Base Station, contact Motorola. The PX-300- S ranges in cost from...C2 Paul Smith (612) 482-2776 Tom Latterner (301) 220-3400 Jeffrey S . Bell (215) 986-6864 John Haggard (312) 714-7604 4-2d.2 GENERAL-PURPOSE...primary software security mechanism of the SCOMP system is the security kernel, based on the Center-approved Bell -LaPadula model of the software portion

Modeling and Simulation of a Novel Relay Node Based Secure Routing Protocol Using Multiple Mobile Sink for Wireless Sensor Networks.

PubMed

Perumal, Madhumathy; Dhandapani, Sivakumar

2015-01-01

Data gathering and optimal path selection for wireless sensor networks (WSN) using existing protocols result in collision. Increase in collision further increases the possibility of packet drop. Thus there is a necessity to eliminate collision during data aggregation. Increasing the efficiency is the need of the hour with maximum security. This paper is an effort to come up with a reliable and energy efficient WSN routing and secure protocol with minimum delay. This technique is named as relay node based secure routing protocol for multiple mobile sink (RSRPMS). This protocol finds the rendezvous point for optimal transmission of data using a "splitting tree" technique in tree-shaped network topology and then to determine all the subsequent positions of a sink the "Biased Random Walk" model is used. In case of an event, the sink gathers the data from all sources, when they are in the sensing range of rendezvous point. Otherwise relay node is selected from its neighbor to transfer packets from rendezvous point to sink. A symmetric key cryptography is used for secure transmission. The proposed relay node based secure routing protocol for multiple mobile sink (RSRPMS) is experimented and simulation results are compared with Intelligent Agent-Based Routing (IAR) protocol to prove that there is increase in the network lifetime compared with other routing protocols.

Impact of Perceived Security on Organizational Adoption of Smartphones.

PubMed

Arpaci, Ibrahim; Yardimci Cetin, Yasemin; Turetken, Ozgur

2015-10-01

Organizational adoption of new technologies is a practically important research area. The present study aims to investigate the impact of perceived security on organizational adoption of mobile communication technologies, specifically smartphones. For this purpose, a research model is developed extending the Technology Acceptance Model (TAM). The research model is tested using a structural equation modeling based on data that were collected from senior managers of 201 private sector organizations in Turkey. The results show that, along with the traditional constructs of perceived ease of use and perceived usefulness, perceived security significantly affects organizations' adoption of smartphones. Both the theoretical and practical implications of these results are discussed.

Evaluating the risk of industrial espionage

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bott, T.F.

1998-12-31

A methodology for estimating the relative probabilities of different compromise paths for protected information by insider and visitor intelligence collectors has been developed based on an event-tree analysis of the intelligence collection operation. The analyst identifies target information and ultimate users who might attempt to gain that information. The analyst then uses an event tree to develop a set of compromise paths. Probability models are developed for each of the compromise paths that user parameters based on expert judgment or historical data on security violations. The resulting probability estimates indicate the relative likelihood of different compromise paths and provide anmore » input for security resource allocation. Application of the methodology is demonstrated using a national security example. A set of compromise paths and probability models specifically addressing this example espionage problem are developed. The probability models for hard-copy information compromise paths are quantified as an illustration of the results using parametric values representative of historical data available in secure facilities, supplemented where necessary by expert judgment.« less

A systematic approach for analysis and design of secure health information systems.

PubMed

Blobel, B; Roger-France, F

2001-06-01

A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

Trust recovery model of Ad Hoc network based on identity authentication scheme

NASA Astrophysics Data System (ADS)

Liu, Jie; Huan, Shuiyuan

2017-05-01

Mobile Ad Hoc network trust model is widely used to solve mobile Ad Hoc network security issues. Aiming at the problem of reducing the network availability caused by the processing of malicious nodes and selfish nodes in mobile Ad Hoc network routing based on trust model, an authentication mechanism based on identity authentication mobile Ad Hoc network is proposed, which uses identity authentication to identify malicious nodes, And trust the recovery of selfish nodes in order to achieve the purpose of reducing network congestion and improving network quality. The simulation results show that the implementation of the mechanism can effectively improve the network availability and security.

An object-based storage model for distributed remote sensing images

NASA Astrophysics Data System (ADS)

Yu, Zhanwu; Li, Zhongmin; Zheng, Sheng

2006-10-01

It is very difficult to design an integrated storage solution for distributed remote sensing images to offer high performance network storage services and secure data sharing across platforms using current network storage models such as direct attached storage, network attached storage and storage area network. Object-based storage, as new generation network storage technology emerged recently, separates the data path, the control path and the management path, which solves the bottleneck problem of metadata existed in traditional storage models, and has the characteristics of parallel data access, data sharing across platforms, intelligence of storage devices and security of data access. We use the object-based storage in the storage management of remote sensing images to construct an object-based storage model for distributed remote sensing images. In the storage model, remote sensing images are organized as remote sensing objects stored in the object-based storage devices. According to the storage model, we present the architecture of a distributed remote sensing images application system based on object-based storage, and give some test results about the write performance comparison of traditional network storage model and object-based storage model.

Towards an Enhancement of Organizational Information Security through Threat Factor Profiling (TFP) Model

NASA Astrophysics Data System (ADS)

Sidi, Fatimah; Daud, Maslina; Ahmad, Sabariah; Zainuddin, Naqliyah; Anneisa Abdullah, Syafiqa; Jabar, Marzanah A.; Suriani Affendey, Lilly; Ishak, Iskandar; Sharef, Nurfadhlina Mohd; Zolkepli, Maslina; Nur Majdina Nordin, Fatin; Amat Sejani, Hashimah; Ramadzan Hairani, Saiful

2017-09-01

Information security has been identified by organizations as part of internal operations that need to be well implemented and protected. This is because each day the organizations face a high probability of increase of threats to their networks and services that will lead to information security issues. Thus, effective information security management is required in order to protect their information assets. Threat profiling is a method that can be used by an organization to address the security challenges. Threat profiling allows analysts to understand and organize intelligent information related to threat groups. This paper presents a comparative analysis that was conducted to study the existing threat profiling models. It was found that existing threat models were constructed based on specific objectives, thus each model is limited to only certain components or factors such as assets, threat sources, countermeasures, threat agents, threat outcomes and threat actors. It is suggested that threat profiling can be improved by the combination of components found in each existing threat profiling model/framework. The proposed model can be used by an organization in executing a proactive approach to incident management.

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

Attachment based treatments for adolescents: the secure cycle as a framework for assessment, treatment and evaluation.

PubMed

Kobak, Roger; Zajac, Kristyn; Herres, Joanna; Krauthamer Ewing, E Stephanie

2015-01-01

The emergence of attachment-based treatments (ABTs) for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: (1) the child or adult's IWM of the caregiver; (2) emotionally attuned communication; and (3) the caregiver's IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main's contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components.

Agency Problems and Airport Security: Quantitative and Qualitative Evidence on the Impact of Security Training.

PubMed

de Gramatica, Martina; Massacci, Fabio; Shim, Woohyun; Turhan, Uğur; Williams, Julian

2017-02-01

We analyze the issue of agency costs in aviation security by combining results from a quantitative economic model with a qualitative study based on semi-structured interviews. Our model extends previous principal-agent models by combining the traditional fixed and varying monetary responses to physical and cognitive effort with nonmonetary welfare and potentially transferable value of employees' own human capital. To provide empirical evidence for the tradeoffs identified in the quantitative model, we have undertaken an extensive interview process with regulators, airport managers, security personnel, and those tasked with training security personnel from an airport operating in a relatively high-risk state, Turkey. Our results indicate that the effectiveness of additional training depends on the mix of "transferable skills" and "emotional" buy-in of the security agents. Principals need to identify on which side of a critical tipping point their agents are to ensure that additional training, with attached expectations of the burden of work, aligns the incentives of employees with the principals' own objectives. © 2016 Society for Risk Analysis.

Efficiently Multi-User Searchable Encryption Scheme with Attribute Revocation and Grant for Cloud Storage

PubMed Central

Wang, Shangping; Zhang, Xiaoxue; Zhang, Yaling

2016-01-01

Cipher-policy attribute-based encryption (CP-ABE) focus on the problem of access control, and keyword-based searchable encryption scheme focus on the problem of finding the files that the user interested in the cloud storage quickly. To design a searchable and attribute-based encryption scheme is a new challenge. In this paper, we propose an efficiently multi-user searchable attribute-based encryption scheme with attribute revocation and grant for cloud storage. In the new scheme the attribute revocation and grant processes of users are delegated to proxy server. Our scheme supports multi attribute are revoked and granted simultaneously. Moreover, the keyword searchable function is achieved in our proposed scheme. The security of our proposed scheme is reduced to the bilinear Diffie-Hellman (BDH) assumption. Furthermore, the scheme is proven to be secure under the security model of indistinguishability against selective ciphertext-policy and chosen plaintext attack (IND-sCP-CPA). And our scheme is also of semantic security under indistinguishability against chosen keyword attack (IND-CKA) in the random oracle model. PMID:27898703

Efficiently Multi-User Searchable Encryption Scheme with Attribute Revocation and Grant for Cloud Storage.

PubMed

Wang, Shangping; Zhang, Xiaoxue; Zhang, Yaling

2016-01-01

Cipher-policy attribute-based encryption (CP-ABE) focus on the problem of access control, and keyword-based searchable encryption scheme focus on the problem of finding the files that the user interested in the cloud storage quickly. To design a searchable and attribute-based encryption scheme is a new challenge. In this paper, we propose an efficiently multi-user searchable attribute-based encryption scheme with attribute revocation and grant for cloud storage. In the new scheme the attribute revocation and grant processes of users are delegated to proxy server. Our scheme supports multi attribute are revoked and granted simultaneously. Moreover, the keyword searchable function is achieved in our proposed scheme. The security of our proposed scheme is reduced to the bilinear Diffie-Hellman (BDH) assumption. Furthermore, the scheme is proven to be secure under the security model of indistinguishability against selective ciphertext-policy and chosen plaintext attack (IND-sCP-CPA). And our scheme is also of semantic security under indistinguishability against chosen keyword attack (IND-CKA) in the random oracle model.

A process model of the implications of spillover from coparenting conflicts into the parent–child attachment relationship in adolescence

PubMed Central

Martin, Meredith J.; Sturge-Apple, Melissa L.; Davies, Patrick T.; Romero, Christine V.; Buckholz, Abigail

2017-01-01

Drawing on a two-wave, multimethod, multi-informant design, this study provides the first test of a process model of spillover specifying why and how disruptions in the coparenting relationship influence the parent–adolescent attachment relationship. One hundred ninety-four families with an adolescent aged 12–14 (M age = 12.4) were followed for 1 year. Mothers and adolescents participated in two experimental tasks designed to elicit behavioral expressions of parent and adolescent functioning within the attachment relationship. Using a novel observational approach, maternal safe haven, secure base, and harshness (i.e., hostility and control) were compared as potential unique mediators of the association between conflict in the coparenting relationship and adolescent problems. Path models indicated that, although coparenting conflicts were broadly associated with maternal parenting difficulties, only secure base explained the link to adolescent adjustment. Adding further specificity to the process model, maternal secure base support was uniquely associated with adolescent adjustment through deficits in adolescents’ secure exploration. Results support the hypothesis that coparenting disagreements undermine adolescent adjustment in multiple domains specifically by disrupting mothers’ ability to provide a caregiving environment that supports adolescent exploration during a developmental period in which developing autonomy is a crucial stage-salient task. PMID:28401834

A Layered Decision Model for Cost-Effective System Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wei, Huaqiang; Alves-Foss, James; Soule, Terry

System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use inmore » deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.« less

Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

NASA Astrophysics Data System (ADS)

Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

2016-11-01

Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

Assessing Security of Supply: Three Methods Used in Finland

NASA Astrophysics Data System (ADS)

Sivonen, Hannu

Public Private Partnership (PPP) has an important role in securing supply in Finland. Three methods are used in assessing the level of security of supply. First, in national expert groups, a linear mathematical model has been used. The model is based on interdependency estimates. It ranks societal functions or its more detailed components, such as items in the food supply chain, according to the effect and risk pertinent to the interdependencies. Second, the security of supply is assessed in industrial branch committees (clusters and pools) in the form of indicators. The level of security of supply is assessed against five generic factors (dimension 1) and tens of business branch specific functions (dimension 2). Third, in two thousand individual critical companies, the maturity of operational continuity management is assessed using Capability Maturity Model (CMM) in an extranet application. The pool committees and authorities obtain an anonymous summary. The assessments are used in allocating efforts for securing supply. The efforts may be new instructions, training, exercising, and in some cases, investment and regulation.

Changes in Personality Disorder Traits Following 2 Years of Treatment in a Secure Therapeutic Community Milieu

ERIC Educational Resources Information Center

Morrissey, Catrin; Taylor, Jon

2014-01-01

Therapeutic community treatment models have not previously been applied to forensic patients with mild intellectual disabilities (IDs) with a comorbid diagnosis of personality disorder. Thirteen patients with mild IDs were allocated to a unit within a high secure psychiatric service operating a model of treatment based on the principles and…

Cryptography from noisy storage.

PubMed

Wehner, Stephanie; Schaffner, Christian; Terhal, Barbara M

2008-06-06

We show how to implement cryptographic primitives based on the realistic assumption that quantum storage of qubits is noisy. We thereby consider individual-storage attacks; i.e., the dishonest party attempts to store each incoming qubit separately. Our model is similar to the model of bounded-quantum storage; however, we consider an explicit noise model inspired by present-day technology. To illustrate the power of this new model, we show that a protocol for oblivious transfer is secure for any amount of quantum-storage noise, as long as honest players can perform perfect quantum operations. Our model also allows us to show the security of protocols that cope with noise in the operations of the honest players and achieve more advanced tasks such as secure identification.

The PEDA Model. An advocacy tool modeling the interrelationships between population, development, the environment and agriculture in Africa.

PubMed

1999-01-01

This article reports on the PEDA (population changes, environment, socioeconomic development and agriculture) model and its implication for policy-making in Africa. PEDA is an interactive computer simulation model (developed for a Windows environment) demonstrating the long-term impacts of alternative national policies on food security status of the population. The model is based on multistate demographic techniques, projecting at the same time 8 different subgroups (by age and sex) in the population, and based on 3 dichotomous individual characteristics: urban/rural place of residence; literacy status; and food security status. Through the manipulation of scenario variables, the model enables the user to project the proportion of the population that will be food secure and food insecure for a chosen point in time. This model developed by Dr. W. Lutz, Director of the International Institute for Applied Systems Analysis, will serve as an advocacy tool to help convince policy-makers and country experts in Africa of the negative synergy arising from the interconnections of population growth, environmental deterioration, and declining agricultural production.

Structural Acoustic Physics Based Modeling of Curved Composite Shells

DTIC Science & Technology

2017-09-19

Results show that the finite element computational models accurately match analytical calculations, and that the composite material studied in this...products. 15. SUBJECT TERMS Finite Element Analysis, Structural Acoustics, Fiber-Reinforced Composites, Physics-Based Modeling 16. SECURITY...2 4 FINITE ELEMENT MODEL DESCRIPTION

Reputation-Based Secure Sensor Localization in Wireless Sensor Networks

PubMed Central

He, Jingsha; Xu, Jing; Zhu, Xingye; Zhang, Yuqiang; Zhang, Ting; Fu, Wanqing

2014-01-01

Location information of sensor nodes in wireless sensor networks (WSNs) is very important, for it makes information that is collected and reported by the sensor nodes spatially meaningful for applications. Since most current sensor localization schemes rely on location information that is provided by beacon nodes for the regular sensor nodes to locate themselves, the accuracy of localization depends on the accuracy of location information from the beacon nodes. Therefore, the security and reliability of the beacon nodes become critical in the localization of regular sensor nodes. In this paper, we propose a reputation-based security scheme for sensor localization to improve the security and the accuracy of sensor localization in hostile or untrusted environments. In our proposed scheme, the reputation of each beacon node is evaluated based on a reputation evaluation model so that regular sensor nodes can get credible location information from highly reputable beacon nodes to accomplish localization. We also perform a set of simulation experiments to demonstrate the effectiveness of the proposed reputation-based security scheme. And our simulation results show that the proposed security scheme can enhance the security and, hence, improve the accuracy of sensor localization in hostile or untrusted environments. PMID:24982940

The secure authorization model for healthcare information system.

PubMed

Hsu, Wen-Shin; Pan, Jiann-I

2013-10-01

Exploring healthcare system for assisting medical services or transmitting patients' personal health information in web application has been widely investigated. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. In the healthcare system, not all users are allowed to access all the information. Several authorization models for restricting users to access specific information at specific permissions have been proposed. However, as the number of users and the amount of information grows, the difficulties for administrating user authorization will increase. The critical problem limits the widespread usage of the healthcare system. This paper proposes an approach for role-based and extends it to deal with the information for authorizations in the healthcare system. We propose the role-based authorization model which supports authorizations for different kinds of objects, and a new authorization domain. Based on this model, we discuss the issues and requirements of security in the healthcare systems. The security issues for services shared between different healthcare industries will also be discussed.

Atom-Role-Based Access Control Model

NASA Astrophysics Data System (ADS)

Cai, Weihong; Huang, Richeng; Hou, Xiaoli; Wei, Gang; Xiao, Shui; Chen, Yindong

Role-based access control (RBAC) model has been widely recognized as an efficient access control model and becomes a hot research topic of information security at present. However, in the large-scale enterprise application environments, the traditional RBAC model based on the role hierarchy has the following deficiencies: Firstly, it is unable to reflect the role relationships in complicated cases effectively, which does not accord with practical applications. Secondly, the senior role unconditionally inherits all permissions of the junior role, thus if a user is under the supervisor role, he may accumulate all permissions, and this easily causes the abuse of permission and violates the least privilege principle, which is one of the main security principles. To deal with these problems, we, after analyzing permission types and role relationships, proposed the concept of atom role and built an atom-role-based access control model, called ATRBAC, by dividing the permission set of each regular role based on inheritance path relationships. Through the application-specific analysis, this model can well meet the access control requirements.

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jason Wright

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrainedmore » computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.« less

Risk assessment of climate systems for national security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean

2012-10-01

Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network

PubMed Central

Rajagopalan, S. P.

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network. PMID:29040290

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

PubMed

Alagarsamy, Sumithra; Rajagopalan, S P

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network.

A transmission security framework for email-based telemedicine.

PubMed

Caffery, Liam J; Smith, Anthony C

2010-01-01

Encryption is used to convert an email message to an unreadable format thereby securing patient privacy during the transmission of the message across the Internet. Two available means of encryption are: public key infrastructure (PKI) used in conjunction with ordinary email and secure hypertext transfer protocol (HTTPS) used by secure web-mail applications. Both of these approaches have advantages and disadvantages in terms of viability, cost, usability and compliance. The aim of this study was develop an instrument to identify the most appropriate means of encrypting email communication for telemedicine. A multi-method approach was used to construct the instrument. Technical assessment and existing bodies of knowledge regarding the utility of PKI were analyzed, along with survey results from users of Queensland Health's Child and Youth Mental Health Service secure web-mail service. The resultant decision support model identified that the following conditions affect the choice of encryption technology: correspondent's risk perception, correspondent's identification to the security afforded by encryption, email-client used by correspondents, the tolerance to human error and the availability of technical resources. A decision support model is presented as a flow chart to identify the most appropriate encryption for a specific email-based telemedicine service.

A novel interacting multiple model based network intrusion detection scheme

NASA Astrophysics Data System (ADS)

Xin, Ruichi; Venkatasubramanian, Vijay; Leung, Henry

2006-04-01

In today's information age, information and network security are of primary importance to any organization. Network intrusion is a serious threat to security of computers and data networks. In internet protocol (IP) based network, intrusions originate in different kinds of packets/messages contained in the open system interconnection (OSI) layer 3 or higher layers. Network intrusion detection and prevention systems observe the layer 3 packets (or layer 4 to 7 messages) to screen for intrusions and security threats. Signature based methods use a pre-existing database that document intrusion patterns as perceived in the layer 3 to 7 protocol traffics and match the incoming traffic for potential intrusion attacks. Alternately, network traffic data can be modeled and any huge anomaly from the established traffic pattern can be detected as network intrusion. The latter method, also known as anomaly based detection is gaining popularity for its versatility in learning new patterns and discovering new attacks. It is apparent that for a reliable performance, an accurate model of the network data needs to be established. In this paper, we illustrate using collected data that network traffic is seldom stationary. We propose the use of multiple models to accurately represent the traffic data. The improvement in reliability of the proposed model is verified by measuring the detection and false alarm rates on several datasets.

Security Investment in Contagious Networks.

PubMed

Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

2018-01-16

Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

A Dynamic Intrusion Detection System Based on Multivariate Hotelling's T2 Statistics Approach for Network Environments

PubMed Central

Avalappampatty Sivasamy, Aneetha; Sundan, Bose

2015-01-01

The ever expanding communication requirements in today's world demand extensive and efficient network systems with equally efficient and reliable security features integrated for safe, confident, and secured communication and data transfer. Providing effective security protocols for any network environment, therefore, assumes paramount importance. Attempts are made continuously for designing more efficient and dynamic network intrusion detection models. In this work, an approach based on Hotelling's T2 method, a multivariate statistical analysis technique, has been employed for intrusion detection, especially in network environments. Components such as preprocessing, multivariate statistical analysis, and attack detection have been incorporated in developing the multivariate Hotelling's T2 statistical model and necessary profiles have been generated based on the T-square distance metrics. With a threshold range obtained using the central limit theorem, observed traffic profiles have been classified either as normal or attack types. Performance of the model, as evaluated through validation and testing using KDD Cup'99 dataset, has shown very high detection rates for all classes with low false alarm rates. Accuracy of the model presented in this work, in comparison with the existing models, has been found to be much better. PMID:26357668

A Dynamic Intrusion Detection System Based on Multivariate Hotelling's T2 Statistics Approach for Network Environments.

PubMed

Sivasamy, Aneetha Avalappampatty; Sundan, Bose

2015-01-01

The ever expanding communication requirements in today's world demand extensive and efficient network systems with equally efficient and reliable security features integrated for safe, confident, and secured communication and data transfer. Providing effective security protocols for any network environment, therefore, assumes paramount importance. Attempts are made continuously for designing more efficient and dynamic network intrusion detection models. In this work, an approach based on Hotelling's T(2) method, a multivariate statistical analysis technique, has been employed for intrusion detection, especially in network environments. Components such as preprocessing, multivariate statistical analysis, and attack detection have been incorporated in developing the multivariate Hotelling's T(2) statistical model and necessary profiles have been generated based on the T-square distance metrics. With a threshold range obtained using the central limit theorem, observed traffic profiles have been classified either as normal or attack types. Performance of the model, as evaluated through validation and testing using KDD Cup'99 dataset, has shown very high detection rates for all classes with low false alarm rates. Accuracy of the model presented in this work, in comparison with the existing models, has been found to be much better.

An analysis of security price risk and return among publicly traded pharmacy corporations.

PubMed

Gilligan, Adrienne M; Skrepnek, Grant H

2013-01-01

Community pharmacies have been subject to intense and increasing competition in the past several decades. To determine the security price risk and rate of return of publicly traded pharmacy corporations present on the major U.S. stock exchanges from 1930 to 2009. The Center of Research in Security Prices (CRSP) database was used to examine monthly security-level stock market prices in this observational retrospective study. The primary outcome of interest was the equity risk premium, with analyses focusing upon financial metrics associated with risk and return based upon modern portfolio theory (MPT) including: abnormal returns (i.e., alpha), volatility (i.e., beta), and percentage of returns explained (i.e., adjusted R(2)). Three equilibrium models were estimated using random-effects generalized least squares (GLS): 1) the Capital Asset Pricing Model (CAPM); 2) Fama-French Three-Factor Model; and 3) Carhart Four-Factor Model. Seventy-five companies were examined from 1930 to 2009, with overall adjusted R(2) values ranging from 0.13 with the CAPM to 0.16 with the Four-Factor model. Alpha was not significant within any of the equilibrium models across the entire 80-year time period, though was found from 1999 to 2009 in the Three- and Four-Factor models to be associated with a large, significant, and negative risk-adjusted abnormal returns of -33.84%. Volatility varied across specific time periods based upon the financial model employed. This investigation of risk and return within publicly listed pharmacy corporations from 1930 to 2009 found that substantial losses were incurred particularly from 1999 to 2009, with risk-adjusted security valuations decreasing by one-third. Copyright © 2013 Elsevier Inc. All rights reserved.

A Flexible Component based Access Control Architecture for OPeNDAP Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

2010-05-01

Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC. These components filter requests to the service they protect and apply the required authentication and authorisation schemes. Filters have been developed for OpenID and SSL client based authentication. The latter enabling access with MyProxy issued credentials. By preserving a clear separation between the security and application functionality, multiple authentication technologies may be supported without the need for modification to the underlying OPeNDAP application. The software has been developed in the Python programming language securing the Python based OPeNDAP implementation, PyDAP. This utilises the Python WSGI (Web Server Gateway Interface) specification to create distinct security filter components. Work is also currently underway to develop a parallel Java based filter implementation to secure the THREDDS Data Server. Whilst the ability to apply this flexible approach to the server side security layer is important, the development of compatible client software is vital to the take up of these services across a wide user base. To date PyDAP and wget based clients have been tested and work is planned to integrate the required security interface into the netCDF API. This forms part of ongoing collaboration with the OPeNDAP user and development community to ensure interoperability.

Statistical Models for Predicting Threat Detection From Human Behavior

PubMed Central

Kelley, Timothy; Amon, Mary J.; Bertenthal, Bennett I.

2018-01-01

Users must regularly distinguish between secure and insecure cyber platforms in order to preserve their privacy and safety. Mouse tracking is an accessible, high-resolution measure that can be leveraged to understand the dynamics of perception, categorization, and decision-making in threat detection. Researchers have begun to utilize measures like mouse tracking in cyber security research, including in the study of risky online behavior. However, it remains an empirical question to what extent real-time information about user behavior is predictive of user outcomes and demonstrates added value compared to traditional self-report questionnaires. Participants navigated through six simulated websites, which resembled either secure “non-spoof” or insecure “spoof” versions of popular websites. Websites also varied in terms of authentication level (i.e., extended validation, standard validation, or partial encryption). Spoof websites had modified Uniform Resource Locator (URL) and authentication level. Participants chose to “login” to or “back” out of each website based on perceived website security. Mouse tracking information was recorded throughout the task, along with task performance. After completing the website identification task, participants completed a questionnaire assessing their security knowledge and degree of familiarity with the websites simulated during the experiment. Despite being primed to the possibility of website phishing attacks, participants generally showed a bias for logging in to websites versus backing out of potentially dangerous sites. Along these lines, participant ability to identify spoof websites was around the level of chance. Hierarchical Bayesian logistic models were used to compare the accuracy of two-factor (i.e., website security and encryption level), survey-based (i.e., security knowledge and website familiarity), and real-time measures (i.e., mouse tracking) in predicting risky online behavior during phishing attacks. Participant accuracy in identifying spoof and non-spoof websites was best captured using a model that included real-time indicators of decision-making behavior, as compared to two-factor and survey-based models. Findings validate three widely applicable measures of user behavior derived from mouse tracking recordings, which can be utilized in cyber security and user intervention research. Survey data alone are not as strong at predicting risky Internet behavior as models that incorporate real-time measures of user behavior, such as mouse tracking. PMID:29713296

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

PubMed

Bernik, Igor; Prislan, Kaja

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

NASA Astrophysics Data System (ADS)

Balamurugan, A. M.; Sivasubramanian, A.

2014-06-01

The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

A Security Audit Framework to Manage Information System Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

Integrated secure solution for electronic healthcare records sharing

NASA Astrophysics Data System (ADS)

Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

2007-03-01

The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

[Tourism ecological security early warning of Zhangjiajie, China based on the improved TOPSIS method and the grey GM (1,1)model].

PubMed

Xu, Mei; Liu, Chun la; Li, Dan; Zhong, Xiao Lin

2017-11-01

Tourism ecological security early warning is of great significance both to the coordination of ecological environment protection and tourism industry rapid development in tourism destination, and the sustainable and healthy development of regional social and economy. Firstly, based on the DPSIR model, the tourism ecological security early warning index system of Zhangjiajie was constructed from 5 aspects, which were driving force, pressure, state, impact and response. Then, by using the improved TOPSIS method, the tourism ecological security situation of Zhangjiajie from 2001 to 2014 was analyzed. Lastly, by using the grey GM (1,1) model, the tourism ecological security evolution trend of 2015-2020 was predicted. The results indicated that, on the whole, the close degree of Zhangjiajie's tourism ecological security showed a slightly upward trend during 2001-2014, the warning degree was the moderate warning. In terms of each subsystem, warning degree of the driving force system and the pressure system of Zhangjiajie's tourism ecological secu-rity were on the rise, which evolved from light warning to heavy warning; warning degree of the state system and the impact system had not changed so much, and had been in the moderate warning; warning degree of the response system was on the decline, which changed from huge warning to no warning during 2001-2014. According to the current development trend, the close degree of Zhangjiajie's tourism ecological security would rise further in 2015-2020, and the warning degree would turn from moderate warning into light warning, but the task of coordinating the relationship between tourism development and ecological construction and environmental protection would be still arduous.

Optimization of airport security lanes

NASA Astrophysics Data System (ADS)

Chen, Lin

2018-05-01

Current airport security management system is widely implemented all around the world to ensure the safety of passengers, but it might not be an optimum one. This paper aims to seek a better security system, which can maximize security while minimize inconvenience to passengers. Firstly, we apply Petri net model to analyze the steps where the main bottlenecks lie. Based on average tokens and time transition, the most time-consuming steps of security process can be found, including inspection of passengers' identification and documents, preparing belongings to be scanned and the process for retrieving belongings back. Then, we develop a queuing model to figure out factors affecting those time-consuming steps. As for future improvement, the effective measures which can be taken include transferring current system as single-queuing and multi-served, intelligently predicting the number of security checkpoints supposed to be opened, building up green biological convenient lanes. Furthermore, to test the theoretical results, we apply some data to stimulate the model. And the stimulation results are consistent with what we have got through modeling. Finally, we apply our queuing model to a multi-cultural background. The result suggests that by quantifying and modifying the variance in wait time, the model can be applied to individuals with various habits customs and habits. Generally speaking, our paper considers multiple affecting factors, employs several models and does plenty of calculations, which is practical and reliable for handling in reality. In addition, with more precise data available, we can further test and improve our models.

Foundations for Security Aware Software Development Education

DTIC Science & Technology

2005-11-22

depending on the budget, that support robustness. We discuss the educational customer base, projected lifetime, and complexity of paradigm shift that should...in Honour of Sir Tony Hoar, [6] Cheetham, C. and Ferraiolo, K., "The Systems Security Millenial Perspectives in Computer Science, Engineering...Capability Maturity Model", 21st 2002, 229-246. National Information Systems Security Conference, [15] Schwartz, J., "Object Oriented Extensions to October 5

An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

NASA Astrophysics Data System (ADS)

Li, X. S.; Peng, Z. Y.; Li, T. T.

2016-08-01

This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

PubMed

Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-06-23

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

New parsimonious simulation methods and tools to assess future food and environmental security of farm populations

PubMed Central

Antle, John M.; Stoorvogel, Jetse J.; Valdivia, Roberto O.

2014-01-01

This article presents conceptual and empirical foundations for new parsimonious simulation models that are being used to assess future food and environmental security of farm populations. The conceptual framework integrates key features of the biophysical and economic processes on which the farming systems are based. The approach represents a methodological advance by coupling important behavioural processes, for example, self-selection in adaptive responses to technological and environmental change, with aggregate processes, such as changes in market supply and demand conditions or environmental conditions as climate. Suitable biophysical and economic data are a critical limiting factor in modelling these complex systems, particularly for the characterization of out-of-sample counterfactuals in ex ante analyses. Parsimonious, population-based simulation methods are described that exploit available observational, experimental, modelled and expert data. The analysis makes use of a new scenario design concept called representative agricultural pathways. A case study illustrates how these methods can be used to assess food and environmental security. The concluding section addresses generalizations of parametric forms and linkages of regional models to global models. PMID:24535388

New parsimonious simulation methods and tools to assess future food and environmental security of farm populations.

PubMed

Antle, John M; Stoorvogel, Jetse J; Valdivia, Roberto O

2014-04-05

This article presents conceptual and empirical foundations for new parsimonious simulation models that are being used to assess future food and environmental security of farm populations. The conceptual framework integrates key features of the biophysical and economic processes on which the farming systems are based. The approach represents a methodological advance by coupling important behavioural processes, for example, self-selection in adaptive responses to technological and environmental change, with aggregate processes, such as changes in market supply and demand conditions or environmental conditions as climate. Suitable biophysical and economic data are a critical limiting factor in modelling these complex systems, particularly for the characterization of out-of-sample counterfactuals in ex ante analyses. Parsimonious, population-based simulation methods are described that exploit available observational, experimental, modelled and expert data. The analysis makes use of a new scenario design concept called representative agricultural pathways. A case study illustrates how these methods can be used to assess food and environmental security. The concluding section addresses generalizations of parametric forms and linkages of regional models to global models.

Trust Model to Enhance Security and Interoperability of Cloud Environment

NASA Astrophysics Data System (ADS)

Li, Wenjuan; Ping, Lingdi

Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

[An emergy-ecological footprint model based evaluation of ecological security at the old industrial area in Northeast China: A case study of Liaoning Province.

PubMed

Yang, Qing; Lu, Cheng Peng; Zhou, Feng; Geng, Yong; Jing, Hong Shuang; Ren, Wan Xia; Xue, Bing

2016-05-01

Based on the integrated model of emergy-ecological footprint approaches, the ecological security of Liaoning Province, a typical case for the old industrial area, was quantitatively evaluated from 2003 to 2012, followed by a scenario analysis on the development trend of the ecological secu-rity by employing the gray kinetic model. The results showed that, from 2003 to 2012, the value of emergy ecological-capacity per capita in Liaoning Province decreased from 3.13 hm 2 to 3.07 hm 2 , while the emergy-ecological footprint increased from 13.88 hm 2 to 21.96 hm 2 , which indicated that the ecological deficit existed in Liaoning Province and the situation was getting worse. The ecological pressure index increased from 4.43 to 7.16 during the studied period, and the alert level of ecological security changed from light to middle level. According to the development trend, the emergy ecological capacity per capita during 2013-2022 would correspondingly decrease from 3.04 hm 2 to 2.98 hm 2 , while the emergy ecological footprint would increase from 22.72 hm 2 to 35.87 hm 2 , the ecological pressure index would increase from 7.46 to 12.04, and the ecological deficit would keep increasing and the ecological security level would slide into slightly unsafe condition. The alert level of ecological security would turn to be middle or serious, suggesting the problems in ecological safety needed to be solved urgently.

Information Technology Security Training Requirements: A Role- and Performance-Based Model

DTIC Science & Technology

1998-04-01

Journal, Vol.9, no. 2, pp. 18-20, 1995. Kearsley, Greg. Andragogy (M. Knowles), Washington, DC: George Washington University, 1996. Knowles, M.S...The Modern Practice of Adult Education: Andragogy vs. Pedagogy, New York: Association Press, 1970. Information Technology Security Training

A quantitative risk-based model for reasoning over critical system properties

NASA Technical Reports Server (NTRS)

Feather, M. S.

2002-01-01

This position paper suggests the use of a quantitative risk-based model to help support reeasoning and decision making that spans many of the critical properties such as security, safety, survivability, fault tolerance, and real-time.

Attachment Based Treatments for Adolescents: The Secure Cycle as a Framework for Assessment, Treatment and Evaluation

PubMed Central

Kobak, Roger; Zajac, Kristyn; Herres, Joanna; KrauthamerEwing, E. Stephanie

2016-01-01

The emergence of ABTs for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: 1) the child or adult’s IWM of the caregiver; 2) emotionally attuned communication; and 3) the caregiver’s IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main’s contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components. PMID:25744572

An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles

NASA Astrophysics Data System (ADS)

Moriyama, Daisuke; Okamoto, Tatsuaki

This paper presents a (PKI-based) two-pass authenticated key exchange (AKE) protocol that is secure in the extended Canetti-Krawczyk (eCK) security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and relies on no implementation techniques such as a trick by LaMacchia, Lauter and Mityagin (so-called the NAXOS trick). Since an AKE protocol that is eCK-secure under a NAXOS-like implementation trick will be no more eCK-secure if some realistic information leakage occurs through side-channel attacks, it has been an important open problem how to realize an eCK-secure AKE protocol without using the NAXOS tricks (and without random oracles).

Model Based User's Access Requirement Analysis of E-Governance Systems

NASA Astrophysics Data System (ADS)

Saha, Shilpi; Jeon, Seung-Hwan; Robles, Rosslin John; Kim, Tai-Hoon; Bandyopadhyay, Samir Kumar

The strategic and contemporary importance of e-governance has been recognized across the world. In India too, various ministries of Govt. of India and State Governments have taken e-governance initiatives to provide e-services to citizens and the business they serve. To achieve the mission objectives, and make such e-governance initiatives successful it would be necessary to improve the trust and confidence of the stakeholders. It is assumed that the delivery of government services will share the same public network information that is being used in the community at large. In particular, the Internet will be the principal means by which public access to government and government services will be achieved. To provide the security measures main aim is to identify user's access requirement for the stakeholders and then according to the models of Nath's approach. Based on this analysis, the Govt. can also make standards of security based on the e-governance models. Thus there will be less human errors and bias. This analysis leads to the security architecture of the specific G2C application.

Communication security in open health care networks.

PubMed

Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

1999-01-01

Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

Trusted computing strengthens cloud authentication.

PubMed

Ghazizadeh, Eghbal; Zamani, Mazdak; Ab Manan, Jamalul-lail; Alizadeh, Mojtaba

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.

Trusted Computing Strengthens Cloud Authentication

PubMed Central

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model. PMID:24701149

Study on Cloud Security Based on Trust Spanning Tree Protocol

NASA Astrophysics Data System (ADS)

Lai, Yingxu; Liu, Zenghui; Pan, Qiuyue; Liu, Jing

2015-09-01

Attacks executed on Spanning Tree Protocol (STP) expose the weakness of link layer protocols and put the higher layers in jeopardy. Although the problems have been studied for many years and various solutions have been proposed, many security issues remain. To enhance the security and credibility of layer-2 network, we propose a trust-based spanning tree protocol aiming at achieving a higher credibility of LAN switch with a simple and lightweight authentication mechanism. If correctly implemented in each trusted switch, the authentication of trust-based STP can guarantee the credibility of topology information that is announced to other switch in the LAN. To verify the enforcement of the trusted protocol, we present a new trust evaluation method of the STP using a specification-based state model. We implement a prototype of trust-based STP to investigate its practicality. Experiment shows that the trusted protocol can achieve security goals and effectively avoid STP attacks with a lower computation overhead and good convergence performance.

Diversified models for portfolio selection based on uncertain semivariance

NASA Astrophysics Data System (ADS)

Chen, Lin; Peng, Jin; Zhang, Bo; Rosyida, Isnaini

2017-02-01

Since the financial markets are complex, sometimes the future security returns are represented mainly based on experts' estimations due to lack of historical data. This paper proposes a semivariance method for diversified portfolio selection, in which the security returns are given subjective to experts' estimations and depicted as uncertain variables. In the paper, three properties of the semivariance of uncertain variables are verified. Based on the concept of semivariance of uncertain variables, two types of mean-semivariance diversified models for uncertain portfolio selection are proposed. Since the models are complex, a hybrid intelligent algorithm which is based on 99-method and genetic algorithm is designed to solve the models. In this hybrid intelligent algorithm, 99-method is applied to compute the expected value and semivariance of uncertain variables, and genetic algorithm is employed to seek the best allocation plan for portfolio selection. At last, several numerical examples are presented to illustrate the modelling idea and the effectiveness of the algorithm.

Spatiotemporal access model based on reputation for the sensing layer of the IoT.

PubMed

Guo, Yunchuan; Yin, Lihua; Li, Chao; Qian, Junyan

2014-01-01

Access control is a key technology in providing security in the Internet of Things (IoT). The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC). STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM) and the election-based update mechanism (EUM). We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model.

Applying an MVC Framework for The System Development Life Cycle with Waterfall Model Extended

NASA Astrophysics Data System (ADS)

Hardyanto, W.; Purwinarko, A.; Sujito, F.; Masturi; Alighiri, D.

2017-04-01

This paper describes the extension of the waterfall model using MVC architectural pattern for software development. The waterfall model is the based model of the most widely used in software development, yet there are still many problems in it. The general issue usually happens on data changes that cause the delays on the process itself. On the other hand, the security factor on the software as well as one of the major problems. This study uses PHP programming language for implementation. Although this model can be implemented in several programming languages with the same concept. This study is based on MVC architecture so that it can improve the performance of both software development and maintenance, especially concerning security, validation, database access, and routing.

Improving organisational resilience through enterprise security risk management.

PubMed

Petruzzi, John; Loyear, Rachelle

Enterprise Security Risk Management (ESRM) is a new philosophy and method of managing security programmes through the use of traditional risk principles. As a philosophy and life cycle, ESRM is focused on creating a business partnership between security practitioners and business leaders to more effectively provide protection against security risks in line with acceptable risk tolerances as defined by business asset owners and stakeholders. This paper explores the basics of the ESRM philosophy and life cycle and also shows how embracing the ESRM philosophy and implementing a risk-based security management model in the business organisation can lead to higher levels of organisational resilience as desired by organisation leaders, executives and the board of directors.

Construction of monitoring model and algorithm design on passenger security during shipping based on improved Bayesian network.

PubMed

Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

2014-01-01

A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping.

Construction of Monitoring Model and Algorithm Design on Passenger Security during Shipping Based on Improved Bayesian Network

PubMed Central

Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

2014-01-01

A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping. PMID:25254227

Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

PubMed

Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

2013-06-01

Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

Server-Controlled Identity-Based Authenticated Key Exchange

NASA Astrophysics Data System (ADS)

Guo, Hua; Mu, Yi; Zhang, Xiyong; Li, Zhoujun

We present a threshold identity-based authenticated key exchange protocol that can be applied to an authenticated server-controlled gateway-user key exchange. The objective is to allow a user and a gateway to establish a shared session key with the permission of the back-end servers, while the back-end servers cannot obtain any information about the established session key. Our protocol has potential applications in strong access control of confidential resources. In particular, our protocol possesses the semantic security and demonstrates several highly-desirable security properties such as key privacy and transparency. We prove the security of the protocol based on the Bilinear Diffie-Hellman assumption in the random oracle model.

Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jim Alves-Foss

2011-08-01

Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL providesmore » a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.« less

A security and privacy preserving e-prescription system based on smart cards.

PubMed

Hsu, Chien-Lung; Lu, Chung-Fu

2012-12-01

In 2002, Ateniese and Medeiros proposed an e-prescription system, in which the patient can store e-prescription and related information using smart card. Latter, Yang et al. proposed a novel smart-card based e-prescription system based on Ateniese and Medeiros's system in 2004. Yang et al. considered the privacy issues of prescription data and adopted the concept of a group signature to provide patient's privacy protection. To make the e-prescription system more realistic, they further applied a proxy signature to allow a patient to delegate his signing capability to other people. This paper proposed a novel security and privacy preserving e-prescription system model based on smart cards. A new role, chemist, is included in the system model for settling the medicine dispute. We further presented a concrete identity-based (ID-based) group signature scheme and an ID-based proxy signature scheme to realize the proposed model. Main property of an ID-based system is that public key is simple user's identity and can be verified without extra public key certificates. Our ID-based group signature scheme can allow doctors to sign e-prescription anonymously. In a case of a medical dispute, identities of the doctors can be identified. The proposed ID-based proxy signature scheme can improve signing delegation and allows a delegation chain. The proposed e-prescription system based on our proposed two cryptographic schemes is more practical and efficient than Yang et al.'s system in terms of security, communication overheads, computational costs, practical considerations.

OpenID connect as a security service in Cloud-based diagnostic imaging systems

NASA Astrophysics Data System (ADS)

Ma, Weina; Sartipi, Kamran; Sharghi, Hassan; Koff, David; Bak, Peter

2015-03-01

The evolution of cloud computing is driving the next generation of diagnostic imaging (DI) systems. Cloud-based DI systems are able to deliver better services to patients without constraining to their own physical facilities. However, privacy and security concerns have been consistently regarded as the major obstacle for adoption of cloud computing by healthcare domains. Furthermore, traditional computing models and interfaces employed by DI systems are not ready for accessing diagnostic images through mobile devices. RESTful is an ideal technology for provisioning both mobile services and cloud computing. OpenID Connect, combining OpenID and OAuth together, is an emerging REST-based federated identity solution. It is one of the most perspective open standards to potentially become the de-facto standard for securing cloud computing and mobile applications, which has ever been regarded as "Kerberos of Cloud". We introduce OpenID Connect as an identity and authentication service in cloud-based DI systems and propose enhancements that allow for incorporating this technology within distributed enterprise environment. The objective of this study is to offer solutions for secure radiology image sharing among DI-r (Diagnostic Imaging Repository) and heterogeneous PACS (Picture Archiving and Communication Systems) as well as mobile clients in the cloud ecosystem. Through using OpenID Connect as an open-source identity and authentication service, deploying DI-r and PACS to private or community clouds should obtain equivalent security level to traditional computing model.

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duren, Mike; Aldridge, Hal; Abercrombie, Robert K

2013-01-01

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution andmore » management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.« less

The impact of the 2008 financial crisis on food security and food expenditures in Mexico: a disproportionate effect on the vulnerable.

PubMed

Vilar-Compte, Mireya; Sandoval-Olascoaga, Sebastian; Bernal-Stuart, Ana; Shimoga, Sandhya; Vargas-Bustamante, Arturo

2015-11-01

The present paper investigated the impact of the 2008 financial crisis on food security in Mexico and how it disproportionally affected vulnerable households. A generalized ordered logistic regression was estimated to assess the impact of the crisis on households' food security status. An ordinary least squares and a quantile regression were estimated to evaluate the effect of the financial crisis on a continuous proxy measure of food security defined as the share of a household's current income devoted to food expenditures. Setting Both analyses were performed using pooled cross-sectional data from the Mexican National Household Income and Expenditure Survey 2008 and 2010. The analytical sample included 29,468 households in 2008 and 27,654 in 2010. The generalized ordered logistic model showed that the financial crisis significantly (P<0·05) decreased the probability of being food secure, mildly or moderately food insecure, compared with being severely food insecure (OR=0·74). A similar but smaller effect was found when comparing severely and moderately food-insecure households with mildly food-insecure and food-secure households (OR=0·81). The ordinary least squares model showed that the crisis significantly (P<0·05) increased the share of total income spent on food (β coefficient of 0·02). The quantile regression confirmed the findings suggested by the generalized ordered logistic model, showing that the effects of the crisis were more profound among poorer households. The results suggest that households that were more vulnerable before the financial crisis saw a worsened effect in terms of food insecurity with the crisis. Findings were consistent with both measures of food security--one based on self-reported experience and the other based on food spending.

Modelling the fear of crime

PubMed Central

Bishop, Steven

2017-01-01

How secure people feel in a particular region is obviously linked to the actual crime suffered in that region but the exact relationship between crime and its fear is quite subtle. Two regions may have the same crime rate but their local perception of security may differ. Equally, two places may have the same perception of security even though one may have a significantly lower crime rate. Furthermore, a negative perception might persist for many years, even when crime rates drop. Here, we develop a model for the dynamics of the perception of security of a region based on the distribution of crime suffered by the population using concepts similar to those used for opinion dynamics. Simulations under a variety of conditions illustrate different scenarios and help us determine the impact of suffering more, or less, crime. The inhomogeneous concentration of crime together with a memory loss process is incorporated into the model for the perception of security, and results explain why people are often more fearful than actually victimized; why a region is perceived as being insecure despite a low crime rate; and why a decrease in the crime rate might not significantly improve the perception of security. PMID:28804260

A GIS-based decision support system for regional eco-security assessment and its application on the Tibetan Plateau.

PubMed

Xiaodan, Wang; Xianghao, Zhong; Pan, Gao

2010-10-01

Regional eco-security assessment is an intricate, challenging task. In previous studies, the integration of eco-environmental models and geographical information systems (GIS) usually takes two approaches: loose coupling and tight coupling. However, the present study used a full coupling approach to develop a GIS-based regional eco-security assessment decision support system (ESDSS). This was achieved by merging the pressure-state-response (PSR) model and the analytic hierarchy process (AHP) into ArcGIS 9 as a dynamic link library (DLL) using ArcObjects in ArcGIS and Visual Basic for Applications. Such an approach makes it easy to capitalize on the GIS visualization and spatial analysis functions, thereby significantly supporting the dynamic estimation of regional eco-security. A case study is presented for the Tibetan Plateau, known as the world's "third pole" after the Arctic and Antarctic. Results verified the usefulness and feasibility of the developed method. As a useful tool, the ESDSS can also help local managers to make scientifically-based and effective decisions about Tibetan eco-environmental protection and land use. Copyright (c) 2010 Elsevier Ltd. All rights reserved.

Ensuring the Reliable Operation of the Power Grid: State-Based and Distributed Approaches to Scheduling Energy and Contingency Reserves

NASA Astrophysics Data System (ADS)

Prada, Jose Fernando

Keeping a contingency reserve in power systems is necessary to preserve the security of real-time operations. This work studies two different approaches to the optimal allocation of energy and reserves in the day-ahead generation scheduling process. Part I presents a stochastic security-constrained unit commitment model to co-optimize energy and the locational reserves required to respond to a set of uncertain generation contingencies, using a novel state-based formulation. The model is applied in an offer-based electricity market to allocate contingency reserves throughout the power grid, in order to comply with the N-1 security criterion under transmission congestion. The objective is to minimize expected dispatch and reserve costs, together with post contingency corrective redispatch costs, modeling the probability of generation failure and associated post contingency states. The characteristics of the scheduling problem are exploited to formulate a computationally efficient method, consistent with established operational practices. We simulated the distribution of locational contingency reserves on the IEEE RTS96 system and compared the results with the conventional deterministic method. We found that assigning locational spinning reserves can guarantee an N-1 secure dispatch accounting for transmission congestion at a reasonable extra cost. The simulations also showed little value of allocating downward reserves but sizable operating savings from co-optimizing locational nonspinning reserves. Overall, the results indicate the computational tractability of the proposed method. Part II presents a distributed generation scheduling model to optimally allocate energy and spinning reserves among competing generators in a day-ahead market. The model is based on the coordination between individual generators and a market entity. The proposed method uses forecasting, augmented pricing and locational signals to induce efficient commitment of generators based on firm posted prices. It is price-based but does not rely on multiple iterations, minimizes information exchange and simplifies the market clearing process. Simulations of the distributed method performed on a six-bus test system showed that, using an appropriate set of prices, it is possible to emulate the results of a conventional centralized solution, without need of providing make-whole payments to generators. Likewise, they showed that the distributed method can accommodate transactions with different products and complex security constraints.

A protect solution for data security in mobile cloud storage

NASA Astrophysics Data System (ADS)

Yu, Xiaojun; Wen, Qiaoyan

2013-03-01

It is popular to access the cloud storage by mobile devices. However, this application suffer data security risk, especial the data leakage and privacy violate problem. This risk exists not only in cloud storage system, but also in mobile client platform. To reduce the security risk, this paper proposed a new security solution. It makes full use of the searchable encryption and trusted computing technology. Given the performance limit of the mobile devices, it proposes the trusted proxy based protection architecture. The design basic idea, deploy model and key flows are detailed. The analysis from the security and performance shows the advantage.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

PubMed Central

Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

2017-01-01

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

Cyber threat model for tactical radio networks

NASA Astrophysics Data System (ADS)

Kurdziel, Michael T.

2014-05-01

The shift to a full information-centric paradigm in the battlefield has allowed ConOps to be developed that are only possible using modern network communications systems. Securing these Tactical Networks without impacting their capabilities has been a challenge. Tactical networks with fixed infrastructure have similar vulnerabilities to their commercial counterparts (although they need to be secure against adversaries with greater capabilities, resources and motivation). However, networks with mobile infrastructure components and Mobile Ad hoc Networks (MANets) have additional unique vulnerabilities that must be considered. It is useful to examine Tactical Network based ConOps and use them to construct a threat model and baseline cyber security requirements for Tactical Networks with fixed infrastructure, mobile infrastructure and/or ad hoc modes of operation. This paper will present an introduction to threat model assessment. A definition and detailed discussion of a Tactical Network threat model is also presented. Finally, the model is used to derive baseline requirements that can be used to design or evaluate a cyber security solution that can be scaled and adapted to the needs of specific deployments.

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes

PubMed Central

2018-01-01

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes. PMID:29518023

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes.

PubMed

Ali, Bako; Awad, Ali Ismail

2018-03-08

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or "things" to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes.

Modelling Public Security Operations: Evaluation of the Holistic Security Ecosystem (HSE) Proof-of-Concept

DTIC Science & Technology

2012-12-01

base pour construire de telles simulations et pourrait être adaptée à d’autres expériences à un coût relativement bas. Perspectives : Les leçons...systems (such as culture , [ Culture ]). This seven-dimensional framework advocates that systems be viewed from the physical, individual, functional...structural, normative, social, and informational dimensions. The human factors include modelling stress, trust, risk factors, and cultural factors

A security framework for nationwide health information exchange based on telehealth strategy.

PubMed

Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

2015-05-01

This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

Prototype of smart office system using based security system

NASA Astrophysics Data System (ADS)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

Information security of power enterprises of North-Arctic region

NASA Astrophysics Data System (ADS)

Sushko, O. P.

2018-05-01

The role of information technologies in providing technological security for energy enterprises is a component of the economic security for the northern Arctic region in general. Applying instruments and methods of information protection modelling of the energy enterprises' business process in the northern Arctic region (such as Arkhenergo and Komienergo), the authors analysed and identified most frequent risks of information security. With the analytic hierarchy process based on weighting factor estimations, information risks of energy enterprises' technological processes were ranked. The economic estimation of the information security within an energy enterprise considers weighting factor-adjusted variables (risks). Investments in information security systems of energy enterprises in the northern Arctic region are related to necessary security elements installation; current operating expenses on business process protection systems become materialized economic damage.

Proactive Security Testing and Fuzzing

NASA Astrophysics Data System (ADS)

Takanen, Ari

Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation

PubMed Central

Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

2018-01-01

Background Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Objective Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Methods Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Results Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. Conclusions To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. PMID:29506966

An Integrative Behavioral Model of Information Security Policy Compliance

PubMed Central

Kim, Sang Hoon; Yang, Kyung Hoon; Park, Sunyoung

2014-01-01

The authors found the behavioral factors that influence the organization members' compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members' attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1) the study is expected to play a role of the baseline for future research about organization members' compliance with the information security policy, (2) the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3) the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training programs suppressing members' neutralization intention to violate information security policy should be emphasized. PMID:24971373

An integrative behavioral model of information security policy compliance.

PubMed

Kim, Sang Hoon; Yang, Kyung Hoon; Park, Sunyoung

2014-01-01

The authors found the behavioral factors that influence the organization members' compliance with the information security policy in organizations on the basis of neutralization theory, Theory of planned behavior, and protection motivation theory. Depending on the theory of planned behavior, members' attitudes towards compliance, as well as normative belief and self-efficacy, were believed to determine the intention to comply with the information security policy. Neutralization theory, a prominent theory in criminology, could be expected to provide the explanation for information system security policy violations. Based on the protection motivation theory, it was inferred that the expected efficacy could have an impact on intentions of compliance. By the above logical reasoning, the integrative behavioral model and eight hypotheses could be derived. Data were collected by conducting a survey; 194 out of 207 questionnaires were available. The test of the causal model was conducted by PLS. The reliability, validity, and model fit were found to be statistically significant. The results of the hypotheses tests showed that seven of the eight hypotheses were acceptable. The theoretical implications of this study are as follows: (1) the study is expected to play a role of the baseline for future research about organization members' compliance with the information security policy, (2) the study attempted an interdisciplinary approach by combining psychology and information system security research, and (3) the study suggested concrete operational definitions of influencing factors for information security policy compliance through a comprehensive theoretical review. Also, the study has some practical implications. First, it can provide the guideline to support the successful execution of the strategic establishment for the implement of information system security policies in organizations. Second, it proves that the need of education and training programs suppressing members' neutralization intention to violate information security policy should be emphasized.

Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation.

PubMed

Sadat, Md Nazmus; Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

2018-03-05

Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. ©Md Nazmus Sadat, Xiaoqian Jiang, Md Momin Al Aziz, Shuang Wang, Noman Mohammed. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 05.03.2018.

Impacts of Base-Case and Post-Contingency Constraint Relaxations on Static and Dynamic Operational Security

NASA Astrophysics Data System (ADS)

Salloum, Ahmed

Constraint relaxation by definition means that certain security, operational, or financial constraints are allowed to be violated in the energy market model for a predetermined penalty price. System operators utilize this mechanism in an effort to impose a price-cap on shadow prices throughout the market. In addition, constraint relaxations can serve as corrective approximations that help in reducing the occurrence of infeasible or extreme solutions in the day-ahead markets. This work aims to capture the impact constraint relaxations have on system operational security. Moreover, this analysis also provides a better understanding of the correlation between DC market models and AC real-time systems and analyzes how relaxations in market models propagate to real-time systems. This information can be used not only to assess the criticality of constraint relaxations, but also as a basis for determining penalty prices more accurately. Constraint relaxations practice was replicated in this work using a test case and a real-life large-scale system, while capturing both energy market aspects and AC real-time system performance. System performance investigation included static and dynamic security analysis for base-case and post-contingency operating conditions. PJM peak hour loads were dynamically modeled in order to capture delayed voltage recovery and sustained depressed voltage profiles as a result of reactive power deficiency caused by constraint relaxations. Moreover, impacts of constraint relaxations on operational system security were investigated when risk based penalty prices are used. Transmission lines in the PJM system were categorized according to their risk index and each category was as-signed a different penalty price accordingly in order to avoid real-time overloads on high risk lines. This work also extends the investigation of constraint relaxations to post-contingency relaxations, where emergency limits are allowed to be relaxed in energy market models. Various scenarios were investigated to capture and compare between the impacts of base-case and post-contingency relaxations on real-time system performance, including the presence of both relaxations simultaneously. The effect of penalty prices on the number and magnitude of relaxations was investigated as well.

Neural evidence for a multifaceted model of attachment security.

PubMed

Canterberry, Melanie; Gillath, Omri

2013-06-01

The sense of attachment security has been linked with a host of beneficial outcomes related to personal and relational well-being. Moreover, research has demonstrated that the sense of attachment security can be enhanced via cognitive priming techniques. Studies using such techniques have shown that security priming results with similar outcomes as dispositional attachment security. The way security priming leads to these effects, however, is yet to be unveiled. Using fMRI we took one step in that direction and examined the neural mechanisms underlying enhanced attachment security. Participants were exposed to explicit and implicit security- and insecurity-related words. Security priming led to co-occurring activation in brain areas reflective of cognitive, affective, and behavioral processes (e.g., medial frontal cortex, parahippocampus, BA 6). There were activation differences based on attachment style. This research serves as an important step in mapping out the security process and supports a conceptualization of security as part of a behavioral system with multiple components. Copyright © 2012 Elsevier B.V. All rights reserved.

Children's Representations of Attachment and Positive Teacher-Child Relationships.

PubMed

Veríssimo, Manuela; Torres, Nuno; Silva, Filipa; Fernandes, Carla; Vaughn, Brian E; Santos, António J

2017-01-01

This study was designed to explore whether children's representations of attachment contribute to the co-construction of positive teacher-child relationships. An assessment of verbal intelligence was included as a predictor on the assumption that teachers might perceive themselves as having better relationships with more verbally competent children. Participants were 52 children from two pre-schools, in the district of Lisbon. The Attachment Story Completion Task (ASCT) was used to assess children's attachment security. The PCV-P (a scale developed in portuguese language) was used to describe teacher-child relationships through teachers' ratings of child secure base behavior and emotion regulation and the Wechsler Preschool and Primary Scale of Intelligence (WPPSI-R) was used to access verbal skills. Bivariate correlations showed that the teachers' rating of child secure base behavior was significantly associated with both child attachment security and verbal IQ. In a multiple regression analysis, the overall model R 2 was significant, as was the interaction term showing a moderating effect of attachment security on the relation between verbal IQ and teachers' ratings of secure base. The results suggest that co-construction of a close attachment-relevant relationship with teachers in early childhood is, in part, a function of the security in the context of parent-child attachment, but also of child verbal development.

Children's Representations of Attachment and Positive Teacher–Child Relationships

PubMed Central

Veríssimo, Manuela; Torres, Nuno; Silva, Filipa; Fernandes, Carla; Vaughn, Brian E.; Santos, António J.

2017-01-01

This study was designed to explore whether children's representations of attachment contribute to the co-construction of positive teacher–child relationships. An assessment of verbal intelligence was included as a predictor on the assumption that teachers might perceive themselves as having better relationships with more verbally competent children. Participants were 52 children from two pre-schools, in the district of Lisbon. The Attachment Story Completion Task (ASCT) was used to assess children's attachment security. The PCV-P (a scale developed in portuguese language) was used to describe teacher–child relationships through teachers' ratings of child secure base behavior and emotion regulation and the Wechsler Preschool and Primary Scale of Intelligence (WPPSI-R) was used to access verbal skills. Bivariate correlations showed that the teachers' rating of child secure base behavior was significantly associated with both child attachment security and verbal IQ. In a multiple regression analysis, the overall model R2 was significant, as was the interaction term showing a moderating effect of attachment security on the relation between verbal IQ and teachers' ratings of secure base. The results suggest that co-construction of a close attachment-relevant relationship with teachers in early childhood is, in part, a function of the security in the context of parent-child attachment, but also of child verbal development. PMID:29312099

Secure free-space optical communication system based on data fragmentation multipath transmission technology.

PubMed

Huang, Qingchao; Liu, Dachang; Chen, Yinfang; Wang, Yuehui; Tan, Jun; Chen, Wei; Liu, Jianguo; Zhu, Ninghua

2018-05-14

A secure free-space optical (S-FSO) communication system based on data fragmentation multipath transmission (DFMT) scheme is proposed and demonstrated for enhancing the security of FSO communications. By fragmenting the transmitted data and simultaneously distributing data fragments into different atmospheric channels, the S-FSO communication system can protect confidential messages from being eavesdropped effectively. A field experiment of S-FSO communication between two buildings has been successfully undertaken, and the experiment results demonstrate the feasibility of the scheme. The transmission distance is 50m and the maximum throughput is 1 Gb/s. We also established a theoretical model to analysis the security performance of the S-FSO communication system. To the best of our knowledge, this is the first application of DFMT scheme in FSO communication system.

Provably Secure Password-based Authentication in TLS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abdalla, Michel; Emmanuel, Bresson; Chevassut, Olivier

2005-12-20

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised tomore » the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.« less

The AgMIP Coordinated Global and Regional Assessments (CGRA) of Climate Change Impacts on Agriculture and Food Security

NASA Technical Reports Server (NTRS)

Ruane, Alex; Rosenzweig, Cynthia; Elliott, Joshua; Antle, John

2015-01-01

The Agricultural Model Intercomparison and Improvement Project (AgMIP) has been working since 2010 to construct a protocol-based framework enabling regional assessments (led by regional experts and modelers) that can provide consistent inputs to global economic and integrated assessment models. These global models can then relay important global-level information that drive regional decision-making and outcomes throughout an interconnected agricultural system. AgMIPs community of nearly 800 climate, crop, livestock, economics, and IT experts has improved the state-of-the-art through model intercomparisons, validation exercises, regional integrated assessments, and the launch of AgMIP programs on all six arable continents. AgMIP is now launching Coordinated Global and Regional Assessments (CGRA) of climate change impacts on agriculture and food security to link global and regional crop and economic models using a protocol-based framework. The CGRA protocols are being developed to utilize historical observations, climate projections, and RCPsSSPs from CMIP5 (and potentially CMIP6), and will examine stakeholder-driven agricultural development and adaptation scenarios to provide cutting-edge assessments of climate changes impact on agriculture and food security. These protocols will build on the foundation of established protocols from AgMIPs 30+ activities, and will emphasize the use of multiple models, scenarios, and scales to enable an accurate assessment of related uncertainties. The CGRA is also designed to provide the outputs necessary to feed into integrated assessment models (IAMs), nutrition and food security assessments, nitrogen and carbon cycle models, and additional impact-sector assessments (e.g., water resources, land-use, biomes, urban areas). This presentation will describe the current status of CGRA planning and initial prototype experiments to demonstrate key aspects of the protocols before wider implementation ahead of the IPCC Sixth Assessment Report.

The AgMIP Coordinated Global and Regional Assessments (CGRA) of Climate Change Impacts on Agriculture and Food Security

NASA Astrophysics Data System (ADS)

Ruane, A. C.; Rosenzweig, C.; Antle, J. M.; Elliott, J. W.

2015-12-01

The Agricultural Model Intercomparison and Improvement Project (AgMIP) has been working since 2010 to construct a protocol-based framework enabling regional assessments (led by regional experts and modelers) that can provide consistent inputs to global economic and integrated assessment models. These global models can then relay important global-level information that drive regional decision-making and outcomes throughout an interconnected agricultural system. AgMIP's community of nearly 800 climate, crop, livestock, economics, and IT experts has improved the state-of-the-art through model intercomparisons, validation exercises, regional integrated assessments, and the launch of AgMIP programs on all six arable continents. AgMIP is now launching Coordinated Global and Regional Assessments (CGRA) of climate change impacts on agriculture and food security to link global and regional crop and economic models using a protocol-based framework. The CGRA protocols are being developed to utilize historical observations, climate projections, and RCPs/SSPs from CMIP5 (and potentially CMIP6), and will examine stakeholder-driven agricultural development and adaptation scenarios to provide cutting-edge assessments of climate change's impact on agriculture and food security. These protocols will build on the foundation of established protocols from AgMIP's 30+ activities, and will emphasize the use of multiple models, scenarios, and scales to enable an accurate assessment of related uncertainties. The CGRA is also designed to provide the outputs necessary to feed into integrated assessment models (IAMs), nutrition and food security assessments, nitrogen and carbon cycle models, and additional impact-sector assessments (e.g., water resources, land-use, biomes, urban areas). This presentation will describe the current status of CGRA planning and initial prototype experiments to demonstrate key aspects of the protocols before wider implementation ahead of the IPCC Sixth Assessment Report.

Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks.

PubMed

Moon, Jongho; Lee, Donghoon; Lee, Youngsook; Won, Dongho

2017-04-25

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.'s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks

PubMed Central

Moon, Jongho; Lee, Donghoon; Lee, Youngsook; Won, Dongho

2017-01-01

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.’s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme. PMID:28441331

Maternal secure-base scripts and children's attachment security in an adopted sample.

PubMed

Veríssimo, Manuela; Salvaterra, Fernanda

2006-09-01

Studies of families with adopted children are of special interest to attachment theorists because they afford opportunities to probe assumptions of attachment theory with regard to the developmental timing of interactions necessary to form primary attachments and also with regard to effects of shared genes on child attachment quality. In Bowlby's model, attachment-relevant behaviors and interactions are observable from the moment of birth, but for adoptive families, these interactions cannot begin until the child enters the family, sometimes several months or even years post-partum. Furthermore, because adoptive parents and adopted children do not usually share genes by common descent, any correspondence between attachment representations of the parent and secure base behavior of the child must arise as a consequence of dyadic interaction histories. The objectives of this study were to evaluate whether the child's age at the time of adoption or at the time of attachment assessment predicted child attachment security in adoptive families and also whether the adoptive mother's internal attachment representation predicted the child's attachment security. The participants were 106 mother - child dyads selected from the 406 adoptions carried out through the Lisbon Department of Adoption Services over a period of 3 years. The Attachment Behavior Q-Set (AQS; Waters, 1995) was used to assess secure base behavior and an attachment script representation task was used to assess the maternal attachment representations. Neither child's age at the time of adoption, nor age of the child at assessment significantly predicted the AQS security score; however, scores reflecting the presence and quality of maternal secure base scripts did predict AQS security. These findings support the notion that the transmission of attachment security across generations involves mutual exchanges and learning by the child and that the exchanges leading to secure attachment need not begin at birth. These results complement the findings and conceptual arguments offered by Bowlby and Ainsworth concerning the critical influence of maternal representations of attachment to the quality of attachment security in children.

Long-term energy security in a national scale using LEAP. Application to de-carbonization scenarios in Andorra

NASA Astrophysics Data System (ADS)

Travesset-Baro, Oriol; Jover, Eric; Rosas-Casals, Marti

2016-04-01

This paper analyses the long-term energy security in a national scale using Long-range Energy Alternatives Planning System (LEAP) modelling tool. It builds the LEAP Andorra model, which forecasts energy demand and supply for the Principality of Andorra by 2050. It has a general bottom-up structure, where energy demand is driven by the technological composition of the sectors of the economy. The technological model is combined with a top-down econometric model to take into account macroeconomic trends. The model presented in this paper provides an initial estimate of energy demand in Andorra segregated into all sectors (residential, transport, secondary, tertiary and public administration) and charts a baseline scenario based on historical trends. Additional scenarios representing different policy strategies are built to explore the country's potential energy savings and the feasibility to achieve the Intended Nationally Determined Contribution (INDC) submitted in April 2015 to UN. In this climatic agreement Andorra intends to reduce net greenhouse gas emissions (GHG) by 37% as compared to a business-as-usual scenario by 2030. In addition, current and future energy security is analysed in this paper under baseline and de-carbonization scenarios. Energy security issues are assessed in LEAP with an integrated vision, going beyond the classic perspective of security of supply, and being closer to the sustainability's integrative vision. Results of scenarios show the benefits of climate policies in terms of national energy security and the difficulties for Andorra to achieving the de-carbonization target by 2030.

[Spatial-temporal pattern and obstacle factors of cultivated land ecological security in major grain producing areas of northeast China: a case study in Jilin Province].

PubMed

Zhao, Hong-Bo; Ma, Yan-Ji

2014-02-01

According to the cultivated land ecological security in major grain production areas of Northeast China, this paper selected 48 counties of Jilin Province as the research object. Based on the PSR-EES conceptual framework model, an evaluation index system of cultivated land ecological security was built. By using the improved TOPSIS, Markov chains, GIS spatial analysis and obstacle degree models, the spatial-temporal pattern of cultivated land ecological security and the obstacle factors were analyzed from 1995 to 2011 in Jilin Province. The results indicated that, the composite index of cultivated land ecological security appeared in a rising trend in Jilin Province from 1995 to 2011, and the cultivated land ecological security level changed from being sensitive to being general. There was a pattern of 'Club Convergence' in cultivated land ecological security level in each county and the spatial discrepancy tended to become larger. The 'Polarization' trend of cultivated land ecological security level was obvious. The distributions of sensitive level and critical security level with ribbon patterns tended to be dispersed, the general security level and relative security levels concentrated, and the distributions of security level scattered. The unstable trend of cultivated land ecological security level was more and more obvious. The main obstacle factors that affected the cultivated land ecological security level in Jilin Province were rural net income per capita, economic density, the proportion of environmental protection investment in GDP, degree of machinery cultivation and the comprehensive utilization rate of industrial solid wastes.

Securing the Next Ripple in Information Security: The Defense Industrial Base (DIB)

DTIC Science & Technology

2012-06-14

Cybersecurity model for the DIB needs to be more preventative rather than responsive and a model should stress continuous improvement. In a 2012 data breach investigation...of what they do, but most become a target because of what they do (or don’t do)”, in the 2011 Data Breach Investigations Report. Therefore the...txt Verizon Risk Team (2012). Data Breach Investigations Report. Verizon Business, March 2012. http://www.verizonbusiness.com/resources

Workshop on Current Issues in Predictive Approaches to Intelligence and Security Analytics: Fostering the Creation of Decision Advantage through Model Integration and Evaluation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sanfilippo, Antonio P.

2010-05-23

The increasing asymmetric nature of threats to the security, health and sustainable growth of our society requires that anticipatory reasoning become an everyday activity. Currently, the use of anticipatory reasoning is hindered by the lack of systematic methods for combining knowledge- and evidence-based models, integrating modeling algorithms, and assessing model validity, accuracy and utility. The workshop addresses these gaps with the intent of fostering the creation of a community of interest on model integration and evaluation that may serve as an aggregation point for existing efforts and a launch pad for new approaches.

Risk Assessment Methodology Based on the NISTIR 7628 Guidelines

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Hauser, Katie R

2013-01-01

Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.

Spatiotemporal Access Model Based on Reputation for the Sensing Layer of the IoT

PubMed Central

Guo, Yunchuan; Yin, Lihua; Li, Chao

2014-01-01

Access control is a key technology in providing security in the Internet of Things (IoT). The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC). STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM) and the election-based update mechanism (EUM). We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model. PMID:25177731

OpenID Connect as a security service in cloud-based medical imaging systems.

PubMed

Ma, Weina; Sartipi, Kamran; Sharghigoorabi, Hassan; Koff, David; Bak, Peter

2016-04-01

The evolution of cloud computing is driving the next generation of medical imaging systems. However, privacy and security concerns have been consistently regarded as the major obstacles for adoption of cloud computing by healthcare domains. OpenID Connect, combining OpenID and OAuth together, is an emerging representational state transfer-based federated identity solution. It is one of the most adopted open standards to potentially become the de facto standard for securing cloud computing and mobile applications, which is also regarded as "Kerberos of cloud." We introduce OpenID Connect as an authentication and authorization service in cloud-based diagnostic imaging (DI) systems, and propose enhancements that allow for incorporating this technology within distributed enterprise environments. The objective of this study is to offer solutions for secure sharing of medical images among diagnostic imaging repository (DI-r) and heterogeneous picture archiving and communication systems (PACS) as well as Web-based and mobile clients in the cloud ecosystem. The main objective is to use OpenID Connect open-source single sign-on and authorization service and in a user-centric manner, while deploying DI-r and PACS to private or community clouds should provide equivalent security levels to traditional computing model.

Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems.

PubMed

Lee, Tian-Fu

2014-12-01

Telecare medicine information systems provide a communicating platform for accessing remote medical resources through public networks, and help health care workers and medical personnel to rapidly making correct clinical decisions and treatments. An authentication scheme for data exchange in telecare medicine information systems enables legal users in hospitals and medical institutes to establish a secure channel and exchange electronic medical records or electronic health records securely and efficiently. This investigation develops an efficient and secure verified-based three-party authentication scheme by using extended chaotic maps for data exchange in telecare medicine information systems. The proposed scheme does not require server's public keys and avoids time-consuming modular exponential computations and scalar multiplications on elliptic curve used in previous related approaches. Additionally, the proposed scheme is proven secure in the random oracle model, and realizes the lower bounds of messages and rounds in communications. Compared to related verified-based approaches, the proposed scheme not only possesses higher security, but also has lower computational cost and fewer transmissions. Copyright © 2014 Elsevier Ireland Ltd. All rights reserved.

Usefulness of an ability-based health model in work ability assessments provided by psychiatrists and psychology specialists writing social security certificates.

PubMed

Solli, Hans Magnus; Barbosa da Silva, António; Egeland, Jens

2015-01-01

To investigate whether adding descriptions of the health factors "ability," "environment" and "intentions/goals" to the officially sanctioned biomedical disability model (BDM) would improve assessments of work ability for social security purposes. The study was based on a theoretical design consisting of textual analysis and interpretation. Two further work ability models were defined: the mixed health model (MHM), which describes health factors without assessing a person's abilities in context, and the ability-based health model (AHM), which assesses abilities in a concrete context of environment and intention. Eighty-six social security certificates, written by psychiatrists and psychology specialists in a Norwegian hospital-based mental health clinic, were analysed in relation to the three work ability/disability models. In certificates based on the BDM, a general pattern was found of "gradual work training". The MHM added health factors, but without linking them together in a concrete way. With the AHM, work ability was assessed in terms of a concrete unified evaluation of the claimant's abilities, environments and intentions/goals. Applying the AHM in work ability assessments, in comparison with the BDM and the MHM, is useful because this foregrounds claimants' abilities in a context of concrete goals and work-related opportunities, as a unity. Implications for Rehabilitation A concept of health should include ability, environment and intentions/goals as components. When all three of these components are described in concrete terms in a work ability assessment, an integrated picture of the individual's abilities in the context of his/her particular intentions/goals and work opportunities comes to the fore. This kind of assessment makes it possible to meet the individual's needs for individual follow-up in a work environment.

USign--a security enhanced electronic consent model.

PubMed

Li, Yanyan; Xie, Mengjun; Bian, Jiang

2014-01-01

Electronic consent becomes increasingly popular in the healthcare sector given the many benefits it provides. However, security concerns, e.g., how to verify the identity of a person who is remotely accessing the electronic consent system in a secure and user-friendly manner, also arise along with the popularity of electronic consent. Unfortunately, existing electronic consent systems do not pay sufficient attention to those issues. They mainly rely on conventional password based authentication to verify the identity of an electronic consent user, which is far from being sufficient given that identity theft threat is real and significant in reality. In this paper, we present a security enhanced electronic consent model called USign. USign enhances the identity protection and authentication for electronic consent systems by leveraging handwritten signatures everyone is familiar with and mobile computing technologies that are becoming ubiquitous. We developed a prototype of USign and conducted preliminary evaluation on accuracy and usability of signature verification. Our experimental results show the feasibility of the proposed model.

Towards Trustable Digital Evidence with PKIDEV: PKI Based Digital Evidence Verification Model

NASA Astrophysics Data System (ADS)

Uzunay, Yusuf; Incebacak, Davut; Bicakci, Kemal

How to Capture and Preserve Digital Evidence Securely? For the investigation and prosecution of criminal activities that involve computers, digital evidence collected in the crime scene has a vital importance. On one side, it is a very challenging task for forensics professionals to collect them without any loss or damage. On the other, there is the second problem of providing the integrity and authenticity in order to achieve legal acceptance in a court of law. By conceiving digital evidence simply as one instance of digital data, it is evident that modern cryptography offers elegant solutions for this second problem. However, to our knowledge, there is not any previous work proposing a systematic model having a holistic view to address all the related security problems in this particular case of digital evidence verification. In this paper, we present PKIDEV (Public Key Infrastructure based Digital Evidence Verification model) as an integrated solution to provide security for the process of capturing and preserving digital evidence. PKIDEV employs, inter alia, cryptographic techniques like digital signatures and secure time-stamping as well as latest technologies such as GPS and EDGE. In our study, we also identify the problems public-key cryptography brings when it is applied to the verification of digital evidence.

Importance of biometrics to addressing vulnerabilities of the U.S. infrastructure

NASA Astrophysics Data System (ADS)

Arndt, Craig M.; Hall, Nathaniel A.

2004-08-01

Human identification technologies are important threat countermeasures in minimizing select infrastructure vulnerabilities. Properly targeted countermeasures should be selected and integrated into an overall security solution based on disciplined analysis and modeling. Available data on infrastructure value, threat intelligence, and system vulnerabilities are carefully organized, analyzed and modeled. Prior to design and deployment of an effective countermeasure; the proper role and appropriateness of technology in addressing the overall set of vulnerabilities is established. Deployment of biometrics systems, as with other countermeasures, introduces potentially heightened vulnerabilities into the system. Heightened vulnerabilities may arise from both the newly introduced system complexities and an unfocused understanding of the set of vulnerabilities impacted by the new countermeasure. The countermeasure's own inherent vulnerabilities and those introduced by the system's integration with the existing system are analyzed and modeled to determine the overall vulnerability impact. The United States infrastructure is composed of government and private assets. The infrastructure is valued by their potential impact on several components: human physical safety, physical/information replacement/repair cost, potential contribution to future loss (criticality in weapons production), direct productivity output, national macro-economic output/productivity, and information integrity. These components must be considered in determining the overall impact of an infrastructure security breach. Cost/benefit analysis is then incorporated in the security technology deployment decision process. Overall security risks based on system vulnerabilities and threat intelligence determines areas of potential benefit. Biometric countermeasures are often considered when additional security at intended points of entry would minimize vulnerabilities.

Development and application of a new grey dynamic hierarchy analysis system (GDHAS) for evaluating urban ecological security.

PubMed

Shao, Chaofeng; Tian, Xiaogang; Guan, Yang; Ju, Meiting; Xie, Qiang

2013-05-21

Selecting indicators based on the characteristics and development trends of a given study area is essential for building a framework for assessing urban ecological security. However, few studies have focused on how to select the representative indicators systematically, and quantitative research is lacking. We developed an innovative quantitative modeling approach called the grey dynamic hierarchy analytic system (GDHAS) for both the procedures of indicator selection and quantitative assessment of urban ecological security. Next, a systematic methodology based on the GDHAS is developed to assess urban ecological security comprehensively and dynamically. This assessment includes indicator selection, driving force-pressure-state-impact-response (DPSIR) framework building, and quantitative evaluation. We applied this systematic methodology to assess the urban ecological security of Tianjin, which is a typical coastal super megalopolis and the industry base in China. This case study highlights the key features of our approach. First, 39 representative indicators are selected for the evaluation index system from 62 alternative ones available through the GDHAS. Second, the DPSIR framework is established based on the indicators selected, and the quantitative assessment of the eco-security of Tianjin is conducted. The results illustrate the following: urban ecological security of Tianjin in 2008 was in alert level but not very stable; the driving force and pressure subsystems were in good condition, but the eco-security levels of the remainder of the subsystems were relatively low; the pressure subsystem was the key to urban ecological security; and 10 indicators are defined as the key indicators for five subsystems. These results can be used as the basis for urban eco-environmental management.

Development and Application of a New Grey Dynamic Hierarchy Analysis System (GDHAS) for Evaluating Urban Ecological Security

PubMed Central

Shao, Chaofeng; Tian, Xiaogang; Guan, Yang; Ju, Meiting; Xie, Qiang

2013-01-01

Selecting indicators based on the characteristics and development trends of a given study area is essential for building a framework for assessing urban ecological security. However, few studies have focused on how to select the representative indicators systematically, and quantitative research is lacking. We developed an innovative quantitative modeling approach called the grey dynamic hierarchy analytic system (GDHAS) for both the procedures of indicator selection and quantitative assessment of urban ecological security. Next, a systematic methodology based on the GDHAS is developed to assess urban ecological security comprehensively and dynamically. This assessment includes indicator selection, driving force-pressure-state-impact-response (DPSIR) framework building, and quantitative evaluation. We applied this systematic methodology to assess the urban ecological security of Tianjin, which is a typical coastal super megalopolis and the industry base in China. This case study highlights the key features of our approach. First, 39 representative indicators are selected for the evaluation index system from 62 alternative ones available through the GDHAS. Second, the DPSIR framework is established based on the indicators selected, and the quantitative assessment of the eco-security of Tianjin is conducted. The results illustrate the following: urban ecological security of Tianjin in 2008 was in alert level but not very stable; the driving force and pressure subsystems were in good condition, but the eco-security levels of the remainder of the subsystems were relatively low; the pressure subsystem was the key to urban ecological security; and 10 indicators are defined as the key indicators for five subsystems. These results can be used as the basis for urban eco-environmental management. PMID:23698700

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation

PubMed Central

2016-01-01

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes. PMID:27655001

Searchable attribute-based encryption scheme with attribute revocation in cloud storage.

PubMed

Wang, Shangping; Zhao, Duqiao; Zhang, Yaling

2017-01-01

Attribute based encryption (ABE) is a good way to achieve flexible and secure access control to data, and attribute revocation is the extension of the attribute-based encryption, and the keyword search is an indispensable part for cloud storage. The combination of both has an important application in the cloud storage. In this paper, we construct a searchable attribute-based encryption scheme with attribute revocation in cloud storage, the keyword search in our scheme is attribute based with access control, when the search succeeds, the cloud server returns the corresponding cipher text to user and the user can decrypt the cipher text definitely. Besides, our scheme supports multiple keywords search, which makes the scheme more practical. Under the assumption of decisional bilinear Diffie-Hellman exponent (q-BDHE) and decisional Diffie-Hellman (DDH) in the selective security model, we prove that our scheme is secure.

[A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

PubMed

Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

2004-04-01

We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

Five Models for European Security: Implications for the United States

DTIC Science & Technology

1992-01-01

tripolar concept of security. It is the product of Europeans’ search for a third way between the United States and the former Soviet Union-in part to...distinguish the five systems from each other are reasonably clear (ad hoc, bipolar, tripolar , multi-polar collective, and overlapping), there is room...based on a tripolar concept of security. It is the product of Europeans’ search for a third way between the United States and the former Soviet Union-in

Secure coherent optical multi-carrier system with four-dimensional modulation space and Stokes vector scrambling.

PubMed

Zhang, Lijia; Liu, Bo; Xin, Xiangjun

2015-06-15

A secure enhanced coherent optical multi-carrier system based on Stokes vector scrambling is proposed and experimentally demonstrated. The optical signal with four-dimensional (4D) modulation space has been scrambled intra- and inter-subcarriers, where a multi-layer logistic map is adopted as the chaotic model. An experiment with 61.71-Gb/s encrypted multi-carrier signal is successfully demonstrated with the proposed method. The results indicate a promising solution for the physical secure optical communication.

The Contribution of the Spanish Guardia Civil to the Peace and Stability Operations Within the Human Security Framework

DTIC Science & Technology

2010-03-08

1999.- U.N. Civilian Police component in Kosovo (UNMIK.) 2000.- Oficina del Programa de Irak (no es especificamente una misi6n de paz) 2000.- Special...community security, and political security. Nevertheless, it is worth pointing out that the establishment and the inclusion of an agenda based on the human...model the pattern set in France by the Gendarmerie and in Catalonia by the existing Mossos de Escuadra. The Dulce of Ahumada personally shaped this new

Information Security Analysis Using Game Theory and Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schlicher, Bob G; Abercrombie, Robert K

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions aremore » always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.« less

ID201202961, DOE S-124,539, Information Security Analysis Using Game Theory and Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions aremore » always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.« less

A Policy Language for Modelling Recommendations

NASA Astrophysics Data System (ADS)

Abou El Kalam, Anas; Balbiani, Philippe

While current and emergent applications become more and more complex, most of existing security policies and models only consider a yes/no response to the access requests. Consequently, modelling, formalizing and implementing permissions, obligations and prohibitions do not cover the richness of all the possible scenarios. In fact, several applications have access rules with the recommendation access modality. In this paper we focus on the problem of formalizing security policies with recommendation needs. The aim is to provide a generic domain-independent formal system for modelling not only permissions, prohibitions and obligations, but also recommendations. In this respect, we present our logic-based language, the semantics, the truth conditions, our axiomatic as well as inference rules. We also give a representative use case with our specification of recommendation requirements. Finally, we explain how our logical framework could be used to query the security policy and to check its consistency.

Assessing work disability for social security benefits: international models for the direct assessment of work capacity.

PubMed

Geiger, Ben Baumberg; Garthwaite, Kayleigh; Warren, Jon; Bambra, Clare

2017-08-25

It has been argued that social security disability assessments should directly assess claimants' work capacity, rather than relying on proxies such as on functioning. However, there is little academic discussion of how such assessments could be conducted. The article presents an account of different models of direct disability assessments based on case studies of the Netherlands, Germany, Denmark, Norway, the United States of America, Canada, Australia, and New Zealand, utilising over 150 documents and 40 expert interviews. Three models of direct work disability assessments can be observed: (i) structured assessment, which measures the functional demands of jobs across the national economy and compares these to claimants' functional capacities; (ii) demonstrated assessment, which looks at claimants' actual experiences in the labour market and infers a lack of work capacity from the failure of a concerned rehabilitation attempt; and (iii) expert assessment, based on the judgement of skilled professionals. Direct disability assessment within social security is not just theoretically desirable, but can be implemented in practice. We have shown that there are three distinct ways that this can be done, each with different strengths and weaknesses. Further research is needed to clarify the costs, validity/legitimacy, and consequences of these different models. Implications for rehabilitation It has recently been argued that social security disability assessments should directly assess work capacity rather than simply assessing functioning - but we have no understanding about how this can be done in practice. Based on case studies of nine countries, we show that direct disability assessment can be implemented, and argue that there are three different ways of doing it. These are "demonstrated assessment" (using claimants' experiences in the labour market), "structured assessment" (matching functional requirements to workplace demands), and "expert assessment" (the judgement of skilled professionals). While it is possible to implement a direct assessment of work capacity for social security benefits, further research is necessary to understand how best to maximise validity, legitimacy, and cost-effectiveness.

Cost-Efficient and Multi-Functional Secure Aggregation in Large Scale Distributed Application

PubMed Central

Zhang, Ping; Li, Wenjun; Sun, Hua

2016-01-01

Secure aggregation is an essential component of modern distributed applications and data mining platforms. Aggregated statistical results are typically adopted in constructing a data cube for data analysis at multiple abstraction levels in data warehouse platforms. Generating different types of statistical results efficiently at the same time (or referred to as enabling multi-functional support) is a fundamental requirement in practice. However, most of the existing schemes support a very limited number of statistics. Securely obtaining typical statistical results simultaneously in the distribution system, without recovering the original data, is still an open problem. In this paper, we present SEDAR, which is a SEcure Data Aggregation scheme under the Range segmentation model. Range segmentation model is proposed to reduce the communication cost by capturing the data characteristics, and different range uses different aggregation strategy. For raw data in the dominant range, SEDAR encodes them into well defined vectors to provide value-preservation and order-preservation, and thus provides the basis for multi-functional aggregation. A homomorphic encryption scheme is used to achieve data privacy. We also present two enhanced versions. The first one is a Random based SEDAR (REDAR), and the second is a Compression based SEDAR (CEDAR). Both of them can significantly reduce communication cost with the trade-off lower security and lower accuracy, respectively. Experimental evaluations, based on six different scenes of real data, show that all of them have an excellent performance on cost and accuracy. PMID:27551747

Cost-Efficient and Multi-Functional Secure Aggregation in Large Scale Distributed Application.

PubMed

Zhang, Ping; Li, Wenjun; Sun, Hua

2016-01-01

Secure aggregation is an essential component of modern distributed applications and data mining platforms. Aggregated statistical results are typically adopted in constructing a data cube for data analysis at multiple abstraction levels in data warehouse platforms. Generating different types of statistical results efficiently at the same time (or referred to as enabling multi-functional support) is a fundamental requirement in practice. However, most of the existing schemes support a very limited number of statistics. Securely obtaining typical statistical results simultaneously in the distribution system, without recovering the original data, is still an open problem. In this paper, we present SEDAR, which is a SEcure Data Aggregation scheme under the Range segmentation model. Range segmentation model is proposed to reduce the communication cost by capturing the data characteristics, and different range uses different aggregation strategy. For raw data in the dominant range, SEDAR encodes them into well defined vectors to provide value-preservation and order-preservation, and thus provides the basis for multi-functional aggregation. A homomorphic encryption scheme is used to achieve data privacy. We also present two enhanced versions. The first one is a Random based SEDAR (REDAR), and the second is a Compression based SEDAR (CEDAR). Both of them can significantly reduce communication cost with the trade-off lower security and lower accuracy, respectively. Experimental evaluations, based on six different scenes of real data, show that all of them have an excellent performance on cost and accuracy.

Rapid Growth in Surgeons’ Use of Secure Messaging in a Patient Portal

PubMed Central

Shenson, Jared A.; Cronin, Robert M.; Davis, Sharon E.; Chen, Qingxia; Jackson, Gretchen Purcell

2016-01-01

Background Use of secure messaging through patient portals has risen substantially in recent years due to provider incentives and consumer demand. Secure messaging may increase patient satisfaction and improve outcomes, but also adds to physician workload. Most prior studies of secure messaging focused on primary care and medical specialties. We examined surgeons’ use of secure messaging and the contribution of messaging to outpatient interactions in a broadly-deployed patient portal. Methods We determined the number of clinic visits and secure messages for surgical providers in the first three years (2008–10) after patient portal deployment at an academic medical center. We calculated the proportion of outpatient interaction conducted through messaging for each specialty. Logistic regression models compared the likelihood of message-based versus clinic outpatient interaction across surgical specialties. Results Over the study period, surgical providers delivered care in 648,200 clinic visits and received 83,912 messages, with more than 200% growth in monthly message volume. Surgical specialties receiving the most messages were orthopedics/podiatry (25.1%), otolaryngology (20.1%), urology (10.8%), and general surgery (9.6%); vascular surgery (0.8%) and pediatric general surgery (0.2%) received the fewest. The proportion of outpatient interactions conducted through secure messaging increased significantly from 5.4% in 2008 to 15.3% in 2010 (p<0.001) with all specialties experiencing growth. Heart/lung transplantation (74.9%), liver/kidney/pancreas transplantation (69.5%), and general surgery (48.7%) had the highest proportion of message-based outpatient interaction by the end of the study. Conclusions This study demonstrates rapid adoption of online secure messaging across surgical specialties with significant growth in its use for outpatient interaction. Some specialties, particularly those with long-term follow-up, interacted with patients more through secure messaging than in person. As surgeons devote more time to secure messaging, additional research will be needed to understand the care delivered through online interactions and to develop models for reimbursement. PMID:26123340

In Internet-Based Visualization System Study about Breakthrough Applet Security Restrictions

NASA Astrophysics Data System (ADS)

Chen, Jie; Huang, Yan

In the process of realization Internet-based visualization system of the protein molecules, system needs to allow users to use the system to observe the molecular structure of the local computer, that is, customers can generate the three-dimensional graphics from PDB file on the client computer. This requires Applet access to local file, related to the Applet security restrictions question. In this paper include two realization methods: 1.Use such as signature tools, key management tools and Policy Editor tools provided by the JDK to digital signature and authentication for Java Applet, breakthrough certain security restrictions in the browser. 2. Through the use of Servlet agent implement indirect access data methods, breakthrough the traditional Java Virtual Machine sandbox model restriction of Applet ability. The two ways can break through the Applet's security restrictions, but each has its own strengths.

Limited view angle iterative CT reconstruction

NASA Astrophysics Data System (ADS)

Kisner, Sherman J.; Haneda, Eri; Bouman, Charles A.; Skatter, Sondre; Kourinny, Mikhail; Bedford, Simon

2012-03-01

Computed Tomography (CT) is widely used for transportation security to screen baggage for potential threats. For example, many airports use X-ray CT to scan the checked baggage of airline passengers. The resulting reconstructions are then used for both automated and human detection of threats. Recently, there has been growing interest in the use of model-based reconstruction techniques for application in CT security systems. Model-based reconstruction offers a number of potential advantages over more traditional direct reconstruction such as filtered backprojection (FBP). Perhaps one of the greatest advantages is the potential to reduce reconstruction artifacts when non-traditional scan geometries are used. For example, FBP tends to produce very severe streaking artifacts when applied to limited view data, which can adversely affect subsequent processing such as segmentation and detection. In this paper, we investigate the use of model-based reconstruction in conjunction with limited-view scanning architectures, and we illustrate the value of these methods using transportation security examples. The advantage of limited view architectures is that it has the potential to reduce the cost and complexity of a scanning system, but its disadvantage is that limited-view data can result in structured artifacts in reconstructed images. Our method of reconstruction depends on the formulation of both a forward projection model for the system, and a prior model that accounts for the contents and densities of typical baggage. In order to evaluate our new method, we use realistic models of baggage with randomly inserted simple simulated objects. Using this approach, we show that model-based reconstruction can substantially reduce artifacts and improve important metrics of image quality such as the accuracy of the estimated CT numbers.

The Perceptions of U.S.-Based IT Security Professionals about the Effectiveness of IT Security Frameworks: A Quantitative Study

ERIC Educational Resources Information Center

Warfield, Douglas L.

2011-01-01

The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

Backward Channel Protection Based on Randomized Tree-Walking Algorithm and Its Analysis for Securing RFID Tag Information and Privacy

NASA Astrophysics Data System (ADS)

Choi, Wonjoon; Yoon, Myungchul; Roh, Byeong-Hee

Eavesdropping on backward channels in RFID environments may cause severe privacy problems because it means the exposure of personal information related to tags that each person has. However, most existing RFID tag security schemes are focused on the forward channel protections. In this paper, we propose a simple but effective method to solve the backward channel eavesdropping problem based on Randomized-tree walking algorithm for securing tag ID information and privacy in RFID-based applications. In order to show the efficiency of the proposed scheme, we derive two performance models for the cases when CRC is used and not used. It is shown that the proposed method can lower the probability of eavesdropping on backward channels near to ‘0.’

A Lightweight Protocol for Secure Video Streaming

PubMed Central

Morkevicius, Nerijus; Bagdonas, Kazimieras

2018-01-01

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

A Lightweight Protocol for Secure Video Streaming.

PubMed

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

A compressive sensing based secure watermark detection and privacy preserving storage framework.

PubMed

Qia Wang; Wenjun Zeng; Jun Tian

2014-03-01

Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service, such as the cloud. In this paper, we identify a cloud computing application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We then propose a compressive sensing (CS)-based framework using secure multiparty computation (MPC) protocols to address such a requirement. In our framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a CS domain to protect the privacy. During CS transformation, the privacy of the CS matrix and the watermark pattern is protected by the MPC protocols under the semi-honest security model. We derive the expected watermark detection performance in the CS domain, given the target image, watermark pattern, and the size of the CS matrix (but without the CS matrix itself). The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the CS domain is feasible. Our framework can also be extended to other collaborative secure signal processing and data-mining applications in the cloud.

Enhanced secure 4-D modulation space optical multi-carrier system based on joint constellation and Stokes vector scrambling.

PubMed

Liu, Bo; Zhang, Lijia; Xin, Xiangjun

2018-03-19

This paper proposes and demonstrates an enhanced secure 4-D modulation optical generalized filter bank multi-carrier (GFBMC) system based on joint constellation and Stokes vector scrambling. The constellation and Stokes vectors are scrambled by using different scrambling parameters. A multi-scroll Chua's circuit map is adopted as the chaotic model. Large secure key space can be obtained due to the multi-scroll attractors and independent operability of subcarriers. A 40.32Gb/s encrypted optical GFBMC signal with 128 parallel subcarriers is successfully demonstrated in the experiment. The results show good resistance against the illegal receiver and indicate a potential way for the future optical multi-carrier system.

Need for a gender-sensitive human security framework: results of a quantitative study of human security and sexual violence in Djohong District, Cameroon

PubMed Central

2014-01-01

Background Human security shifts traditional concepts of security from interstate conflict and the absence of war to the security of the individual. Broad definitions of human security include livelihoods and food security, health, psychosocial well-being, enjoyment of civil and political rights and freedom from oppression, and personal safety, in addition to absence of conflict. Methods In March 2010, we undertook a population-based health and livelihood study of female refugees from conflict-affected Central African Republic living in Djohong District, Cameroon and their female counterparts within the Cameroonian host community. Embedded within the survey instrument were indicators of human security derived from the Leaning-Arie model that defined three domains of psychosocial stability suggesting individuals and communities are most stable when their core attachments to home, community and the future are intact. Results While the female refugee human security outcomes describe a population successfully assimilated and thriving in their new environments based on these three domains, the ability of human security indicators to predict the presence or absence of lifetime and six-month sexual violence was inadequate. Using receiver operating characteristic (ROC) analysis, the study demonstrates that common human security indicators do not uncover either lifetime or recent prevalence of sexual violence. Conclusions These data suggest that current gender-blind approaches of describing human security are missing serious threats to the safety of one half of the population and that efforts to develop robust human security indicators should include those that specifically measure violence against women. PMID:24829613

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

PubMed

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security verification of our scheme using the widely accepted AVISPA tool. High security and extra functionality features allow our proposed scheme to be applicable for telecare medicine information systems which is used for e-health care medical applications. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

On determining specifications and selections of alternative technologies for airport checked-baggage security screening.

PubMed

Feng, Qianmei

2007-10-01

Federal law mandates that every checked bag at all commercial airports be screened by explosive detection systems (EDS), explosive trace detection systems (ETD), or alternative technologies. These technologies serve as critical components of airport security systems that strive to reduce security risks at both national and global levels. To improve the operational efficiency and airport security, emerging image-based technologies have been developed, such as dual-energy X-ray (DX), backscatter X-ray (BX), and multiview tomography (MVT). These technologies differ widely in purchasing cost, maintenance cost, operating cost, processing rate, and accuracy. Based on a mathematical framework that takes into account all these factors, this article investigates two critical issues for operating screening devices: setting specifications for continuous security responses by different technologies; and selecting technology or combination of technologies for efficient 100% baggage screening. For continuous security responses, specifications or thresholds are used for classifying threat items from nonthreat items. By investigating the setting of specifications on system security responses, this article assesses the risk and cost effectiveness of various technologies for both single-device and two-device systems. The findings provide the best selection of image-based technologies for both single-device and two-device systems. Our study suggests that two-device systems outperform single-device systems in terms of both cost effectiveness and accuracy. The model can be readily extended to evaluate risk and cost effectiveness of multiple-device systems for airport checked-baggage security screening.

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

PubMed

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

Routing architecture and security for airborne networks

NASA Astrophysics Data System (ADS)

Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

2009-05-01

Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

Building an authorization model for external means of protection of APCS based on the Internet of things

NASA Astrophysics Data System (ADS)

Zaharov, A. A.; Nissenbaum, O. V.; Ponomaryov, K. Y.; Nesgovorov, E. S.

2018-01-01

In this paper we study application of Internet of Thing concept and devices to secure automated process control systems. We review different approaches in IoT (Internet of Things) architecture and design and propose them for several applications in security of automated process control systems. We consider an Attribute-based encryption in context of access control mechanism implementation and promote a secret key distribution scheme between attribute authorities and end devices.

Financial forecasts accuracy in Brazil's social security system.

PubMed

Silva, Carlos Patrick Alves da; Puty, Claudio Alberto Castelo Branco; Silva, Marcelino Silva da; Carvalho, Solon Venâncio de; Francês, Carlos Renato Lisboa

2017-01-01

Long-term social security statistical forecasts produced and disseminated by the Brazilian government aim to provide accurate results that would serve as background information for optimal policy decisions. These forecasts are being used as support for the government's proposed pension reform that plans to radically change the Brazilian Constitution insofar as Social Security is concerned. However, the reliability of official results is uncertain since no systematic evaluation of these forecasts has ever been published by the Brazilian government or anyone else. This paper aims to present a study of the accuracy and methodology of the instruments used by the Brazilian government to carry out long-term actuarial forecasts. We base our research on an empirical and probabilistic analysis of the official models. Our empirical analysis shows that the long-term Social Security forecasts are systematically biased in the short term and have significant errors that render them meaningless in the long run. Moreover, the low level of transparency in the methods impaired the replication of results published by the Brazilian Government and the use of outdated data compromises forecast results. In the theoretical analysis, based on a mathematical modeling approach, we discuss the complexity and limitations of the macroeconomic forecast through the computation of confidence intervals. We demonstrate the problems related to error measurement inherent to any forecasting process. We then extend this exercise to the computation of confidence intervals for Social Security forecasts. This mathematical exercise raises questions about the degree of reliability of the Social Security forecasts.

Financial forecasts accuracy in Brazil’s social security system

PubMed Central

2017-01-01

Long-term social security statistical forecasts produced and disseminated by the Brazilian government aim to provide accurate results that would serve as background information for optimal policy decisions. These forecasts are being used as support for the government’s proposed pension reform that plans to radically change the Brazilian Constitution insofar as Social Security is concerned. However, the reliability of official results is uncertain since no systematic evaluation of these forecasts has ever been published by the Brazilian government or anyone else. This paper aims to present a study of the accuracy and methodology of the instruments used by the Brazilian government to carry out long-term actuarial forecasts. We base our research on an empirical and probabilistic analysis of the official models. Our empirical analysis shows that the long-term Social Security forecasts are systematically biased in the short term and have significant errors that render them meaningless in the long run. Moreover, the low level of transparency in the methods impaired the replication of results published by the Brazilian Government and the use of outdated data compromises forecast results. In the theoretical analysis, based on a mathematical modeling approach, we discuss the complexity and limitations of the macroeconomic forecast through the computation of confidence intervals. We demonstrate the problems related to error measurement inherent to any forecasting process. We then extend this exercise to the computation of confidence intervals for Social Security forecasts. This mathematical exercise raises questions about the degree of reliability of the Social Security forecasts. PMID:28859172

Bootstrapping Security Policies for Wearable Apps Using Attributed Structural Graphs.

PubMed

González-Tablas, Ana I; Tapiador, Juan E

2016-05-11

We address the problem of bootstrapping security and privacy policies for newly-deployed apps in wireless body area networks (WBAN) composed of smartphones, sensors and other wearable devices. We introduce a framework to model such a WBAN as an undirected graph whose vertices correspond to devices, apps and app resources, while edges model structural relationships among them. This graph is then augmented with attributes capturing the features of each entity together with user-defined tags. We then adapt available graph-based similarity metrics to find the closest app to a new one to be deployed, with the aim of reusing, and possibly adapting, its security policy. We illustrate our approach through a detailed smartphone ecosystem case study. Our results suggest that the scheme can provide users with a reasonably good policy that is consistent with the user's security preferences implicitly captured by policies already in place.

Bootstrapping Security Policies for Wearable Apps Using Attributed Structural Graphs

PubMed Central

González-Tablas, Ana I.; Tapiador, Juan E.

2016-01-01

We address the problem of bootstrapping security and privacy policies for newly-deployed apps in wireless body area networks (WBAN) composed of smartphones, sensors and other wearable devices. We introduce a framework to model such a WBAN as an undirected graph whose vertices correspond to devices, apps and app resources, while edges model structural relationships among them. This graph is then augmented with attributes capturing the features of each entity together with user-defined tags. We then adapt available graph-based similarity metrics to find the closest app to a new one to be deployed, with the aim of reusing, and possibly adapting, its security policy. We illustrate our approach through a detailed smartphone ecosystem case study. Our results suggest that the scheme can provide users with a reasonably good policy that is consistent with the user’s security preferences implicitly captured by policies already in place. PMID:27187385

The impact of the 2008 financial crisis on food security and food expenditures in Mexico: a disproportionate effect on the vulnerable

PubMed Central

Vilar-Compte, Mireya; Sandoval-Olascoaga, Sebastian; Bernal-Stuart, Ana; Shimoga, Sandhya; Vargas-Bustamante, Arturo

2015-01-01

Objective The present paper investigated the impact of the 2008 financial crisis on food security in Mexico and how it disproportionally affected vulnerable households. Design A generalized ordered logistic regression was estimated to assess the impact of the crisis on households’ food security status. An ordinary least squares and a quantile regression were estimated to evaluate the effect of the financial crisis on a continuous proxy measure of food security defined as the share of a household’s current income devoted to food expenditures. Setting Both analyses were performed using pooled cross-sectional data from the Mexican National Household Income and Expenditure Survey 2008 and 2010. Subjects The analytical sample included 29 468 households in 2008 and 27 654 in 2010. Results The generalized ordered logistic model showed that the financial crisis significantly (P < 0·05) decreased the probability of being food secure, mildly or moderately food insecure, compared with being severely food insecure (OR = 0·74). A similar but smaller effect was found when comparing severely and moderately food-insecure households with mildly food-insecure and food-secure households (OR = 0·81). The ordinary least squares model showed that the crisis significantly (P < 0·05) increased the share of total income spent on food (β coefficient of 0·02). The quantile regression confirmed the findings suggested by the generalized ordered logistic model, showing that the effects of the crisis were more profound among poorer households. Conclusions The results suggest that households that were more vulnerable before the financial crisis saw a worsened effect in terms of food insecurity with the crisis. Findings were consistent with both measures of food security – one based on self-reported experience and the other based on food spending. PMID:25428800

Security challenges in integration of a PHR-S into a standards based national EHR.

PubMed

Mense, Alexander; Hoheiser Pförtner, Franz; Sauermann, Stefan

2014-01-01

Health related data provided by patients themselves is expected to play a major role in future healthcare. Data from personal health devices, vaccination records, health diaries or observations of daily living, for instance, is stored in personal health records (PHR) which are maintained by personal health record systems (PHR-S). Combining this information with medical records provided by healthcare providers in electronic health records (EHR) is one of the next steps towards "personal care". Austria currently sets up a nationwide EHR system that incorporates all healthcare providers and is technically based on international standards (IHE, HL7, OASIS, ...). Looking at the expected potential of merging PHR and EHR data it is worth to analyse integration approaches. Although knowing that an integration requires the coordination of processes, information models and technical architectures, this paper specifically focuses on security issues by evaluating general security requirements for a PHR-S (based on HL7 PHR-S FM), comparing them with the information security specifications for the Austrian's national EHR (based on ISO/IES 27000 series) and identifying the main challenges as well as possible approaches.

Security analysis of quadratic phase based cryptography

NASA Astrophysics Data System (ADS)

Muniraj, Inbarasan; Guo, Changliang; Malallah, Ra'ed; Healy, John J.; Sheridan, John T.

2016-09-01

The linear canonical transform (LCT) is essential in modeling a coherent light field propagation through first-order optical systems. Recently, a generic optical system, known as a Quadratic Phase Encoding System (QPES), for encrypting a two-dimensional (2D) image has been reported. It has been reported together with two phase keys the individual LCT parameters serve as keys of the cryptosystem. However, it is important that such the encryption systems also satisfies some dynamic security properties. Therefore, in this work, we examine some cryptographic evaluation methods, such as Avalanche Criterion and Bit Independence, which indicates the degree of security of the cryptographic algorithms on QPES. We compare our simulation results with the conventional Fourier and the Fresnel transform based DRPE systems. The results show that the LCT based DRPE has an excellent avalanche and bit independence characteristics than that of using the conventional Fourier and Fresnel based encryption systems.

Home blood pressure monitoring, secure electronic messaging and medication intensification for improving hypertension control: a mediation analysis.

PubMed

Ralston, J D; Cook, A J; Anderson, M L; Catz, S L; Fishman, P A; Carlson, J; Johnson, R; Green, B B

2014-01-01

We evaluated the role of home monitoring, communication with pharmacists, medication intensification, medication adherence and lifestyle factors in contributing to the effectiveness of an intervention to improve blood pressure control in patients with uncontrolled essential hypertension. We performed a mediation analysis of a published randomized trial based on the Chronic Care Model delivered over a secure patient website from June 2005 to December 2007. Study arms analyzed included usual care with a home blood pressure monitor and usual care with home blood pressure monitor and web-based pharmacist care. Mediator measures included secure messaging and telephone encounters; home blood pressure monitoring; medications intensification and adherence and lifestyle factors. Overall fidelity to the Chronic Care Model was assessed with the Patient Assessment of Chronic Care (PACIC) instrument. The primary outcome was percent of participants with blood pressure (BP) <140/90 mm Hg. At 12 months follow-up, patients in the web-based pharmacist care group were more likely to have BP <140/90 mm Hg (55%) compared to patients in the group with home blood pressure monitors only (37%) (p = 0.001). Home blood pressure monitoring accounted for 30.3% of the intervention effect, secure electronic messaging accounted for 96%, and medication intensification for 29.3%. Medication adherence and self-report of fruit and vegetable intake and weight change were not different between the two study groups. The PACIC score accounted for 22.0 % of the main intervention effect. The effect of web-based pharmacist care on improved blood pressure control was explained in part through a combination of home blood pressure monitoring, secure messaging, and antihypertensive medication intensification.

A secure operational model for mobile payments.

PubMed

Chang, Tao-Ku

2014-01-01

Instead of paying by cash, check, or credit cards, customers can now also use their mobile devices to pay for a wide range of services and both digital and physical goods. However, customers' security concerns are a major barrier to the broad adoption and use of mobile payments. In this paper we present the design of a secure operational model for mobile payments in which access control is based on a service-oriented architecture. A customer uses his/her mobile device to get authorization from a remote server and generate a two-dimensional barcode as the payment certificate. This payment certificate has a time limit and can be used once only. The system also provides the ability to remotely lock and disable the mobile payment service.

A Secure Operational Model for Mobile Payments

PubMed Central

2014-01-01

Instead of paying by cash, check, or credit cards, customers can now also use their mobile devices to pay for a wide range of services and both digital and physical goods. However, customers' security concerns are a major barrier to the broad adoption and use of mobile payments. In this paper we present the design of a secure operational model for mobile payments in which access control is based on a service-oriented architecture. A customer uses his/her mobile device to get authorization from a remote server and generate a two-dimensional barcode as the payment certificate. This payment certificate has a time limit and can be used once only. The system also provides the ability to remotely lock and disable the mobile payment service. PMID:25386607

OpenID Connect as a security service in cloud-based medical imaging systems

PubMed Central

Ma, Weina; Sartipi, Kamran; Sharghigoorabi, Hassan; Koff, David; Bak, Peter

2016-01-01

Abstract. The evolution of cloud computing is driving the next generation of medical imaging systems. However, privacy and security concerns have been consistently regarded as the major obstacles for adoption of cloud computing by healthcare domains. OpenID Connect, combining OpenID and OAuth together, is an emerging representational state transfer-based federated identity solution. It is one of the most adopted open standards to potentially become the de facto standard for securing cloud computing and mobile applications, which is also regarded as “Kerberos of cloud.” We introduce OpenID Connect as an authentication and authorization service in cloud-based diagnostic imaging (DI) systems, and propose enhancements that allow for incorporating this technology within distributed enterprise environments. The objective of this study is to offer solutions for secure sharing of medical images among diagnostic imaging repository (DI-r) and heterogeneous picture archiving and communication systems (PACS) as well as Web-based and mobile clients in the cloud ecosystem. The main objective is to use OpenID Connect open-source single sign-on and authorization service and in a user-centric manner, while deploying DI-r and PACS to private or community clouds should provide equivalent security levels to traditional computing model. PMID:27340682

Fuzzy portfolio model with fuzzy-input return rates and fuzzy-output proportions

NASA Astrophysics Data System (ADS)

Tsaur, Ruey-Chyn

2015-02-01

In the finance market, a short-term investment strategy is usually applied in portfolio selection in order to reduce investment risk; however, the economy is uncertain and the investment period is short. Further, an investor has incomplete information for selecting a portfolio with crisp proportions for each chosen security. In this paper we present a new method of constructing fuzzy portfolio model for the parameters of fuzzy-input return rates and fuzzy-output proportions, based on possibilistic mean-standard deviation models. Furthermore, we consider both excess or shortage of investment in different economic periods by using fuzzy constraint for the sum of the fuzzy proportions, and we also refer to risks of securities investment and vagueness of incomplete information during the period of depression economics for the portfolio selection. Finally, we present a numerical example of a portfolio selection problem to illustrate the proposed model and a sensitivity analysis is realised based on the results.

Using Trust to Establish a Secure Routing Model in Cognitive Radio Network.

PubMed

Zhang, Guanghua; Chen, Zhenguo; Tian, Liqin; Zhang, Dongwen

2015-01-01

Specific to the selective forwarding attack on routing in cognitive radio network, this paper proposes a trust-based secure routing model. Through monitoring nodes' forwarding behaviors, trusts of nodes are constructed to identify malicious nodes. In consideration of that routing selection-based model must be closely collaborative with spectrum allocation, a route request piggybacking available spectrum opportunities is sent to non-malicious nodes. In the routing decision phase, nodes' trusts are used to construct available path trusts and delay measurement is combined for making routing decisions. At the same time, according to the trust classification, different responses are made specific to their service requests. By adopting stricter punishment on malicious behaviors from non-trusted nodes, the cooperation of nodes in routing can be stimulated. Simulation results and analysis indicate that this model has good performance in network throughput and end-to-end delay under the selective forwarding attack.

Chemical supply chain modeling for analysis of homeland security events

DOE PAGES

Ehlen, Mark A.; Sun, Amy C.; Pepple, Mark A.; ...

2013-09-06

The potential impacts of man-made and natural disasters on chemical plants, complexes, and supply chains are of great importance to homeland security. To be able to estimate these impacts, we developed an agent-based chemical supply chain model that includes: chemical plants with enterprise operations such as purchasing, production scheduling, and inventories; merchant chemical markets, and multi-modal chemical shipments. Large-scale simulations of chemical-plant activities and supply chain interactions, running on desktop computers, are used to estimate the scope and duration of disruptive-event impacts, and overall system resilience, based on the extent to which individual chemical plants can adjust their internal operationsmore » (e.g., production mixes and levels) versus their external interactions (market sales and purchases, and transportation routes and modes). As a result, to illustrate how the model estimates the impacts of a hurricane disruption, a simple example model centered on 1,4-butanediol is presented.« less

[Human resources requirements for diabetic patients healthcare in primary care clinics of the Mexican Institute of Social Security].

PubMed

Doubova, Svetlana V; Ramírez-Sánchez, Claudine; Figueroa-Lara, Alejandro; Pérez-Cuevas, Ricardo

2013-12-01

To estimate the requirements of human resources (HR) of two models of care for diabetes patients: conventional and specific, also called DiabetIMSS, which are provided in primary care clinics of the Mexican Institute of Social Security (IMSS). An evaluative research was conducted. An expert group identified the HR activities and time required to provide healthcare consistent with the best clinical practices for diabetic patients. HR were estimated by using the evidence-based adjusted service target approach for health workforce planning; then, comparisons between existing and estimated HRs were made. To provide healthcare in accordance with the patients' metabolic control, the conventional model required increasing the number of family doctors (1.2 times) nutritionists (4.2 times) and social workers (4.1 times). The DiabetIMSS model requires greater increase than the conventional model. Increasing HR is required to provide evidence-based healthcare to diabetes patients.

An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

PubMed

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-07-24

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

PubMed Central

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-01-01

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged. PMID:23887085

Identity-Based Verifiably Encrypted Signatures without Random Oracles

NASA Astrophysics Data System (ADS)

Zhang, Lei; Wu, Qianhong; Qin, Bo

Fair exchange protocol plays an important role in electronic commerce in the case of exchanging digital contracts. Verifiably encrypted signatures provide an optimistic solution to these scenarios with an off-line trusted third party. In this paper, we propose an identity-based verifiably encrypted signature scheme. The scheme is non-interactive to generate verifiably encrypted signatures and the resulting encrypted signature consists of only four group elements. Based on the computational Diffie-Hellman assumption, our scheme is proven secure without using random oracles. To the best of our knowledge, this is the first identity-based verifiably encrypted signature scheme provably secure in the standard model.

Validation of the "Security Needs Assessment Profile" for measuring the profiles of security needs of Chinese forensic psychiatric inpatients.

PubMed

Siu, B W M; Au-Yeung, C C Y; Chan, A W L; Chan, L S Y; Yuen, K K; Leung, H W; Yan, C K; Ng, K K; Lai, A C H; Davies, S; Collins, M

Mapping forensic psychiatric services with the security needs of patients is a salient step in service planning, audit and review. A valid and reliable instrument for measuring the security needs of Chinese forensic psychiatric inpatients was not yet available. This study aimed to develop and validate the Chinese version of the Security Needs Assessment Profile for measuring the profiles of security needs of Chinese forensic psychiatric inpatients. The Security Needs Assessment Profile by Davis was translated into Chinese. Its face validity, content validity, construct validity and internal consistency reliability were assessed by measuring the security needs of 98 Chinese forensic psychiatric inpatients. Principal factor analysis for construct validity provided a six-factor security needs model explaining 68.7% of the variance. Based on the Cronbach's alpha coefficient, the internal consistency reliability was rated as acceptable for procedural security (0.73), and fair for both physical security (0.62) and relational security (0.58). A significant sex difference (p=0.002) in total security score was found. The Chinese version of the Security Needs Assessment Profile is a valid and reliable instrument for assessing the security needs of Chinese forensic psychiatric inpatients. Copyright © 2017 Elsevier Ltd. All rights reserved.

Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan.

PubMed

Sahi, Aqeel; Lai, David; Li, Yan

2016-11-01

Cloud computing was introduced as an alternative storage and computing model in the health sector as well as other sectors to handle large amounts of data. Many healthcare companies have moved their electronic data to the cloud in order to reduce in-house storage, IT development and maintenance costs. However, storing the healthcare records in a third-party server may cause serious storage, security and privacy issues. Therefore, many approaches have been proposed to preserve security as well as privacy in cloud computing projects. Cryptographic-based approaches were presented as one of the best ways to ensure the security and privacy of healthcare data in the cloud. Nevertheless, the cryptographic-based approaches which are used to transfer health records safely remain vulnerable regarding security, privacy, or the lack of any disaster recovery strategy. In this paper, we review the related work on security and privacy preserving as well as disaster recovery in the eHealth cloud domain. Then we propose two approaches, the Security-Preserving approach and the Privacy-Preserving approach, and a disaster recovery plan. The Security-Preserving approach is a robust means of ensuring the security and integrity of Electronic Health Records, and the Privacy-Preserving approach is an efficient authentication approach which protects the privacy of Personal Health Records. Finally, we discuss how the integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects. Copyright © 2016 Elsevier Ltd. All rights reserved.

An enhanced MMW and SMMW/THz imaging system performance prediction and analysis tool for concealed weapon detection and pilotage obstacle avoidance

NASA Astrophysics Data System (ADS)

Murrill, Steven R.; Jacobs, Eddie L.; Franck, Charmaine C.; Petkie, Douglas T.; De Lucia, Frank C.

2015-10-01

The U.S. Army Research Laboratory (ARL) has continued to develop and enhance a millimeter-wave (MMW) and submillimeter- wave (SMMW)/terahertz (THz)-band imaging system performance prediction and analysis tool for both the detection and identification of concealed weaponry, and for pilotage obstacle avoidance. The details of the MATLAB-based model which accounts for the effects of all critical sensor and display components, for the effects of atmospheric attenuation, concealment material attenuation, and active illumination, were reported on at the 2005 SPIE Europe Security and Defence Symposium (Brugge). An advanced version of the base model that accounts for both the dramatic impact that target and background orientation can have on target observability as related to specular and Lambertian reflections captured by an active-illumination-based imaging system, and for the impact of target and background thermal emission, was reported on at the 2007 SPIE Defense and Security Symposium (Orlando). Further development of this tool that includes a MODTRAN-based atmospheric attenuation calculator and advanced system architecture configuration inputs that allow for straightforward performance analysis of active or passive systems based on scanning (single- or line-array detector element(s)) or staring (focal-plane-array detector elements) imaging architectures was reported on at the 2011 SPIE Europe Security and Defence Symposium (Prague). This paper provides a comprehensive review of a newly enhanced MMW and SMMW/THz imaging system analysis and design tool that now includes an improved noise sub-model for more accurate and reliable performance predictions, the capability to account for postcapture image contrast enhancement, and the capability to account for concealment material backscatter with active-illumination- based systems. Present plans for additional expansion of the model's predictive capabilities are also outlined.

Profiles of Food Security for US Farmworker Households and Factors Related to Dynamic of Change.

PubMed

Ip, Edward H; Saldana, Santiago; Arcury, Thomas A; Grzywacz, Joseph G; Trejo, Grisel; Quandt, Sara A

2015-10-01

We recruited 248 farmworker families with preschool-aged children in North Carolina and examined food security indicators over 24 months to identify food security patterns and examine the dynamic of change over time. Participants in the Niños Sanos study, conducted 2011 to 2014, completed quarterly food security assessments. Based on responses to items in the US Household Food Security Survey Module, we identified different states of food security by using hidden Markov model analysis, and examined factors associated with different states. We delineated factors associated with changes in state by using mixed-effect ordinal logistic regression. About half of the households (51%) consistently stayed in the most food-secure state. The least food-secure state was transient, with only 29% probability of this state for 2 consecutive quarters. Seasonal (vs migrant) work status, having immigration documents (vs not documented), and season predicted higher levels of food security. Heterogeneity in food security among farmworker households calls for tailoring intervention strategies. The transiency and unpredictability of low food security suggest that access to safety-net programs could reduce low food security risk in this population.

Profiles of Food Security for US Farmworker Households and Factors Related to Dynamic of Change

PubMed Central

Saldana, Santiago; Arcury, Thomas A.; Grzywacz, Joseph G.; Trejo, Grisel; Quandt, Sara A.

2015-01-01

Objectives. We recruited 248 farmworker families with preschool-aged children in North Carolina and examined food security indicators over 24 months to identify food security patterns and examine the dynamic of change over time. Methods. Participants in the Niños Sanos study, conducted 2011 to 2014, completed quarterly food security assessments. Based on responses to items in the US Household Food Security Survey Module, we identified different states of food security by using hidden Markov model analysis, and examined factors associated with different states. We delineated factors associated with changes in state by using mixed-effect ordinal logistic regression. Results. About half of the households (51%) consistently stayed in the most food-secure state. The least food-secure state was transient, with only 29% probability of this state for 2 consecutive quarters. Seasonal (vs migrant) work status, having immigration documents (vs not documented), and season predicted higher levels of food security. Conclusions. Heterogeneity in food security among farmworker households calls for tailoring intervention strategies. The transiency and unpredictability of low food security suggest that access to safety-net programs could reduce low food security risk in this population. PMID:26270304

Risk to Water Security on Small Islands

NASA Astrophysics Data System (ADS)

Holding, S. T.; Allen, D. M.

2013-12-01

The majority of fresh water available on small islands is shallow groundwater that forms a freshwater lens. Freshwater lenses are generally limited in extent and as such are vulnerable to many stressors that impact water security. These include stressors related to climate change, such as sea level rise, as well as those related to human impacts, such as contamination. Traditionally, water security assessments have focussed on indicators that provide a snapshot of the current condition. However, recent work suggests that in order to effectively manage the water system, it is also important to consider uncertain future impacts to the system by evaluating how different stressors might impact water security. In this study, a framework for assessing risk to water security was developed and tested on Andros Island in The Bahamas. The assessment comprises two main components that characterise the water system: numerical modelling studies and a hazard survey. A baseline numerical model of the freshwater lens throughout Andros Island was developed to simulate the morphology of the freshwater lens and estimate the freshwater resources currently available. The model was prepared using SEAWAT, a density-dependent flow and solute transport code. Various stressors were simulated in the model to evaluate the response of the freshwater lens to predicted future shifts in climate patterns, sea level rise, and changes in water use. A hazard survey was also conducted on the island to collect information related to the storage of contaminants, sanitation infrastructure, waste disposal practices and groundwater abstraction rates. The results of the survey form a geo-spatial database of the location and associated hazards to the freshwater lens. The resulting risk framework provides a ranking of overall risk to water security based on information from the numerical modelling and hazard survey. The risk framework is implemented in a Geographic Information System (GIS) and provides a map of the risk to water security throughout Andros Island. It evaluates risk to water security for current and future scenarios and will enable water resource managers to effectively adapt to future impacts on water security.

Using secure web services to visualize poison center data for nationwide biosurveillance: a case study.

PubMed

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance.

Spatial downscaling of soil prediction models based on weighted generalized additive models in smallholder farm settings.

PubMed

Xu, Yiming; Smith, Scot E; Grunwald, Sabine; Abd-Elrahman, Amr; Wani, Suhas P; Nair, Vimala D

2017-09-11

Digital soil mapping (DSM) is gaining momentum as a technique to help smallholder farmers secure soil security and food security in developing regions. However, communications of the digital soil mapping information between diverse audiences become problematic due to the inconsistent scale of DSM information. Spatial downscaling can make use of accessible soil information at relatively coarse spatial resolution to provide valuable soil information at relatively fine spatial resolution. The objective of this research was to disaggregate the coarse spatial resolution soil exchangeable potassium (K ex ) and soil total nitrogen (TN) base map into fine spatial resolution soil downscaled map using weighted generalized additive models (GAMs) in two smallholder villages in South India. By incorporating fine spatial resolution spectral indices in the downscaling process, the soil downscaled maps not only conserve the spatial information of coarse spatial resolution soil maps but also depict the spatial details of soil properties at fine spatial resolution. The results of this study demonstrated difference between the fine spatial resolution downscaled maps and fine spatial resolution base maps is smaller than the difference between coarse spatial resolution base maps and fine spatial resolution base maps. The appropriate and economical strategy to promote the DSM technique in smallholder farms is to develop the relatively coarse spatial resolution soil prediction maps or utilize available coarse spatial resolution soil maps at the regional scale and to disaggregate these maps to the fine spatial resolution downscaled soil maps at farm scale.

Food insecurity and diabetes self-management among food pantry clients.

PubMed

Ippolito, Matthew M; Lyles, Courtney R; Prendergast, Kimberly; Marshall, Michelle Berger; Waxman, Elaine; Seligman, Hilary Kessler

2017-01-01

To examine the association between level of food security and diabetes self-management among food pantry clients, which is largely not possible using clinic-based sampling methods. Cross-sectional descriptive study. Community-based food pantries in California, Ohio and Texas, USA, from March 2012 through March 2014. Convenience sample of adults with diabetes queuing at pantries (n 1237; 83 % response). Sampled adults were stratified as food secure, low food secure or very low food secure. We used point-of-care glycated Hb (HbA1c) testing to determine glycaemic control and captured diabetes self-management using validated survey items. The sample was 70 % female, 55 % Latino/Hispanic, 25 % white and 10 % black/African American, with a mean age of 56 years. Eighty-four per cent were food insecure, one-half of whom had very low food security. Mean HbA1c was 8·1 % and did not vary significantly by food security status. In adjusted models, very-low-food-secure participants, compared with both low-food-secure and food-secure participants, had poorer diabetes self-efficacy, greater diabetes distress, greater medication non-adherence, higher prevalence of severe hypoglycaemic episodes, higher prevalence of depressive symptoms, more medication affordability challenges, and more food and medicine or health supply trade-offs. Few studies of the health impact of food security have been able to examine very low food security. In a food pantry sample with high rates of food insecurity, we found that diabetes self-management becomes increasingly difficult as food security worsens. The efficacy of interventions to improve diabetes self-management may increase if food security is simultaneously addressed.

On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals

NASA Astrophysics Data System (ADS)

Masi, Massimiliano; Pugliese, Rosario; Tiezzi, Francesco

The importance of the Electronic Health Record (EHR) has been addressed in recent years by governments and institutions.Many large scale projects have been funded with the aim to allow healthcare professionals to consult patients data. Properties such as confidentiality, authentication and authorization are the key for the success for these projects. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of established standards for authenticated and secure EHR exchanges among clinics and hospitals. In particular, the IHE integration profile named XUA permits to attest user identities by relying on SAML assertions, i.e. XML documents containing authentication statements. In this paper, we provide a formal model for the secure issuance of such an assertion. We first specify the scenario using the process calculus COWS and then analyse it using the model checker CMC. Our analysis reveals a potential flaw in the XUA profile when using a SAML assertion in an unprotected network. We then suggest a solution for this flaw, and model check and implement this solution to show that it is secure and feasible.

Framework and prototype for a secure XML-based electronic health records system.

PubMed

Steele, Robert; Gardner, William; Chandra, Darius; Dillon, Tharam S

2007-01-01

Security of personal medical information has always been a challenge for the advancement of Electronic Health Records (EHRs) initiatives. eXtensible Markup Language (XML), is rapidly becoming the key standard for data representation and transportation. The widespread use of XML and the prospect of its use in the Electronic Health (e-health) domain highlights the need for flexible access control models for XML data and documents. This paper presents a declarative access control model for XML data repositories that utilises an expressive XML role control model. The operational semantics of this model are illustrated by Xplorer, a user interface generation engine which supports search-browse-navigate activities on XML repositories.

17 CFR 240.3a68-2 - Requests for interpretation of swaps, security-based swaps, and mixed swaps.

Code of Federal Regulations, 2014 CFR

2014-04-01

... swaps, security-based swaps, and mixed swaps. 240.3a68-2 Section 240.3a68-2 Commodity and Securities..., Security-Based Swap, and Security-Based Swap Agreement; Mixed Swaps; Security-Based Swap Agreement Recordkeeping § 240.3a68-2 Requests for interpretation of swaps, security-based swaps, and mixed swaps. (a) In...

17 CFR 240.3a68-2 - Requests for interpretation of swaps, security-based swaps, and mixed swaps.

Code of Federal Regulations, 2013 CFR

2013-04-01

... swaps, security-based swaps, and mixed swaps. 240.3a68-2 Section 240.3a68-2 Commodity and Securities..., Security-Based Swap, and Security-Based Swap Agreement; Mixed Swaps; Security-Based Swap Agreement Recordkeeping § 240.3a68-2 Requests for interpretation of swaps, security-based swaps, and mixed swaps. (a) In...

Continuous-variable protocol for oblivious transfer in the noisy-storage model.

PubMed

Furrer, Fabian; Gehring, Tobias; Schaffner, Christian; Pacher, Christoph; Schnabel, Roman; Wehner, Stephanie

2018-04-13

Cryptographic protocols are the backbone of our information society. This includes two-party protocols which offer protection against distrustful players. Such protocols can be built from a basic primitive called oblivious transfer. We present and experimentally demonstrate here a quantum protocol for oblivious transfer for optical continuous-variable systems, and prove its security in the noisy-storage model. This model allows us to establish security by sending more quantum signals than an attacker can reliably store during the protocol. The security proof is based on uncertainty relations which we derive for continuous-variable systems, that differ from the ones used in quantum key distribution. We experimentally demonstrate in a proof-of-principle experiment the proposed oblivious transfer protocol for various channel losses by using entangled two-mode squeezed states measured with balanced homodyne detection. Our work enables the implementation of arbitrary two-party quantum cryptographic protocols with continuous-variable communication systems.

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network

PubMed Central

Yang, Bin; Zhang, Jianfeng

2017-01-01

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme. PMID:28657588

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

PubMed

Yang, Bin; Zhang, Jianfeng

2017-06-28

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

Complexity Studies and Security in the Complex World: An Epistemological Framework of Analysis

NASA Astrophysics Data System (ADS)

Mesjasz, Czeslaw

The impact of systems thinking can be found in numerous security-oriented research, beginning from the early works on international system: Pitrim Sorokin, Quincy Wright, first models of military conflict and war: Frederick Lanchester, Lewis F. Richardson, national and military security (origins of RAND Corporation), through development of game theory-based conflict studies, International Relations, classical security studies of Morton A. Kaplan, Karl W. Deutsch [Mesjasz 1988], and ending with contemporary ideas of broadened concepts of security proposed by the Copenhagen School [Buzan et al 1998]. At present it may be even stated that the new military and non-military threats to contemporary complex society, such as low-intensity conflicts, regional conflicts, terrorism, environmental disturbances, etc. cannot be embraced without ideas taken from modern complex systems studies.

Threat driven modeling framework using petri nets for e-learning system.

PubMed

Khamparia, Aditya; Pandey, Babita

2016-01-01

Vulnerabilities at various levels are main cause of security risks in e-learning system. This paper presents a modified threat driven modeling framework, to identify the threats after risk assessment which requires mitigation and how to mitigate those threats. To model those threat mitigations aspects oriented stochastic petri nets are used. This paper included security metrics based on vulnerabilities present in e-learning system. The Common Vulnerability Scoring System designed to provide a normalized method for rating vulnerabilities which will be used as basis in metric definitions and calculations. A case study has been also proposed which shows the need and feasibility of using aspect oriented stochastic petri net models for threat modeling which improves reliability, consistency and robustness of the e-learning system.

Quantum Attack-Resistent Certificateless Multi-Receiver Signcryption Scheme

PubMed Central

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards. PMID:23967037

A New Model for the Financing of Higher Education Institutions by Students and Alumni.

ERIC Educational Resources Information Center

Schily, Konrad

2003-01-01

Describes a new model of university funding by German students and alumni. A system of tuition fees was introduced to secure the university's future. Based on the "reversed generation contract" concept, there are three options for payment (payment after graduation based on income, immediate payment, and paying half of the total tuition…

Health information security: a case study of three selected medical centers in iran.

PubMed

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-03-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients' electronic records and health information systems have become a source for hackers. This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts' points of view. Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of "verification and system design, user access management, access control system", Al Zahra Hospital in two indicators of "access management and network access control" and Amin Hospital in "equipment safety and system design". In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place.

Health Information Security: A Case Study of Three Selected Medical Centers in Iran

PubMed Central

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-01-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients’ electronic records and health information systems have become a source for hackers. Methods This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts’ points of view. Results and discussion Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of “verification and system design, user access management, access control system”, Al Zahra Hospital in two indicators of “access management and network access control” and Amin Hospital in “equipment safety and system design”. In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place. PMID:23572861

A Study on the Security Levels of Spread-Spectrum Embedding Schemes in the WOA Framework.

PubMed

Wang, Yuan-Gen; Zhu, Guopu; Kwong, Sam; Shi, Yun-Qing

2017-08-23

Security analysis is a very important issue for digital watermarking. Several years ago, according to Kerckhoffs' principle, the famous four security levels, namely insecurity, key security, subspace security, and stego-security, were defined for spread-spectrum (SS) embedding schemes in the framework of watermarked-only attack. However, up to now there has been little application of the definition of these security levels to the theoretical analysis of the security of SS embedding schemes, due to the difficulty of the theoretical analysis. In this paper, based on the security definition, we present a theoretical analysis to evaluate the security levels of five typical SS embedding schemes, which are the classical SS, the improved SS (ISS), the circular extension of ISS, the nonrobust and robust natural watermarking, respectively. The theoretical analysis of these typical SS schemes are successfully performed by taking advantage of the convolution of probability distributions to derive the probabilistic models of watermarked signals. Moreover, simulations are conducted to illustrate and validate our theoretical analysis. We believe that the theoretical and practical analysis presented in this paper can bridge the gap between the definition of the four security levels and its application to the theoretical analysis of SS embedding schemes.

Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

NASA Astrophysics Data System (ADS)

Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

2016-12-01

Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

Assessment of ecological security based on soil and water conservation: a case study from Gansu Province, China

NASA Astrophysics Data System (ADS)

Li, Z. J.; Tian, Q.; Song, L. L.

2016-08-01

In this study, the analytic hierarchy process (ahp), ecological security index(S) and PSR model were used to evaluate Gansu's ecological security based on the large number of survey data. The results indicated that Gansu's ecological security index increased from 0.31 in 1986 to 0.66 in 2013, which reflected ecological security was in sensitive state (0.7༞S≥⃒0.5). The main reason was that national policy on protecting the ecological environment has played a crucial role, especially the national project of returning farmland to forest and grass carried out in recent years. Moreover, the environmental issues such as the higher PM2.5, sand storms and climate extremes, had significantly improved people's environmental awareness in the study area. The regional difference of ecological security index was significant in Gansu Provinces, and the part of Yangtze river basin was higher than the part of Yellow River basin, whiles the in-land river basin was the lowest value. In a world, Gansu's ecological security had improved in recent years, but there was strong need for paying more attention to policy for ecological environment protection and increasing the propaganda to ensure the Gansu's ecological security in the future. This study will provide a scientific basis for the sustainable development of regional social economy and ecological environment.

A Security Architecture for Grid-enabling OGC Web Services

NASA Astrophysics Data System (ADS)

Angelini, Valerio; Petronzio, Luca

2010-05-01

In the proposed presentation we describe an architectural solution for enabling a secure access to Grids and possibly other large scale on-demand processing infrastructures through OGC (Open Geospatial Consortium) Web Services (OWS). This work has been carried out in the context of the security thread of the G-OWS Working Group. G-OWS (gLite enablement of OGC Web Services) is an international open initiative started in 2008 by the European CYCLOPS , GENESI-DR, and DORII Project Consortia in order to collect/coordinate experiences in the enablement of OWS's on top of the gLite Grid middleware. G-OWS investigates the problem of the development of Spatial Data and Information Infrastructures (SDI and SII) based on the Grid/Cloud capacity in order to enable Earth Science applications and tools. Concerning security issues, the integration of OWS compliant infrastructures and gLite Grids needs to address relevant challenges, due to their respective design principles. In fact OWS's are part of a Web based architecture that demands security aspects to other specifications, whereas the gLite middleware implements the Grid paradigm with a strong security model (the gLite Grid Security Infrastructure: GSI). In our work we propose a Security Architectural Framework allowing the seamless use of Grid-enabled OGC Web Services through the federation of existing security systems (mostly web based) with the gLite GSI. This is made possible mediating between different security realms, whose mutual trust is established in advance during the deployment of the system itself. Our architecture is composed of three different security tiers: the user's security system, a specific G-OWS security system, and the gLite Grid Security Infrastructure. Applying the separation-of-concerns principle, each of these tiers is responsible for controlling the access to a well-defined resource set, respectively: the user's organization resources, the geospatial resources and services, and the Grid resources. While the gLite middleware is tied to a consolidated security approach based on X.509 certificates, our system is able to support different kinds of user's security infrastructures. Our central component, the G-OWS Security Framework, is based on the OASIS WS-Trust specifications and on the OGC GeoRM architectural framework. This allows to satisfy advanced requirements such as the enforcement of specific geospatial policies and complex secure web service chained requests. The typical use case is represented by a scientist belonging to a given organization who issues a request to a G-OWS Grid-enabled Web Service. The system initially asks the user to authenticate to his/her organization's security system and, after verification of the user's security credentials, it translates the user's digital identity into a G-OWS identity. This identity is linked to a set of attributes describing the user's access rights to the G-OWS services and resources. Inside the G-OWS Security system, access restrictions are applied making use of the enhanced Geospatial capabilities specified by the OGC GeoXACML. If the required action needs to make use of the Grid environment the system checks if the user is entitled to access a Grid infrastructure. In that case his/her identity is translated to a temporary Grid security token using the Short Lived Credential Services (IGTF Standard). In our case, for the specific gLite Grid infrastructure, some information (VOMS Attributes) is plugged into the Grid Security Token to grant the access to the user's Virtual Organization Grid resources. The resulting token is used to submit the request to the Grid and also by the various gLite middleware elements to verify the user's grants. Basing on the presented framework, the G-OWS Security Working Group developed a prototype, enabling the execution of OGC Web Services on the EGEE Production Grid through the federation with a Shibboleth based security infrastructure. Future plans aim to integrate other Web authentication services such as OpenID, Kerberos and WS-Federation.

Microstructure-Sensitive Modeling of High Cycle Fatigue (Preprint)

DTIC Science & Technology

2009-03-01

SUBJECT TERMS microplasticity , microstructure-sensitive modeling, high cycle fatigue, fatigue variability 16. SECURITY CLASSIFICATION OF: 17...3Air Force Research Laboratory Wright Patterson Air Force Base, Ohio 45433 Keywords: Microplasticity , microstructure-sensitive modeling, high cycle...cyclic microplasticity ) plays a key role in modeling fatigue resistance. Unlike effective properties such as elastic stiffness, fatigue is

Modeling IoT-Based Solutions Using Human-Centric Wireless Sensor Networks

PubMed Central

Monares, Álvaro; Ochoa, Sergio F.; Santos, Rodrigo; Orozco, Javier; Meseguer, Roc

2014-01-01

The Internet of Things (IoT) has inspired solutions that are already available for addressing problems in various application scenarios, such as healthcare, security, emergency support and tourism. However, there is no clear approach to modeling these systems and envisioning their capabilities at the design time. Therefore, the process of designing these systems is ad hoc and its real impact is evaluated once the solution is already implemented, which is risky and expensive. This paper proposes a modeling approach that uses human-centric wireless sensor networks to specify and evaluate models of IoT-based systems at the time of design, avoiding the need to spend time and effort on early implementations of immature designs. It allows designers to focus on the system design, leaving the implementation decisions for a next phase. The article illustrates the usefulness of this proposal through a running example, showing the design of an IoT-based solution to support the first responses during medium-sized or large urban incidents. The case study used in the proposal evaluation is based on a real train crash. The proposed modeling approach can be used to design IoT-based systems for other application scenarios, e.g., to support security operatives or monitor chronic patients in their homes. PMID:25157549

Modeling IoT-based solutions using human-centric wireless sensor networks.

PubMed

Monares, Álvaro; Ochoa, Sergio F; Santos, Rodrigo; Orozco, Javier; Meseguer, Roc

2014-08-25

The Internet of Things (IoT) has inspired solutions that are already available for addressing problems in various application scenarios, such as healthcare, security, emergency support and tourism. However, there is no clear approach to modeling these systems and envisioning their capabilities at the design time. Therefore, the process of designing these systems is ad hoc and its real impact is evaluated once the solution is already implemented, which is risky and expensive. This paper proposes a modeling approach that uses human-centric wireless sensor networks to specify and evaluate models of IoT-based systems at the time of design, avoiding the need to spend time and effort on early implementations of immature designs. It allows designers to focus on the system design, leaving the implementation decisions for a next phase. The article illustrates the usefulness of this proposal through a running example, showing the design of an IoT-based solution to support the first responses during medium-sized or large urban incidents. The case study used in the proposal evaluation is based on a real train crash. The proposed modeling approach can be used to design IoT-based systems for other application scenarios, e.g., to support security operatives or monitor chronic patients in their homes.

[System construction of early warning for ecological security at cultural and natural heritage mixed sites and its application: a case study of Wuyishan Scenery District].

PubMed

You, Wei-Bin; He, Dong-Jin; Qin, De-Hua; Ji, Zhi-Rong; Wu, Li-Yun; Yu, Jian-An; Chen, Bing-Rong; Tan, Yong

2014-05-01

This paper proposed a new concept of ecological security for protection by a comprehensive analysis of the contents and standards of world heritage sites. A frame concept model named "Pressure-State-Control" for early warning of ecological security at world heritage mixed sites was constructed and evaluation indicators of this frame were also selected. Wuyishan Scenery District was chosen for a case study, which has been severely disturbed by natural and artificial factors. Based on the frame model of "Pressure-State-Control" and by employing extension analysis, the matter-element model was established to assess the ecological security status of this cultural and natural world heritage mixed site. The results showed that the accuracy of ecological security early warning reached 84%. Early warning rank was I level (no alert status) in 1997 and 2009, but that in 2009 had a higher possibility to convert into II level. Likewise, the early-warning indices of sensitive ranks were different between 1997 and 2009. Population density, population growth rate, area index for tea garden, cultivated land owned per capita, level of drought, and investment for ecological and environmental construction were the main limiting factors to hinder the development of ecological security from 2009 to future. In general, the status of Wuyishan Scenery District ecological security was relatively good and considered as no alert level, while risk conditions also existed in terms of a few early-warning indicators. We still need to pay more attention to serious alert indicators and adopt effective prevention and control measures to maintain a good ecological security status of this heritage site.

MACCIS 2.0 - An Architecture Description Framework for Technical Infostructures and Their Enterprise Environment

DTIC Science & Technology

2004-06-01

Viewpoint Component Viewpoint View Architecture Description of Enterprise or Infostructure View Security Concern Business Security Model Business...security concern, when applied to the different viewpoints, addresses both stakeholders, and is described as a business security model or component...Viewpoint View Architecture Description of Enterprise or Infostructure View Security Concern Business Security Model Business Stakeholder IT Architect

Secure and Resilient Functional Modeling for Navy Cyber-Physical Systems

DTIC Science & Technology

2017-05-24

Functional Modeling Compiler (SCCT) FM Compiler and Key Performance Indicators (KPI) May 2018 Pending. Model Management Backbone (SCCT) MMB Demonstration...implement the agent- based distributed runtime. - KPIs for single/multicore controllers and temporal/spatial domains. - Integration of the model management ...Distributed Runtime (UCI) Not started. Model Management Backbone (SCCT) Not started. Siemens Corporation Corporate Technology Unrestricted

In the Face of Cybersecurity: How the Common Information Model Can Be Used

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skare, Paul; Falk, Herbert; Rice, Mark

2016-01-01

Efforts are underway to combine smart grid information, devices, networking, and emergency response information to create messages that are not dependent on specific standards development organizations (SDOs). This supports a future-proof approach of allowing changes in the canonical data models (CDMs) going forward without having to perform forklift replacements of solutions that use the messages. This also allows end users (electric utilities) to upgrade individual components of a larger system while keeping the message payload definitions intact. The goal is to enable public and private information sharing securely in a standards-based approach that can be integrated into existing operations. Wemore » provide an example architecture that could benefit from this multi-SDO, secure message approach. This article also describes how to improve message security« less

A Method for Evaluating Information Security Governance (ISG) Components in Banking Environment

NASA Astrophysics Data System (ADS)

Ula, M.; Ula, M.; Fuadi, W.

2017-02-01

As modern banking increasingly relies on the internet and computer technologies to operate their businesses and market interactions, the threats and security breaches have highly increased in recent years. Insider and outsider attacks have caused global businesses lost trillions of Dollars a year. Therefore, that is a need for a proper framework to govern the information security in the banking system. The aim of this research is to propose and design an enhanced method to evaluate information security governance (ISG) implementation in banking environment. This research examines and compares the elements from the commonly used information security governance frameworks, standards and best practices. Their strength and weakness are considered in its approaches. The initial framework for governing the information security in banking system was constructed from document review. The framework was categorized into three levels which are Governance level, Managerial level, and technical level. The study further conducts an online survey for banking security professionals to get their professional judgment about the ISG most critical components and the importance for each ISG component that should be implemented in banking environment. Data from the survey was used to construct a mathematical model for ISG evaluation, component importance data used as weighting coefficient for the related component in the mathematical model. The research further develops a method for evaluating ISG implementation in banking based on the mathematical model. The proposed method was tested through real bank case study in an Indonesian local bank. The study evidently proves that the proposed method has sufficient coverage of ISG in banking environment and effectively evaluates the ISG implementation in banking environment.

AgMIP 1.5°C Assessment: Mitigation and Adaptation at Coordinated Global and Regional Scales

NASA Astrophysics Data System (ADS)

Rosenzweig, C.

2016-12-01

The AgMIP 1.5°C Coordinated Global and Regional Integrated Assessments of Climate Change and Food Security (AgMIP 1.5 CGRA) is linking site-based crop and livestock models with similar models run on global grids, and then links these biophysical components with economics models and nutrition metrics at regional and global scales. The AgMIP 1.5 CGRA assessment brings together experts in climate, crop, livestock, economics, nutrition, and food security to define the 1.5°C Protocols and guide the process throughout the assessment. Scenarios are designed to consistently combine elements of intertwined storylines of future society including socioeconomic development (Shared Socioeconomic Pathways), greenhouse gas concentrations (Representative Concentration Pathways), and specific pathways of agricultural sector development (Representative Agricultural Pathways). Shared Climate Policy Assumptions will be extended to provide additional agricultural detail on mitigation and adaptation strategies. The multi-model, multi-disciplinary, multi-scale integrated assessment framework is using scenarios of economic development, adaptation, mitigation, food policy, and food security. These coordinated assessments are grounded in the expertise of AgMIP partners around the world, leading to more consistent results and messages for stakeholders, policymakers, and the scientific community. The early inclusion of nutrition and food security experts has helped to ensure that assessment outputs include important metrics upon which investment and policy decisions may be based. The CGRA builds upon existing AgMIP research groups (e.g., the AgMIP Wheat Team and the AgMIP Global Gridded Crop Modeling Initiative; GGCMI) and regional programs (e.g., AgMIP Regional Teams in Sub-Saharan Africa and South Asia), with new protocols for cross-scale and cross-disciplinary linkages to ensure the propagation of expert judgment and consistent assumptions.

Modeling and Simulation of Ceramic Arrays to Improve Ballaistic Performance

DTIC Science & Technology

2013-10-01

are modeled using SPH elements. Model validation runs with monolithic SiC tiles are conducted based on the DoP experiments described in reference...TERMS ,30cal AP M2 Projectile, 762x39 PS Projectile, SPH , Aluminum 5083, SiC, DoP Expeminets, AutoDyn Simulations, Tile Gap 16. SECURITY...range 700 m/s to 1000 m/s are modeled using SPH elements. □ Model validation runs with monolithic SiC tiles are conducted based on the DoP

The impact of marital withdrawal and secure base script knowledge on mothers' and fathers' parenting.

PubMed

Trumbell, Jill M; Hibel, Leah C; Mercado, Evelyn; Posada, Germán

2018-06-21

The current study examines associations between marital conflict and negative parenting behaviors among fathers and mothers, and the extent to which internal working models (IWMs) of attachment relationships may serve as sources of risk or resilience during family interactions. The sample consisted of 115 families (mothers, fathers, and their 6-month-old infants) who participated in a controlled experiment. Couples were randomly assigned to engage in either a conflict or positive marital discussion, followed by parent-infant freeplay sessions and assessment of parental IWMs of attachment (i.e., secure base script knowledge). While no differences in parenting behaviors emerged between the conflict and positive groups, findings revealed that couple withdrawal during the marital discussion was related to more intrusive and emotionally disengaged parenting for mothers and fathers. Interestingly, secure base script knowledge was inversely related to intrusion and emotional disengagement for fathers, but not for mothers. Furthermore, only among fathers did secure base script knowledge serve to significantly buffer the impact of marital disengagement on negative parenting (emotional disengagement). Findings are discussed using a family systems framework and expand our understanding of families, and family members, at risk. (PsycINFO Database Record (c) 2018 APA, all rights reserved).

Choice of optical system is critical for the security of double random phase encryption systems

NASA Astrophysics Data System (ADS)

Muniraj, Inbarasan; Guo, Changliang; Malallah, Ra'ed; Cassidy, Derek; Zhao, Liang; Ryle, James P.; Healy, John J.; Sheridan, John T.

2017-06-01

The linear canonical transform (LCT) is used in modeling a coherent light-field propagation through first-order optical systems. Recently, a generic optical system, known as the quadratic phase encoding system (QPES), for encrypting a two-dimensional image has been reported. In such systems, two random phase keys and the individual LCT parameters (α,β,γ) serve as secret keys of the cryptosystem. It is important that such encryption systems also satisfy some dynamic security properties. We, therefore, examine such systems using two cryptographic evaluation methods, the avalanche effect and bit independence criterion, which indicate the degree of security of the cryptographic algorithms using QPES. We compared our simulation results with the conventional Fourier and the Fresnel transform-based double random phase encryption (DRPE) systems. The results show that the LCT-based DRPE has an excellent avalanche and bit independence characteristics compared to the conventional Fourier and Fresnel-based encryption systems.

Optimization of power systems with voltage security constraints

NASA Astrophysics Data System (ADS)

Rosehart, William Daniel

As open access market principles are applied to power systems, significant changes in their operation and control are occurring. In the new marketplace, power systems are operating under higher loading conditions as market influences demand greater attention to operating cost versus stability margins. Since stability continues to be a basic requirement in the operation of any power system, new tools are being considered to analyze the effect of stability on the operating cost of the system, so that system stability can be incorporated into the costs of operating the system. In this thesis, new optimal power flow (OPF) formulations are proposed based on multi-objective methodologies to optimize active and reactive power dispatch while maximizing voltage security in power systems. The effects of minimizing operating costs, minimizing reactive power generation and/or maximizing voltage stability margins are analyzed. Results obtained using the proposed Voltage Stability Constrained OPF formulations are compared and analyzed to suggest possible ways of costing voltage security in power systems. When considering voltage stability margins the importance of system modeling becomes critical, since it has been demonstrated, based on bifurcation analysis, that modeling can have a significant effect of the behavior of power systems, especially at high loading levels. Therefore, this thesis also examines the effects of detailed generator models and several exponential load models. Furthermore, because of its influence on voltage stability, a Static Var Compensator model is also incorporated into the optimization problems.

Cloud-based Predictive Modeling System and its Application to Asthma Readmission Prediction

PubMed Central

Chen, Robert; Su, Hang; Khalilia, Mohammed; Lin, Sizhe; Peng, Yue; Davis, Tod; Hirsh, Daniel A; Searles, Elizabeth; Tejedor-Sojo, Javier; Thompson, Michael; Sun, Jimeng

2015-01-01

The predictive modeling process is time consuming and requires clinical researchers to handle complex electronic health record (EHR) data in restricted computational environments. To address this problem, we implemented a cloud-based predictive modeling system via a hybrid setup combining a secure private server with the Amazon Web Services (AWS) Elastic MapReduce platform. EHR data is preprocessed on a private server and the resulting de-identified event sequences are hosted on AWS. Based on user-specified modeling configurations, an on-demand web service launches a cluster of Elastic Compute 2 (EC2) instances on AWS to perform feature selection and classification algorithms in a distributed fashion. Afterwards, the secure private server aggregates results and displays them via interactive visualization. We tested the system on a pediatric asthma readmission task on a de-identified EHR dataset of 2,967 patients. We conduct a larger scale experiment on the CMS Linkable 2008–2010 Medicare Data Entrepreneurs’ Synthetic Public Use File dataset of 2 million patients, which achieves over 25-fold speedup compared to sequential execution. PMID:26958172

Dynamic and adaptive policy models for coalition operations

NASA Astrophysics Data System (ADS)

Verma, Dinesh; Calo, Seraphin; Chakraborty, Supriyo; Bertino, Elisa; Williams, Chris; Tucker, Jeremy; Rivera, Brian; de Mel, Geeth R.

2017-05-01

It is envisioned that the success of future military operations depends on the better integration, organizationally and operationally, among allies, coalition members, inter-agency partners, and so forth. However, this leads to a challenging and complex environment where the heterogeneity and dynamism in the operating environment intertwines with the evolving situational factors that affect the decision-making life cycle of the war fighter. Therefore, the users in such environments need secure, accessible, and resilient information infrastructures where policy-based mechanisms adopt the behaviours of the systems to meet end user goals. By specifying and enforcing a policy based model and framework for operations and security which accommodates heterogeneous coalitions, high levels of agility can be enabled to allow rapid assembly and restructuring of system and information resources. However, current prevalent policy models (e.g., rule based event-condition-action model and its variants) are not sufficient to deal with the highly dynamic and plausibly non-deterministic nature of these environments. Therefore, to address the above challenges, in this paper, we present a new approach for policies which enables managed systems to take more autonomic decisions regarding their operations.

Advanced and secure architectural EHR approaches.

PubMed

Blobel, Bernd

2006-01-01

Electronic Health Records (EHRs) provided as a lifelong patient record advance towards core applications of distributed and co-operating health information systems and health networks. For meeting the challenge of scalable, flexible, portable, secure EHR systems, the underlying EHR architecture must be based on the component paradigm and model driven, separating platform-independent and platform-specific models. Allowing manageable models, real systems must be decomposed and simplified. The resulting modelling approach has to follow the ISO Reference Model - Open Distributing Processing (RM-ODP). The ISO RM-ODP describes any system component from different perspectives. Platform-independent perspectives contain the enterprise view (business process, policies, scenarios, use cases), the information view (classes and associations) and the computational view (composition and decomposition), whereas platform-specific perspectives concern the engineering view (physical distribution and realisation) and the technology view (implementation details from protocols up to education and training) on system components. Those views have to be established for components reflecting aspects of all domains involved in healthcare environments including administrative, legal, medical, technical, etc. Thus, security-related component models reflecting all view mentioned have to be established for enabling both application and communication security services as integral part of the system's architecture. Beside decomposition and simplification of system regarding the different viewpoint on their components, different levels of systems' granularity can be defined hiding internals or focusing on properties of basic components to form a more complex structure. The resulting models describe both structure and behaviour of component-based systems. The described approach has been deployed in different projects defining EHR systems and their underlying architectural principles. In that context, the Australian GEHR project, the openEHR initiative, the revision of CEN ENV 13606 "Electronic Health Record communication", all based on Archetypes, but also the HL7 version 3 activities are discussed in some detail. The latter include the HL7 RIM, the HL7 Development Framework, the HL7's clinical document architecture (CDA) as well as the set of models from use cases, activity diagrams, sequence diagrams up to Domain Information Models (DMIMs) and their building blocks Common Message Element Types (CMET) Constraining Models to their underlying concepts. The future-proof EHR architecture as open, user-centric, user-friendly, flexible, scalable, portable core application in health information systems and health networks has to follow advanced architectural paradigms.

Study on the early warning mechanism for the security of blast furnace hearths

NASA Astrophysics Data System (ADS)

Zhao, Hong-bo; Huo, Shou-feng; Cheng, Shu-sen

2013-04-01

The campaign life of blast furnace (BF) hearths has become the limiting factor for safety and high efficiency production of modern BFs. However, the early warning mechanism of hearth security has not been clear. In this article, based on heat transfer calculations, heat flux and erosion monitoring, the features of heat flux and erosion were analyzed and compared among different types of hearths. The primary detecting elements, mathematical models, evaluating standards, and warning methods were discussed. A novel early warning mechanism with the three-level quantificational standards was proposed for BF hearth security.

A cooperative model for IS security risk management in distributed environment.

PubMed

Feng, Nan; Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

iCrowd: agent-based behavior modeling and crowd simulator

NASA Astrophysics Data System (ADS)

Kountouriotis, Vassilios I.; Paterakis, Manolis; Thomopoulos, Stelios C. A.

2016-05-01

Initially designed in the context of the TASS (Total Airport Security System) FP-7 project, the Crowd Simulation platform developed by the Integrated Systems Lab of the Institute of Informatics and Telecommunications at N.C.S.R. Demokritos, has evolved into a complete domain-independent agent-based behavior simulator with an emphasis on crowd behavior and building evacuation simulation. Under continuous development, it reflects an effort to implement a modern, multithreaded, data-oriented simulation engine employing latest state-of-the-art programming technologies and paradigms. It is based on an extensible architecture that separates core services from the individual layers of agent behavior, offering a concrete simulation kernel designed for high-performance and stability. Its primary goal is to deliver an abstract platform to facilitate implementation of several Agent-Based Simulation solutions with applicability in several domains of knowledge, such as: (i) Crowd behavior simulation during [in/out] door evacuation. (ii) Non-Player Character AI for Game-oriented applications and Gamification activities. (iii) Vessel traffic modeling and simulation for Maritime Security and Surveillance applications. (iv) Urban and Highway Traffic and Transportation Simulations. (v) Social Behavior Simulation and Modeling.

17 CFR 41.14 - Transition period for indexes that cease being narrow-based security indexes.

Code of Federal Regulations, 2011 CFR

2011-04-01

... provision. An index that is a narrow-based security index that becomes a broad-based security index for no...-five days. An index that is a narrow-based security index that becomes a broad-based security index for...

17 CFR 41.14 - Transition period for indexes that cease being narrow-based security indexes.

Code of Federal Regulations, 2010 CFR

2010-04-01

... provision. An index that is a narrow-based security index that becomes a broad-based security index for no...-five days. An index that is a narrow-based security index that becomes a broad-based security index for...

17 CFR 41.14 - Transition period for indexes that cease being narrow-based security indexes.

Code of Federal Regulations, 2013 CFR

2013-04-01

... provision. An index that is a narrow-based security index that becomes a broad-based security index for no...-five days. An index that is a narrow-based security index that becomes a broad-based security index for...

17 CFR 41.14 - Transition period for indexes that cease being narrow-based security indexes.

Code of Federal Regulations, 2012 CFR

2012-04-01

... provision. An index that is a narrow-based security index that becomes a broad-based security index for no...-five days. An index that is a narrow-based security index that becomes a broad-based security index for...

SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly

NASA Astrophysics Data System (ADS)

Ricci, R.; Chollet, G.; Crispino, M. V.; Jassim, S.; Koreman, J.; Olivar-Dimas, M.; Garcia-Salicetti, S.; Soria-Rodriguez, P.

2006-05-01

This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

Optical smart card using semipassive communication.

PubMed

Glaser, I; Green, Shlomo; Dimkov, Ilan

2006-03-15

An optical secure short-range communication system is presented. The mobile unit (optical smart card) of this system utilizes a retroreflector with an optical modulator, using light from the stationary unit; this mobile unit has very low power consumption and can be as small as a credit card. Such optical smart cards offer better security than RF-based solutions, yet do not require physical contact. Results from a feasibility study model are included.

Optical smart card using semipassive communication

NASA Astrophysics Data System (ADS)

Glaser, I.; Green, Shlomo; Dimkov, Ilan

2006-03-01

An optical secure short-range communication system is presented. The mobile unit (optical smart card) of this system utilizes a retroreflector with an optical modulator, using light from the stationary unit; this mobile unit has very low power consumption and can be as small as a credit card. Such optical smart cards offer better security than RF-based solutions, yet do not require physical contact. Results from a feasibility study model are included.

The Mexican Social Security counterreform: pensions for profit.

PubMed

Laurell, A C

1999-01-01

The social security counterreform, initiated in 1997, forms part of the neoliberal reorganization of Mexican society. The reform implies a profound change in the guiding principles of social security, as the public model based on integrality, solidarity, and redistribution is replaced by a model based on private administration of funds and services, individualization of entitlement, and reduction of rights. Its economic purpose is to move social services and benefits into the direct sphere of private capital accumulation. Although these changes will involve the whole social security system--old-age and disability pensions, health care, child care, and workers' compensation--they are most immediately evident in the pension scheme. The pay-as-you-go scheme is being replaced by privately managed individual retirement accounts which especially favor the big financial groups. These groups are gaining control over huge amounts of capital, are authorized to charge a high commission, and run no financial risks. The privatization of the system requires decisive state intervention with a legal change and a sizable state subsidy (1 to 1.5 percent of GNP) over five decades. The supposed positive impact on economic growth and employment is uncertain. A review of the new law and of the estimates of future annuities reveals shrinking pension coverage and inadequate incomes from pensions.

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

Federated Tensor Factorization for Computational Phenotyping

PubMed Central

Kim, Yejin; Sun, Jimeng; Yu, Hwanjo; Jiang, Xiaoqian

2017-01-01

Tensor factorization models offer an effective approach to convert massive electronic health records into meaningful clinical concepts (phenotypes) for data analysis. These models need a large amount of diverse samples to avoid population bias. An open challenge is how to derive phenotypes jointly across multiple hospitals, in which direct patient-level data sharing is not possible (e.g., due to institutional policies). In this paper, we developed a novel solution to enable federated tensor factorization for computational phenotyping without sharing patient-level data. We developed secure data harmonization and federated computation procedures based on alternating direction method of multipliers (ADMM). Using this method, the multiple hospitals iteratively update tensors and transfer secure summarized information to a central server, and the server aggregates the information to generate phenotypes. We demonstrated with real medical datasets that our method resembles the centralized training model (based on combined datasets) in terms of accuracy and phenotypes discovery while respecting privacy. PMID:29071165

Mathematical Modelling and the Learning Trajectory: Tools to Support the Teaching of Linear Algebra

ERIC Educational Resources Information Center

Cárcamo Bahamonde, Andrea Dorila; Fortuny Aymemí, Josep Maria; Gómez i Urgellés, Joan Vicenç

2017-01-01

In this article we present a didactic proposal for teaching linear algebra based on two compatible theoretical models: emergent models and mathematical modelling. This proposal begins with a problematic situation related to the creation and use of secure passwords, which leads students toward the construction of the concepts of spanning set and…

Using Secure Web Services to Visualize Poison Center Data for Nationwide Biosurveillance: A Case Study

PubMed Central

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M. Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Objectives Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. Methods As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Results Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. Discussion This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Conclusion Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance. PMID:23569581

Adapting Rational Unified Process (RUP) approach in designing a secure e-Tendering model

NASA Astrophysics Data System (ADS)

Mohd, Haslina; Robie, Muhammad Afdhal Muhammad; Baharom, Fauziah; Darus, Norida Muhd; Saip, Mohamed Ali; Yasin, Azman

2016-08-01

e-Tendering is an electronic processing of the tender document via internet and allow tenderer to publish, communicate, access, receive and submit all tender related information and documentation via internet. This study aims to design the e-Tendering system using Rational Unified Process approach. RUP provides a disciplined approach on how to assign tasks and responsibilities within the software development process. RUP has four phases that can assist researchers to adjust the requirements of various projects with different scope, problem and the size of projects. RUP is characterized as a use case driven, architecture centered, iterative and incremental process model. However the scope of this study only focusing on Inception and Elaboration phases as step to develop the model and perform only three of nine workflows (business modeling, requirements, analysis and design). RUP has a strong focus on documents and the activities in the inception and elaboration phases mainly concern the creation of diagrams and writing of textual descriptions. The UML notation and the software program, Star UML are used to support the design of e-Tendering. The e-Tendering design based on the RUP approach can contribute to e-Tendering developers and researchers in e-Tendering domain. In addition, this study also shows that the RUP is one of the best system development methodology that can be used as one of the research methodology in Software Engineering domain related to secured design of any observed application. This methodology has been tested in various studies in certain domains, such as in Simulation-based Decision Support, Security Requirement Engineering, Business Modeling and Secure System Requirement, and so forth. As a conclusion, these studies showed that the RUP one of a good research methodology that can be adapted in any Software Engineering (SE) research domain that required a few artifacts to be generated such as use case modeling, misuse case modeling, activity diagram, and initial class diagram from a list of requirements as identified earlier by the SE researchers

Determining Barriers and Facilitators Associated With Willingness to Use a Personal Health Information Management System to Support Worksite Wellness Programs.

PubMed

Neyens, David M; Childers, Ashley Kay

2017-07-01

To determine the barriers and facilitators associated with willingness to use personal health information management (PHIM) systems to support an existing worksite wellness program (WWP). The study design involved a Web-based survey. The study setting was a regional hospital. Hospital employees comprised the study subjects. Willingness, barriers, and facilitators associated with PHIM were measured. Bivariate logit models were used to model two binary dependent variables. One model predicted the likelihood of believing PHIM systems would positively affect overall health and willingness to use. Another predicted the likelihood of worrying about online security and not believing PHIM systems would benefit health goals. Based on 333 responses, believing PHIM systems would positively affect health was highly associated with willingness to use PHIM systems (p < .01). Those comfortable online were 7.22 times more willing to use PHIM systems. Participants in exercise-based components of WWPs were 3.03 times more likely to be willing to use PHIM systems. Those who worried about online security were 5.03 times more likely to believe PHIM systems would not help obtain health goals. Comfort with personal health information online and exercise-based WWP experience was associated with willingness to use PHIM systems. However, nutrition-based WWPs did not have similar effects. Implementation barriers relate to technology anxiety and trust in security, as well as experience with specific WWP activities. Identifying differences between WWP components and addressing technology concerns before implementation of PHIM systems into WWPs may facilitate improved adoption and usage.

The impact of joint responses of devices in an airport security system.

PubMed

Nie, Xiaofeng; Batta, Rajan; Drury, Colin G; Lin, Li

2009-02-01

In this article, we consider a model for an airport security system in which the declaration of a threat is based on the joint responses of inspection devices. This is in contrast to the typical system in which each check station independently declares a passenger as having a threat or not having a threat. In our framework the declaration of threat/no-threat is based upon the passenger scores at the check stations he/she goes through. To do this we use concepts from classification theory in the field of multivariate statistics analysis and focus on the main objective of minimizing the expected cost of misclassification. The corresponding correct classification and misclassification probabilities can be obtained by using a simulation-based method. After computing the overall false alarm and false clear probabilities, we compare our joint response system with two other independently operated systems. A model that groups passengers in a manner that minimizes the false alarm probability while maintaining the false clear probability within specifications set by a security authority is considered. We also analyze the staffing needs at each check station for such an inspection scheme. An illustrative example is provided along with sensitivity analysis on key model parameters. A discussion is provided on some implementation issues, on the various assumptions made in the analysis, and on potential drawbacks of the approach.

Healthcare teams over the Internet: programming a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2003-07-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modern healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has, therefore, become a major concern. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security model is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control (HAC) security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Perceived parental security profiles in African American adolescents involved in the juvenile justice system.

PubMed

Andretta, James R; Ramirez, Aaron M; Barnes, Michael E; Odom, Terri; Roberson-Adams, Shelia; Woodland, Malcolm H

2015-12-01

Many researchers have shown the importance of parent attachment in childhood and adolescence. The present study extends the attachment literature to African Americans involved in the juvenile justice system (N = 213), and provides an initial inquiry using person-oriented methods. The average age was 16.17 years (SD = 1.44), and the sample was predominantly male (71%). Results of a confirmatory factor analysis of Inventory of Parent and Peer Attachment-Short Form (IPPA-S) scores supported a 3-factor model: (a) Communication, (b) Trust, and (c) Alienation. Model-based clustering was applied to IPPA-S scores, and results pointed to 4 perceived parental security profiles: high security, moderately high security, moderately low security, and low security. In keeping with our hypotheses, IPPA-S profiles were associated with prosocial behaviors, depression, anxiety, and oppositional defiance. Contrary to hypotheses, IPPA-S profiles were not associated with perspective taking, emotional concern, or behaviors characteristic of a conduct disorder. Results also showed that gender, age, family member with whom the participant resides, charge severity, and offense history did not have an effect on IPPA-S clustering. Implications for therapeutic jurisprudence in African Americans involved with the juvenile justice system are provided. (c) 2015 APA, all rights reserved).

Secure Logistic Regression Based on Homomorphic Encryption: Design and Evaluation

PubMed Central

Song, Yongsoo; Wang, Shuang; Xia, Yuhou; Jiang, Xiaoqian

2018-01-01

Background Learning a model without accessing raw data has been an intriguing idea to security and machine learning researchers for years. In an ideal setting, we want to encrypt sensitive data to store them on a commercial cloud and run certain analyses without ever decrypting the data to preserve privacy. Homomorphic encryption technique is a promising candidate for secure data outsourcing, but it is a very challenging task to support real-world machine learning tasks. Existing frameworks can only handle simplified cases with low-degree polynomials such as linear means classifier and linear discriminative analysis. Objective The goal of this study is to provide a practical support to the mainstream learning models (eg, logistic regression). Methods We adapted a novel homomorphic encryption scheme optimized for real numbers computation. We devised (1) the least squares approximation of the logistic function for accuracy and efficiency (ie, reduce computation cost) and (2) new packing and parallelization techniques. Results Using real-world datasets, we evaluated the performance of our model and demonstrated its feasibility in speed and memory consumption. For example, it took approximately 116 minutes to obtain the training model from the homomorphically encrypted Edinburgh dataset. In addition, it gives fairly accurate predictions on the testing dataset. Conclusions We present the first homomorphically encrypted logistic regression outsourcing model based on the critical observation that the precision loss of classification models is sufficiently small so that the decision plan stays still. PMID:29666041

Tight finite-key analysis for quantum cryptography

PubMed Central

Tomamichel, Marco; Lim, Charles Ci Wen; Gisin, Nicolas; Renner, Renato

2012-01-01

Despite enormous theoretical and experimental progress in quantum cryptography, the security of most current implementations of quantum key distribution is still not rigorously established. One significant problem is that the security of the final key strongly depends on the number, M, of signals exchanged between the legitimate parties. Yet, existing security proofs are often only valid asymptotically, for unrealistically large values of M. Another challenge is that most security proofs are very sensitive to small differences between the physical devices used by the protocol and the theoretical model used to describe them. Here we show that these gaps between theory and experiment can be simultaneously overcome by using a recently developed proof technique based on the uncertainty relation for smooth entropies. PMID:22252558

Tight finite-key analysis for quantum cryptography.

PubMed

Tomamichel, Marco; Lim, Charles Ci Wen; Gisin, Nicolas; Renner, Renato

2012-01-17

Despite enormous theoretical and experimental progress in quantum cryptography, the security of most current implementations of quantum key distribution is still not rigorously established. One significant problem is that the security of the final key strongly depends on the number, M, of signals exchanged between the legitimate parties. Yet, existing security proofs are often only valid asymptotically, for unrealistically large values of M. Another challenge is that most security proofs are very sensitive to small differences between the physical devices used by the protocol and the theoretical model used to describe them. Here we show that these gaps between theory and experiment can be simultaneously overcome by using a recently developed proof technique based on the uncertainty relation for smooth entropies.

Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

PubMed

Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

2017-05-01

This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments.

PubMed

Farash, Mohammad Sabzinejad; Nawaz, Omer; Mahmood, Khalid; Chaudhry, Shehzad Ashraf; Khan, Muhammad Khurram

2016-07-01

To enhance the quality of healthcare in the management of chronic disease, telecare medical information systems have increasingly been used. Very recently, Zhang and Qi (J. Med. Syst. 38(5):47, 32), and Zhao (J. Med. Syst. 38(5):46, 33) separately proposed two authentication schemes for telecare medical information systems using radio frequency identification (RFID) technology. They claimed that their protocols achieve all security requirements including forward secrecy. However, this paper demonstrates that both Zhang and Qi's scheme, and Zhao's scheme could not provide forward secrecy. To augment the security, we propose an efficient RFID authentication scheme using elliptic curves for healthcare environments. The proposed RFID scheme is secure under common random oracle model.

New security infrastructure model for distributed computing systems

NASA Astrophysics Data System (ADS)

Dubenskaya, J.; Kryukov, A.; Demichev, A.; Prikhodko, N.

2016-02-01

At the paper we propose a new approach to setting up a user-friendly and yet secure authentication and authorization procedure in a distributed computing system. The security concept of the most heterogeneous distributed computing systems is based on the public key infrastructure along with proxy certificates which are used for rights delegation. In practice a contradiction between the limited lifetime of the proxy certificates and the unpredictable time of the request processing is a big issue for the end users of the system. We propose to use unlimited in time hashes which are individual for each request instead of proxy certificate. Our approach allows to avoid using of the proxy certificates. Thus the security infrastructure of distributed computing system becomes easier for development, support and use.

Meeting the ONCHIT population health mandate: a proposed model for security in selective transportable distributed environments.

PubMed

Lorence, Daniel; Chin, John; Richards, Michael

2010-08-01

Goal Two of the US ONCHIT Plan focuses on enabling the use of electronic health information for critical health improvement activities that promote the health of targeted communities, and the US population as a whole. Because of the focus on communities and populations, the activities under this second goal differ fundamentally from those of the first goal, which focus on the care of individuals. Proposed here is a model for health information management in such population-based environments, which allows selective access and use of information, and maintains transportability while ensuring security and confidentiality.

75 FR 64643 - Reporting of Security-Based Swap Transaction Data

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-20

... information relating to pre-enactment security-based swaps to a registered security-based swap data repository... within 60 days after a registered security- based swap data repository commences operations to receive... repository,\\8\\ and security- based swap execution facility.\\9\\ The Commission has issued an advance notice of...

75 FR 75207 - Regulation SBSR-Reporting and Dissemination of Security-Based Swap Information

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-02

...In accordance with Section 763 (``Section 763'') and Section 766 (``Section 766'') of Title VII (``Title VII'') of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the ``Dodd-Frank Act''), the Securities and Exchange Commission (``SEC'' or ``Commission'') is proposing Regulation SBSR--Reporting and Dissemination of Security-Based Swap Information (``Regulation SBSR'') under the Securities Exchange Act of 1934 (``Exchange Act'').\\1\\ Proposed Regulation SBSR would provide for the reporting of security- based swap information to registered security-based swap data repositories or the Commission and the public dissemination of security-based swap transaction, volume, and pricing information. Registered security-based swap data repositories would be required to establish and maintain certain policies and procedures regarding how transaction data are reported and disseminated, and participants of registered security-based swap data repositories that are security- based swap dealers or major security-based swap participants would be required to establish and maintain policies and procedures that are reasonably designed to ensure that they comply with applicable reporting obligations. Finally, proposed Regulation SBSR also would require a registered SDR to register with the Commission as a securities information processor on existing Form SIP. ---------------------------------------------------------------------------

Fully device-independent quantum key distribution.

PubMed

Vazirani, Umesh; Vidick, Thomas

2014-10-03

Quantum cryptography promises levels of security that are impossible to replicate in a classical world. Can this security be guaranteed even when the quantum devices on which the protocol relies are untrusted? This central question dates back to the early 1990s when the challenge of achieving device-independent quantum key distribution was first formulated. We answer this challenge by rigorously proving the device-independent security of a slight variant of Ekert's original entanglement-based protocol against the most general (coherent) attacks. The resulting protocol is robust: While assuming only that the devices can be modeled by the laws of quantum mechanics and are spatially isolated from each other and from any adversary's laboratory, it achieves a linear key rate and tolerates a constant noise rate in the devices. In particular, the devices may have quantum memory and share arbitrary quantum correlations with the eavesdropper. The proof of security is based on a new quantitative understanding of the monogamous nature of quantum correlations in the context of a multiparty protocol.

Inherent secure communications using lattice based waveform design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pugh, Matthew Owen

2013-12-01

The wireless communications channel is innately insecure due to the broadcast nature of the electromagnetic medium. Many techniques have been developed and implemented in order to combat insecurities and ensure the privacy of transmitted messages. Traditional methods include encrypting the data via cryptographic methods, hiding the data in the noise floor as in wideband communications, or nulling the signal in the spatial direction of the adversary using array processing techniques. This work analyzes the design of signaling constellations, i.e. modulation formats, to combat eavesdroppers from correctly decoding transmitted messages. It has been shown that in certain channel models the abilitymore » of an adversary to decode the transmitted messages can be degraded by a clever signaling constellation based on lattice theory. This work attempts to optimize certain lattice parameters in order to maximize the security of the data transmission. These techniques are of interest because they are orthogonal to, and can be used in conjunction with, traditional security techniques to create a more secure communication channel.« less

Fully Device-Independent Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Vazirani, Umesh; Vidick, Thomas

2014-10-01

Quantum cryptography promises levels of security that are impossible to replicate in a classical world. Can this security be guaranteed even when the quantum devices on which the protocol relies are untrusted? This central question dates back to the early 1990s when the challenge of achieving device-independent quantum key distribution was first formulated. We answer this challenge by rigorously proving the device-independent security of a slight variant of Ekert's original entanglement-based protocol against the most general (coherent) attacks. The resulting protocol is robust: While assuming only that the devices can be modeled by the laws of quantum mechanics and are spatially isolated from each other and from any adversary's laboratory, it achieves a linear key rate and tolerates a constant noise rate in the devices. In particular, the devices may have quantum memory and share arbitrary quantum correlations with the eavesdropper. The proof of security is based on a new quantitative understanding of the monogamous nature of quantum correlations in the context of a multiparty protocol.

A Resource Service Model in the Industrial IoT System Based on Transparent Computing.

PubMed

Li, Weimin; Wang, Bin; Sheng, Jinfang; Dong, Ke; Li, Zitong; Hu, Yixiang

2018-03-26

The Internet of Things (IoT) has received a lot of attention, especially in industrial scenarios. One of the typical applications is the intelligent mine, which actually constructs the Six-Hedge underground systems with IoT platforms. Based on a case study of the Six Systems in the underground metal mine, this paper summarizes the main challenges of industrial IoT from the aspects of heterogeneity in devices and resources, security, reliability, deployment and maintenance costs. Then, a novel resource service model for the industrial IoT applications based on Transparent Computing (TC) is presented, which supports centralized management of all resources including operating system (OS), programs and data on the server-side for the IoT devices, thus offering an effective, reliable, secure and cross-OS IoT service and reducing the costs of IoT system deployment and maintenance. The model has five layers: sensing layer, aggregation layer, network layer, service and storage layer and interface and management layer. We also present a detailed analysis on the system architecture and key technologies of the model. Finally, the efficiency of the model is shown by an experiment prototype system.

A Resource Service Model in the Industrial IoT System Based on Transparent Computing

PubMed Central

Wang, Bin; Sheng, Jinfang; Dong, Ke; Li, Zitong; Hu, Yixiang

2018-01-01

The Internet of Things (IoT) has received a lot of attention, especially in industrial scenarios. One of the typical applications is the intelligent mine, which actually constructs the Six-Hedge underground systems with IoT platforms. Based on a case study of the Six Systems in the underground metal mine, this paper summarizes the main challenges of industrial IoT from the aspects of heterogeneity in devices and resources, security, reliability, deployment and maintenance costs. Then, a novel resource service model for the industrial IoT applications based on Transparent Computing (TC) is presented, which supports centralized management of all resources including operating system (OS), programs and data on the server-side for the IoT devices, thus offering an effective, reliable, secure and cross-OS IoT service and reducing the costs of IoT system deployment and maintenance. The model has five layers: sensing layer, aggregation layer, network layer, service and storage layer and interface and management layer. We also present a detailed analysis on the system architecture and key technologies of the model. Finally, the efficiency of the model is shown by an experiment prototype system. PMID:29587450

A Cooperative Model for IS Security Risk Management in Distributed Environment

PubMed Central

Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively. PMID:24563626

A Model for settlement of health insurance organizations’ debt to health service delivery institutions

PubMed Central

Abolhallaj, Masood; Hosseini, Seyed Mohammadreza; Jafari, Mehdi; Alaei, Fatemeh

2017-01-01

Background: Sukuk is a type of financial instrument backed by balance sheet and physical assets. This applied and descriptive study aimed at providing solutions to the problems faced by insurance companies in the health sector. Methods: In this study, we achieved operational models by reviewing the release nature and mechanism of any of the securities and combining them. Results: According to the model presented in this study, 2 problems could be solved: settling the past debts and avoiding future debts. This model was deigned based on asset backed securities. Conclusion: Utilizing financing instruments (such as Sukuk), creating investment funds, and finding a solution to this problem, this study was conducted in 2 aspects: (1) models that are settling old debts of the organization, and (2) models that prevent debts in the future.

[Welfare and health in the century of social security].

PubMed

Westin, S

1999-12-10

Great achievements for public health in this century include penicillin, oral contraception, vaccination and transplantation, but the greatest contribution to the health of Norwegians may have been made by social security and the welfare state policies. The beneficial effects of social security include: less social inequality, a factor which in itself makes for better health, some degree of financial security for people who are ill and unable to support themselves or their families, universal availability of medical and health services. This paper explores the ideas and sources from which present-day social security legislation stems. The emergence of state based welfare legislation was inspired by developments in Germany under Bismarck; accident insurance for industrial workers was the first to be introduced in 1894. Several periods of active social security legislation followed at times when labour unions and socialist ideas were strong, supported, to some degree, by radical clergy and public health doctors. Social democratic governments, inspired by the British Beveridge plan towards the end of World War II, took the lead during the long post-war period until the mid 1970s. The Scandinavian model of social security is based on universal coverage and a single payer system. However, since the 1980s, as in other countries of Northern Europe, the social security system has come under pressure from market liberalism. Now at the turn of the century, increasing social inequalities cause some concern for the future of the welfare state.

Implementation of Medical Information Exchange System Based on EHR Standard

PubMed Central

Han, Soon Hwa; Kim, Sang Guk; Jeong, Jun Yong; Lee, Bi Na; Choi, Myeong Seon; Kim, Il Kon; Park, Woo Sung; Ha, Kyooseob; Cho, Eunyoung; Kim, Yoon; Bae, Jae Bong

2010-01-01

Objectives To develop effective ways of sharing patients' medical information, we developed a new medical information exchange system (MIES) based on a registry server, which enabled us to exchange different types of data generated by various systems. Methods To assure that patient's medical information can be effectively exchanged under different system environments, we adopted the standardized data transfer methods and terminologies suggested by the Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to guarantee interoperability. Regarding information security, MIES followed the security guidelines suggested by the CIEHR of Korea. This study aimed to develop essential security systems for the implementation of online services, such as encryption of communication, server security, database security, protection against hacking, contents, and network security. Results The registry server managed information exchange as well as the registration information of the clinical document architecture (CDA) documents, and the CDA Transfer Server was used to locate and transmit the proper CDA document from the relevant repository. The CDA viewer showed the CDA documents via connection with the information systems of related hospitals. Conclusions This research chooses transfer items and defines document standards that follow CDA standards, such that exchange of CDA documents between different systems became possible through ebXML. The proposed MIES was designed as an independent central registry server model in order to guarantee the essential security of patients' medical information. PMID:21818447

Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems

PubMed Central

Wu, Jun; Su, Zhou; Li, Jianhua

2017-01-01

Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on “friend” relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems. PMID:28758943

Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems.

PubMed

Wu, Jun; Su, Zhou; Wang, Shen; Li, Jianhua

2017-07-30

Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on "friend" relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems.

Implementation of Medical Information Exchange System Based on EHR Standard.

PubMed

Han, Soon Hwa; Lee, Min Ho; Kim, Sang Guk; Jeong, Jun Yong; Lee, Bi Na; Choi, Myeong Seon; Kim, Il Kon; Park, Woo Sung; Ha, Kyooseob; Cho, Eunyoung; Kim, Yoon; Bae, Jae Bong

2010-12-01

To develop effective ways of sharing patients' medical information, we developed a new medical information exchange system (MIES) based on a registry server, which enabled us to exchange different types of data generated by various systems. To assure that patient's medical information can be effectively exchanged under different system environments, we adopted the standardized data transfer methods and terminologies suggested by the Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to guarantee interoperability. Regarding information security, MIES followed the security guidelines suggested by the CIEHR of Korea. This study aimed to develop essential security systems for the implementation of online services, such as encryption of communication, server security, database security, protection against hacking, contents, and network security. The registry server managed information exchange as well as the registration information of the clinical document architecture (CDA) documents, and the CDA Transfer Server was used to locate and transmit the proper CDA document from the relevant repository. The CDA viewer showed the CDA documents via connection with the information systems of related hospitals. This research chooses transfer items and defines document standards that follow CDA standards, such that exchange of CDA documents between different systems became possible through ebXML. The proposed MIES was designed as an independent central registry server model in order to guarantee the essential security of patients' medical information.

Re-designing the PhEDEx Security Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Huang, C.-H.; Wildish, T.; Zhang, X.

2014-01-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintainingmore » code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.« less

Re-designing the PhEDEx Security Model

NASA Astrophysics Data System (ADS)

C-H, Huang; Wildish, T.; X, Zhang

2014-06-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

Access Requirement Analysis of E-Governance Systems

NASA Astrophysics Data System (ADS)

Kim, Tai-Hoon

The strategic and contemporary importance of e-governance has been recognized across the world. In India too, various ministries of Govt. of India and State Governments have taken e-governance initiatives to provide e-services to citizens and the business they serve. To achieve the mission objectives, and make such e-governance initiatives successful it would be necessary to improve the trust and confidence of the stakeholders. It is assumed that the delivery of government services will share the same public network information that is being used in the community at large. In particular, the Internet will be the principal means by which public access to government and government services will be achieved. To provide the security measures main aim is to identify user's access requirement for the stakeholders and then according to the models of Nath's approach. Based on this analysis, the Govt. can also make standards of security based on the e-governance models. Thus there will be less human errors and bias. This analysis leads to the security architecture of the specific G2C application.

17 CFR 240.3a55-4 - Exclusion from definition of narrow-based security index for indexes composed of debt securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... narrow-based security index for indexes composed of debt securities. 240.3a55-4 Section 240.3a55-4... Miscellaneous Exemptions § 240.3a55-4 Exclusion from definition of narrow-based security index for indexes composed of debt securities. (a) An index is not a narrow-based security index if: (1)(i) Each of the...

Applying the Earth System Grid Security System in a Heterogeneous Environment of Data Access Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Lawrence, Bryan; Lowe, Dominic; Norton, Peter; Pascoe, Stephen

2010-05-01

CEDA (Centre for Environmental Data Archival) based at STFC Rutherford Appleton Laboratory is host to the BADC (British Atmospheric Data Centre) and NEODC (NERC Earth Observation Data Centre) with data holdings of over half a Petabyte. In the coming months this figure is set to increase by over one Petabyte through the BADC's role as one of three data centres to host the CMIP5 (Coupled Model Intercomparison Project Phase 5) core archive of climate model data. Quite apart from the problem of managing the storage of such large volumes there is the challenge of collating the data together from the modelling centres around the world and enabling access to these data for the user community. An infrastructure to support this is being developed under the US Earth System Grid (ESG) and related projects bringing together participating organisations together in a federation. The ESG architecture defines Gateways, the web interfaces that enable users to access data and data serving applications organised into Data Nodes. The BADC has been working in collaboration with US Earth System Grid team and other partners to develop a security system to restrict access to data. This provides single sign-on via both OpenID and PKI based means and uses role based authorisation facilitated by SAML and OpenID based interfaces for attribute retrieval. This presentation will provide an overview of the access control architecture and look at how this has been implemented for CEDA. CEDA has developed an expertise in data access and information services over several years through a number of projects to develop and enhance these capabilities. Participation in CMIP5 comes at a time when a number of other software development activities are coming to fruition. New services are in the process of being deployed alongside services making up the system for ESG. The security system must apply access control across this heterogeneous environment of different data services and technologies. One strand of the development efforts within CEDA has been the NDG (NERC Datagrid) Security system. This system has been extended to interoperate with ESG, greatly assisted by the standards based approach adopted for the ESG security architecture. Drawing from experience from previous projects the decision was taken to refactor the NDG Security software into a component based architecture to enable a separation of concerns between access control and the functionality of a given application being protected. Such an approach is only possible through a generic interface. At CEDA, this has been realised in the Python programming language using the WSGI (Web Server Gateway Interface) specification. A parallel Java filter based implementation is also under development with our US partners for use with the THREDDS Data Server. Using such technologies applications and middleware can be assembled into custom configurations to meet different requirements. In the case of access control, NDG Security middleware can be layered over the top of existing applications without the need to modify them. A RESTful approach to the application of authorisation policy has been key in this approach. We explore the practical implementation of such a scheme alongside the application of the ESG security architecture to CEDA's OGC web services implementation COWS.

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

Direct and indirect effects of contextual factors, caregiver depression, and parenting on attachment security in preschoolers.

PubMed

Hopkins, Joyce; Gouze, Karen R; Lavigne, John V

2013-01-01

The aim of this study was to develop a multiple-level-of-analysis model of preschool attachment security and to determine the processes (direct and indirect) whereby factors from different domains (e.g., stress and parenting) are related to attachment during this period. This study examined the direct and indirect effects of stress, family conflict, caregiver depression symptoms, and parenting on attachment security in a large (N = 796) and diverse sample of 4-year-olds. This study used the 3-Boxes Task to assess aspects of parenting critical to sensitivity in the preschool period, labeling this construct sensitivity/scaffolding. Parent-report questionnaires were used to assess stress, conflict, caregiver depressive symptoms, parent support/engagement, and parent hostility/coercion. Direct observation (3-Boxes Task) was used to assess sensitivity/scaffolding and attachment (Attachment Q-Sort) based on a 2½-3 hour home visit. Results of structural equation modeling indicated a good overall fit for the model. Among the parenting variables, sensitivity/scaffolding had the strongest effect on attachment. Depressive symptoms had both direct and indirect effects (mediated by parenting). The effects of stress and family conflict were mediated by caregiver depression symptoms and parenting. These data show that a developmentally appropriate measure of sensitivity plays a significant role in attachment security in preschoolers. Thus, strategies designed to enhance sensitivity/scaffolding may increase child resilience by enhancing attachment security.

The Johns Hopkins RTR Consortium: A Collaborative Approach to Advance Translational Science and Standardize Clinical Monitoring of Restorative Transplantation

DTIC Science & Technology

2016-10-01

based Therapy, Large animal models, Allograft, Hand Transplantation ,Face Transplantation 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT...Changes in Approach b. Problems/Delays and Plans for Resolution c. Changes that Impacted Expenditures d. Changes in use or care of vertebrate animals ...Vascularized Composite Allotransplantation Immunoregulation Tolerance Rejection Ischemia Reperfusion Cell based Therapy Large animal models

Measuring Operational Resilience Using the CERT(Registered) Resilience Management Model

DTIC Science & Technology

2010-09-01

such as ISO 27002 [ ISO 2005]) and then measure the implementation and performance of practices contained in the standard. This checklist-based ap...Security techniques – Code of practice for information security management. ISO /IEC 27002 :2005, June 2005. Also known as ISO /IEC 17799:2005. [ ISO 2007...Table 23: ISO 15939 Process Activities and Tasks 54 Table 24: CERT-RMM Measurement and Analysis Process Area Goals and Practices 55 CMU/SEI

Security middleware infrastructure for DICOM images in health information systems.

PubMed

Kallepalli, Vijay N V; Ehikioya, Sylvanus A; Camorlinga, Sergio; Rueda, Jose A

2003-12-01

In health care, it is mandatory to maintain the privacy and confidentiality of medical data. To achieve this, a fine-grained access control and an access log for accessing medical images are two important aspects that need to be considered in health care systems. Fine-grained access control provides access to medical data only to authorized persons based on priority, location, and content. A log captures each attempt to access medical data. This article describes an overall middleware infrastructure required for secure access to Digital Imaging and Communication in Medicine (DICOM) images, with an emphasis on access control and log maintenance. We introduce a hybrid access control model that combines the properties of two existing models. A trust relationship between hospitals is used to make the hybrid access control model scalable across hospitals. We also discuss events that have to be logged and where the log has to be maintained. A prototype of security middleware infrastructure is implemented.

Augmenting Probabilistic Risk Assesment with Malevolent Initiators

DOE Office of Scientific and Technical Information (OSTI.GOV)

Curtis Smith; David Schwieder

2011-11-01

As commonly practiced, the use of probabilistic risk assessment (PRA) in nuclear power plants only considers accident initiators such as natural hazards, equipment failures, and human error. Malevolent initiators are ignored in PRA, but are considered the domain of physical security, which uses vulnerability assessment based on an officially specified threat (design basis threat). This paper explores the implications of augmenting and extending existing PRA models by considering new and modified scenarios resulting from malevolent initiators. Teaming the augmented PRA models with conventional vulnerability assessments can cost-effectively enhance security of a nuclear power plant. This methodology is useful for operatingmore » plants, as well as in the design of new plants. For the methodology, we have proposed an approach that builds on and extends the practice of PRA for nuclear power plants for security-related issues. Rather than only considering 'random' failures, we demonstrated a framework that is able to represent and model malevolent initiating events and associated plant impacts.« less

Securing Resources in Collaborative Environments: A Peer-to-peerApproach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Berket, Karlo; Essiari, Abdelilah; Thompson, Mary R.

2005-09-19

We have developed a security model that facilitates control of resources by autonomous peers who act on behalf of collaborating users. This model allows a gradual build-up of trust. It enables secure interactions among users that do not necessarily know each other and allows them to build trust over the course of their collaboration. This paper describes various aspects of our security model and describes an architecture that implements this model to provide security in pure peer-to-peer environments.

An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing.

PubMed

Kumar, Vinod; Jangirala, Srinivas; Ahmad, Musheer

2018-06-28

The increasing role of Telecare Medicine Information Systems (TMIS) makes its accessibility for patients to explore medical treatment, accumulate and approach medical data through internet connectivity. Security and privacy preservation is necessary for medical data of the patient in TMIS because of the very perceptive purpose. Recently, Mohit et al.'s proposed a mutual authentication protocol for TMIS in the cloud computing environment. In this work, we reviewed their protocol and found that it is not secure against stolen verifier attack, many logged in patient attack, patient anonymity, impersonation attack, and fails to protect session key. For enhancement of security level, we proposed a new mutual authentication protocol for the similar environment. The presented framework is also more capable in terms of computation cost. In addition, the security evaluation of the protocol protects resilience of all possible security attributes, and we also explored formal security evaluation based on random oracle model. The performance of the proposed protocol is much better in comparison to the existing protocol.

The Use of Maslow's Model in History

ERIC Educational Resources Information Center

Hubbs, Hugh

1978-01-01

Explains how Abraham Maslow's theory of the hierarchy of human needs can explain the success of medieval society which lasted 300 years. Based on sequential fulfillment of physical needs, security, affiliation, esteem, and self-fulfillment, the model can also illustrate how modern governments satisfy citizens' needs. (AV)

Application of simulation models for the optimization of business processes

NASA Astrophysics Data System (ADS)

Jašek, Roman; Sedláček, Michal; Chramcov, Bronislav; Dvořák, Jiří

2016-06-01

The paper deals with the applications of modeling and simulation tools in the optimization of business processes, especially in solving an optimization of signal flow in security company. As a modeling tool was selected Simul8 software that is used to process modeling based on discrete event simulation and which enables the creation of a visual model of production and distribution processes.

Security Operations Curriculum Package: BS in Global Security and Intelligence Studies, Security Operations Management Track, Embry-Riddle Aeronautical University, Prescott, AZ. BS in Security Operations Management, Model Curriculum

DTIC Science & Technology

2011-10-24

Operations Management Track in the established B.S. in Global Security and Intelligence Studies Degree offered at Embry-Riddle Aeronautical University...and a model 4 -year college curriculum for a BS degree in Security Operations Management

Women and firesetting: a qualitative analysis of context, meaning, and development.

PubMed

Cunningham, Eimear M; Timms, Jo; Holloway, Gerrie; Radford, Shirley A

2011-06-01

To explore subjective experiences of women in secure services of their firesetting behaviour, its personal meaning and the factors that contributed to its development. An interview-based study using Interpretative Phenomenological Analysis. Interviews were carried out with nine women, in medium secure services, with histories of firesetting. Three overarching but interlinked themes emerged, reflecting a narrative progression from the context of life experiences that preceded firesetting (including subthemes: distressing experiences and isolation from support), through the experience and meaning of the firesetting act (influencing others and getting help, achievement and control, and not thought through), to the individual's current position regarding past actions. The clinical implications of the findings are considered in the context of the existing male-orientated firesetting knowledge base and emerging models of service delivery to women in secure settings. ©2010 The British Psychological Society.

Protecting software agents from malicious hosts using quantum computing

NASA Astrophysics Data System (ADS)

Reisner, John; Donkor, Eric

2000-07-01

We evaluate how quantum computing can be applied to security problems for software agents. Agent-based computing, which merges technological advances in artificial intelligence and mobile computing, is a rapidly growing domain, especially in applications such as electronic commerce, network management, information retrieval, and mission planning. System security is one of the more eminent research areas in agent-based computing, and the specific problem of protecting a mobile agent from a potentially hostile host is one of the most difficult of these challenges. In this work, we describe our agent model, and discuss the capabilities and limitations of classical solutions to the malicious host problem. Quantum computing may be extremely helpful in addressing the limitations of classical solutions to this problem. This paper highlights some of the areas where quantum computing could be applied to agent security.

Application of portable CDA for secure clinical-document exchange.

PubMed

Huang, Kuo-Hsuan; Hsieh, Sung-Huai; Chang, Yuan-Jen; Lai, Feipei; Hsieh, Sheau-Ling; Lee, Hsiu-Hui

2010-08-01

Health Level Seven (HL7) organization published the Clinical Document Architecture (CDA) for exchanging documents among heterogeneous systems and improving medical quality based on the design method in CDA. In practice, although the HL7 organization tried to make medical messages exchangeable, it is still hard to exchange medical messages. There are many issues when two hospitals want to exchange clinical documents, such as patient privacy, network security, budget, and the strategies of the hospital. In this article, we propose a method for the exchange and sharing of clinical documents in an offline model based on the CDA-the Portable CDA. This allows the physician to retrieve the patient's medical record stored in a portal device, but not through the Internet in real time. The security and privacy of CDA data will also be considered.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

a Review of Digital Watermarking and Copyright Control Technology for Cultural Relics

NASA Astrophysics Data System (ADS)

Liu, H.; Hou, M.; Hu, Y.

2018-04-01

With the rapid growth of the application and sharing of the 3-D model data in the protection of cultural relics, the problem of Shared security and copyright control of the three-dimensional model of cultural relics is becoming increasingly prominent. Followed by a digital watermarking copyright control has become the frontier technology of 3-D model security protection of cultural relics and effective means, related technology research and application in recent years also got further development. 3-D model based on cultural relics digital watermarking and copyright control technology, introduces the research background and demand, its unique characteristics were described, and its development and application of the algorithm are discussed, and the prospects of the future development trend and some problems and the solution.

Systematic implementation of spectral CT with a photon counting detector for liquid security inspection

NASA Astrophysics Data System (ADS)

Xu, Xiaofei; Xing, Yuxiang; Wang, Sen; Zhang, Li

2018-06-01

X-ray liquid security inspection system plays an important role in homeland security, while the conventional dual-energy CT (DECT) system may have a big deviation in extracting the atomic number and the electron density of materials in various conditions. Photon counting detectors (PCDs) have the capability of discriminating the incident photons of different energy. The technique becomes more and more mature in nowadays. In this work, we explore the performance of a multi-energy CT imaging system with a PCD for liquid security inspection in material discrimination. We used a maximum-likelihood (ML) decomposition method with scatter correction based on a cross-energy response model (CERM) for PCDs so that to improve the accuracy of atomic number and electronic density imaging. Experimental study was carried to examine the effectiveness and robustness of the proposed system. Our results show that the concentration of different solutions in physical phantoms can be reconstructed accurately, which could improve the material identification compared to current available dual-energy liquid security inspection systems. The CERM-base decomposition and reconstruction method can be easily used to different applications such as medical diagnosis.

Computer Security Models

DTIC Science & Technology

1984-09-01

Verification Technique for a Class of Security Kernels," International Symposium on Programming , Lecture Notes in Computer Science 137, Springer-Verlag, New York...September 1984 MTR9S31 " J. K. Millen Computer Security C. M. Cerniglia Models * 0 Ne c - ¢- C. S• ~CONTRACT SPONSOR OUSDRE/C31 & ESO/ALEE...ABSTRACT The purpose of this report is to provide a basis for evaluating security models in the context of secure computer system development

Security in the CernVM File System and the Frontier Distributed Database Caching System

NASA Astrophysics Data System (ADS)

Dykstra, D.; Blomer, J.

2014-06-01

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

The ISACA Business Model for Information Security: An Integrative and Innovative Approach

NASA Astrophysics Data System (ADS)

von Roessing, Rolf

In recent years, information security management has matured into a professional discipline that covers both technical and managerial aspects in an organisational environment. Information security is increasingly dependent on business-driven parameters and interfaces to a variety of organisational units and departments. In contrast, common security models and frameworks have remained largely technical. A review of extant models ranging from [LaBe73] to more recent models shows that technical aspects are covered in great detail, while the managerial aspects of security are often neglected.Likewise, the business view on organisational security is frequently at odds with the demands of information security personnel or information technology management. In practice, senior and executive level management remain comparatively distant from technical requirements. As a result, information security is generally regarded as a cost factor rather than a benefit to the organisation.

Recovery-oriented care in a secure mental health setting: "striving for a good life".

PubMed

McKenna, Brian; Furness, Trentham; Dhital, Deepa; Park, Malcolm; Connally, Fiona

2014-01-01

Recovery-oriented care acknowledges the unique journey of the consumer to regain control of his or her life in order to live a good life. Recovery has become a dominant policy-directed model of mental health service delivery. Even services that have traditionally been institutional and custodial have been challenged to embrace a recovery-oriented model. The aim of this qualitative study was to provide a description of service delivery in a secure in-patient mental health service, which has developed a self-professed recovery-oriented model of service delivery. An in-depth case study of the secure in-patient service using an exploratory research design was undertaken to meet the aim of this study. Qualitative data was gathered from interviews with consumers and staff (n = 15) and a focus group with carers (n = 5). Data were analyzed using a content analysis approach. Ethical approval for the study was obtained. The stakeholders readily described the secure service within recovery domains. They described a common vision; ways to promote hope and autonomy; examples of collaborative partnership which enhanced the goal of community integration; a focus on strength-based, holistic care; and the management of risk by taking calculated risks. Discrepancies in the perceptions of stakeholders were determined. This case study research provides a demonstrable example of recovery-in-action in one secure mental health service in Australia. It is intended to assist mental health services and clinicians seeking guidance in developing strategies for building and maintaining partnerships with consumers and carers in order for secure services to become truly recovery-oriented.

Controller–Pilot Data Link Communication Security

PubMed Central

Polishchuk, Tatiana; Wernberg, Max

2018-01-01

The increased utilization of the new types of cockpit communications, including controller–pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system. PMID:29783791

Controller⁻Pilot Data Link Communication Security.

PubMed

Gurtov, Andrei; Polishchuk, Tatiana; Wernberg, Max

2018-05-20

The increased utilization of the new types of cockpit communications, including controller⁻pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system.

Role-Based Viewing for Secure Collaborative Modeling

DTIC Science & Technology

2003-02-01

Buchanan, editors, Proceedings of Graphics Interface 2001, pages 9–18, 2001. [18] Sylvia L. Osborn, Ravi S. Sandhu, and Qamar Munawer. Configuring Role...techniques, pages 49–56. ACM Press/Addison-Wesley Publishing Co., 1999. [20] Ravi Sandhu, Bhamidipati, and Qamar Munawer. The ARBAC97 Model for Role

Optimizing Land and Water Use at the Local Level to Enhance Global Food Security through Virtual Resources Trade in the World

NASA Astrophysics Data System (ADS)

Cai, X.; Zhang, X.; Zhu, T.

2014-12-01

Global food security is constrained by local and regional land and water availability, as well as other agricultural input limitations and inappropriate national and global regulations. In a theoretical context, this study assumes that optimal water and land uses in local food production to maximize food security and social welfare at the global level can be driven by global trade. It follows the context of "virtual resources trade", i.e., utilizing international trade of agricultural commodities to reduce dependency on local resources, and achieves land and water savings in the world. An optimization model based on the partial equilibrium of agriculture is developed for the analysis, including local commodity production and land and water resources constraints, demand by country, and global food market. Through the model, the marginal values (MVs) of social welfare for water and land at the level of so-called food production units (i.e., sub-basins with similar agricultural production conditions) are derived and mapped in the world. In this personation, we will introduce the model structure, explain the meaning of MVs at the local level and their distribution around the world, and discuss the policy implications for global communities to enhance global food security. In particular, we will examine the economic values of water and land under different world targets of food security (e.g., number of malnourished population or children in a future year). In addition, we will also discuss the opportunities on data to improve such global modeling exercises.

Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

PubMed

He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

2017-09-06

With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

Observational attachment theory-based parenting measures predict children's attachment narratives independently from social learning theory-based measures.

PubMed

Matias, Carla; O'Connor, Thomas G; Futh, Annabel; Scott, Stephen

2014-01-01

Conceptually and methodologically distinct models exist for assessing quality of parent-child relationships, but few studies contrast competing models or assess their overlap in predicting developmental outcomes. Using observational methodology, the current study examined the distinctiveness of attachment theory-based and social learning theory-based measures of parenting in predicting two key measures of child adjustment: security of attachment narratives and social acceptance in peer nominations. A total of 113 5-6-year-old children from ethnically diverse families participated. Parent-child relationships were rated using standard paradigms. Measures derived from attachment theory included sensitive responding and mutuality; measures derived from social learning theory included positive attending, directives, and criticism. Child outcomes were independently-rated attachment narrative representations and peer nominations. Results indicated that Attachment theory-based and Social Learning theory-based measures were modestly correlated; nonetheless, parent-child mutuality predicted secure child attachment narratives independently of social learning theory-based measures; in contrast, criticism predicted peer-nominated fighting independently of attachment theory-based measures. In young children, there is some evidence that attachment theory-based measures may be particularly predictive of attachment narratives; however, no single model of measuring parent-child relationships is likely to best predict multiple developmental outcomes. Assessment in research and applied settings may benefit from integration of different theoretical and methodological paradigms.

76 FR 46668 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-03

... SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 [Release No. 34-64766; File No. S7-25-11] RIN 3235-AL10 Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap Participants Correction In proposed rule document number 2011-16758, appearing on pages 42396-42455 in the...

78 FR 30967 - Cross-Border Security-Based Swap Activities; Re-Proposal of Regulation SBSR and Certain Rules and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-23

... context of the security-based swap dealer definition, for affiliated groups with a registered security... for Affiliated Groups with Registered Security-Based Swap Dealers); Rule 3a71-5 (Substituted... 13n-12 (Exemption from Requirements Governing Security-Based Swap Data Repositories for Certain Non-U...

Entropy-based financial asset pricing.

PubMed

Ormos, Mihály; Zibriczky, Dávid

2014-01-01

We investigate entropy as a financial risk measure. Entropy explains the equity premium of securities and portfolios in a simpler way and, at the same time, with higher explanatory power than the beta parameter of the capital asset pricing model. For asset pricing we define the continuous entropy as an alternative measure of risk. Our results show that entropy decreases in the function of the number of securities involved in a portfolio in a similar way to the standard deviation, and that efficient portfolios are situated on a hyperbola in the expected return-entropy system. For empirical investigation we use daily returns of 150 randomly selected securities for a period of 27 years. Our regression results show that entropy has a higher explanatory power for the expected return than the capital asset pricing model beta. Furthermore we show the time varying behavior of the beta along with entropy.

Entropy-Based Financial Asset Pricing

PubMed Central

Ormos, Mihály; Zibriczky, Dávid

2014-01-01

We investigate entropy as a financial risk measure. Entropy explains the equity premium of securities and portfolios in a simpler way and, at the same time, with higher explanatory power than the beta parameter of the capital asset pricing model. For asset pricing we define the continuous entropy as an alternative measure of risk. Our results show that entropy decreases in the function of the number of securities involved in a portfolio in a similar way to the standard deviation, and that efficient portfolios are situated on a hyperbola in the expected return – entropy system. For empirical investigation we use daily returns of 150 randomly selected securities for a period of 27 years. Our regression results show that entropy has a higher explanatory power for the expected return than the capital asset pricing model beta. Furthermore we show the time varying behavior of the beta along with entropy. PMID:25545668

U.S. Social Security at 75 years: an international perspective.

PubMed

Hoskins, Dalmer D

2010-01-01

Is the historical development of the Old-Age, Survivors, and Disability Insurance (OASDI) program unique or similar to the development of social security programs in other industrialized countries? The U.S. Social Security program was adopted some 40 to 50 years after those of most Western European nations. The United States thus had the opportunity to choose from a number of models and clearly chose to follow the classic social insurance path of such countries as Austria, France, and Germany, which in 1935 already had considerable experience administering earnings-related, employer/worker-financed old-age pension programs. Although based on the traditional social insurance model, OASDI evolved in certain unique ways, including the rejection over the course of succeeding decades of any reliance on general revenue financing, the importance attached to long-range (75-year) actuarial projections, and the relative generosity of benefits for survivors and dependents.

Secure Logistic Regression Based on Homomorphic Encryption: Design and Evaluation.

PubMed

Kim, Miran; Song, Yongsoo; Wang, Shuang; Xia, Yuhou; Jiang, Xiaoqian

2018-04-17

Learning a model without accessing raw data has been an intriguing idea to security and machine learning researchers for years. In an ideal setting, we want to encrypt sensitive data to store them on a commercial cloud and run certain analyses without ever decrypting the data to preserve privacy. Homomorphic encryption technique is a promising candidate for secure data outsourcing, but it is a very challenging task to support real-world machine learning tasks. Existing frameworks can only handle simplified cases with low-degree polynomials such as linear means classifier and linear discriminative analysis. The goal of this study is to provide a practical support to the mainstream learning models (eg, logistic regression). We adapted a novel homomorphic encryption scheme optimized for real numbers computation. We devised (1) the least squares approximation of the logistic function for accuracy and efficiency (ie, reduce computation cost) and (2) new packing and parallelization techniques. Using real-world datasets, we evaluated the performance of our model and demonstrated its feasibility in speed and memory consumption. For example, it took approximately 116 minutes to obtain the training model from the homomorphically encrypted Edinburgh dataset. In addition, it gives fairly accurate predictions on the testing dataset. We present the first homomorphically encrypted logistic regression outsourcing model based on the critical observation that the precision loss of classification models is sufficiently small so that the decision plan stays still. ©Miran Kim, Yongsoo Song, Shuang Wang, Yuhou Xia, Xiaoqian Jiang. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 17.04.2018.

A neural-visualization IDS for honeynet data.

PubMed

Herrero, Álvaro; Zurutuza, Urko; Corchado, Emilio

2012-04-01

Neural intelligent systems can provide a visualization of the network traffic for security staff, in order to reduce the widely known high false-positive rate associated with misuse-based Intrusion Detection Systems (IDSs). Unlike previous work, this study proposes an unsupervised neural models that generate an intuitive visualization of the captured traffic, rather than network statistics. These snapshots of network events are immensely useful for security personnel that monitor network behavior. The system is based on the use of different neural projection and unsupervised methods for the visual inspection of honeypot data, and may be seen as a complementary network security tool that sheds light on internal data structures through visual inspection of the traffic itself. Furthermore, it is intended to facilitate verification and assessment of Snort performance (a well-known and widely-used misuse-based IDS), through the visualization of attack patterns. Empirical verification and comparison of the proposed projection methods are performed in a real domain, where two different case studies are defined and analyzed.

Unbounded and revocable hierarchical identity-based encryption with adaptive security, decryption key exposure resistant, and short public parameters

PubMed Central

Wang, Baosheng; Tao, Jing

2018-01-01

Revocation functionality and hierarchy key delegation are two necessary and crucial requirements to identity-based cryptosystems. Revocable hierarchical identity-based encryption (RHIBE) has attracted a lot of attention in recent years, many RHIBE schemes have been proposed but shown to be either insecure or bounded where they have to fix the maximum hierarchical depth of RHIBE at setup. In this paper, we propose a new unbounded RHIBE scheme with decryption key exposure resilience and with short public system parameters, and prove our RHIBE scheme to be adaptively secure. Our system model is scalable inherently to accommodate more levels of user adaptively with no adding workload or restarting the system. By carefully designing the hybrid games, we overcome the subtle obstacle in applying the dual system encryption methodology for the unbounded and revocable HIBE. To the best of our knowledge, this is the first construction of adaptively secure unbounded RHIBE scheme. PMID:29649326

Research of Trust Chain of Operating System

NASA Astrophysics Data System (ADS)

Li, Hongjiao; Tian, Xiuxia

Trust chain is one of the key technologies in designing secure operating system based on TC technology. Constructions of trust chain and trust models are analyzed. Future works in these directions are discussed.

Validation and implementation of model based control strategies at an industrial wastewater treatment plant.

PubMed

Demey, D; Vanderhaegen, B; Vanhooren, H; Liessens, J; Van Eyck, L; Hopkins, L; Vanrolleghem, P A

2001-01-01

In this paper, the practical implementation and validation of advanced control strategies, designed using model based techniques, at an industrial wastewater treatment plant is demonstrated. The plant under study is treating the wastewater of a large pharmaceutical production facility. The process characteristics of the wastewater treatment were quantified by means of tracer tests, intensive measurement campaigns and the use of on-line sensors. In parallel, a dynamical model of the complete wastewater plant was developed according to the specific kinetic characteristics of the sludge and the highly varying composition of the industrial wastewater. Based on real-time data and dynamic models, control strategies for the equalisation system, the polymer dosing and phosphorus addition were established. The control strategies are being integrated in the existing SCADA system combining traditional PLC technology with robust PC based control calculations. The use of intelligent control in wastewater treatment offers a wide spectrum of possibilities to upgrade existing plants, to increase the capacity of the plant and to eliminate peaks. This can result in a more stable and secure overall performance and, finally, in cost savings. The use of on-line sensors has a potential not only for monitoring concentrations, but also for manipulating flows and concentrations. This way the performance of the plant can be secured.

A study of the security technology and a new security model for WiFi network

NASA Astrophysics Data System (ADS)

Huang, Jing

2013-07-01

The WiFi network is one of the most rapidly developing wireless communication networks, which makes wireless office and wireless life possible and greatly expands the application form and scope of the internet. At the same time, the WiFi network security has received wide attention, and this is also the key factor of WiFi network development. This paper makes a systematic introduction to the WiFi network and WiFi network security problems, and the WiFi network security technology are reviewed and compared. In order to solve the security problems in WiFi network, this paper presents a new WiFi network security model and the key exchange algorithm. Experiments are performed to test the performance of the model, the results show that the new security model can withstand external network attack and ensure stable and safe operation of WiFi network.

Nanostructure based EO/IR sensor development for homeland security applications

NASA Astrophysics Data System (ADS)

Sood, Ashok K.; Welser, Roger E.; Sood, Adam W.; Puri, Yash R.; Manzur, Tariq; Dhar, Nibir K.; Polla, Dennis L.; Wang, Zhong L.; Wijewarnasuriya, Priyalal S.; Anwar, A. F. M.

2011-06-01

Next Generation EO/IR focal plane arrays using nanostructure materials are being developed for a variety of Defense and Homeland Security Sensor Applications. Several different nanomaterials are being evaluated for these applications. These include ZnO nanowires, GaN Nanowires and II-VI nanowires, which have demonstrated large signal to noise ratio as a wide band gap nanostructure material in the UV band. Similarly, the work is under way using Carbon Nanotubes (CNT) for a high speed detector and focal plane array as two-dimensional array as bolometer for IR bands of interest, which can be implemented for the sensors for homeland security applications. In this paper, we will discuss the sensor design and model predicting performance of an EO/IR focal plane array and Sensor that can cover the UV to IR bands of interest. The model can provide a robust means for comparing performance of the EO/IR FPA's and Sensors that can operate in the UV, Visible-NIR (0.4- 1.8μ), SWIR (2.0-2.5μ), MWIR (3-5μ), and LWIR bands (8-14μ). This model can be used as a tool for predicting performance of nanostructure arrays under development. We will also discuss our results on growth and characterization of ZnO nanowires and CNT's for the next generation sensor applications. We also present several approaches for integrated energy harvesting using nanostructure based solar cells and Nanogenerators that can be used to supplement the energy required for nanostructure based sensors.

A model of security monitoring

NASA Technical Reports Server (NTRS)

Bishop, Matt

1990-01-01

A model of security monitoring is presented that distinguishes between two types of logging and auditing. Implications for the design and use of security monitoring mechanisms are drawn from this model. The usefulness of the model is then demonstrated by analyzing several different monitoring mechanisms.

A model of security monitoring

NASA Technical Reports Server (NTRS)

Bishop, Matt

1989-01-01

A model of security monitoring is presented that distinguishes between two types of logging and auditing. Implications for the design and use of security monitoring mechanisms are drawn from this model. The usefulness of the model is then demonstrated by analyzing several different monitoring mechanisms.

Performance analysis of model based iterative reconstruction with dictionary learning in transportation security CT

NASA Astrophysics Data System (ADS)

Haneda, Eri; Luo, Jiajia; Can, Ali; Ramani, Sathish; Fu, Lin; De Man, Bruno

2016-05-01

In this study, we implement and compare model based iterative reconstruction (MBIR) with dictionary learning (DL) over MBIR with pairwise pixel-difference regularization, in the context of transportation security. DL is a technique of sparse signal representation using an over complete dictionary which has provided promising results in image processing applications including denoising,1 as well as medical CT reconstruction.2 It has been previously reported that DL produces promising results in terms of noise reduction and preservation of structural details, especially for low dose and few-view CT acquisitions.2 A distinguishing feature of transportation security CT is that scanned baggage may contain items with a wide range of material densities. While medical CT typically scans soft tissues, blood with and without contrast agents, and bones, luggage typically contains more high density materials (i.e. metals and glass), which can produce severe distortions such as metal streaking artifacts. Important factors of security CT are the emphasis on image quality such as resolution, contrast, noise level, and CT number accuracy for target detection. While MBIR has shown exemplary performance in the trade-off of noise reduction and resolution preservation, we demonstrate that DL may further improve this trade-off. In this study, we used the KSVD-based DL3 combined with the MBIR cost-minimization framework and compared results to Filtered Back Projection (FBP) and MBIR with pairwise pixel-difference regularization. We performed a parameter analysis to show the image quality impact of each parameter. We also investigated few-view CT acquisitions where DL can show an additional advantage relative to pairwise pixel difference regularization.

Challenges on the epidemiological and economic burden of diabetes and hypertension in Mexico.

PubMed

Arredondo, Armando; Orozco, Emanuel; Alcalde-Rabanal, Jaqueline; Navarro, Juan; Azar, Alejandra

2018-01-01

OBJECTIVE To analyze the epidemiological and economic burden of the health services demand due to diabetes and hypertension in Mexico. METHODS Evaluation study based on a time series study that had as a universe of study the assured and uninsured population that demands health services from the three main institutions of the Health System in Mexico: The Health Department, the Mexican Institute of Social Security, and Institute of Services and Social Security for State Workers. The financing method was based on instrumentation and consensus techniques for medium case management. In order to estimate the epidemiological changes and financial requirements, a time series of observed cases for diabetes and hypertension 1994-2013 was integrated. Probabilistic models were developed based on the Box-Jenkins technique for the period of 2013-2018 with 95% confidence intervals and p < 0.05. RESULTS Comparing results from 2013 versus 2018, in the five regions, different incremental trends of 14%-17% in epidemiological changes and 58%-66% in the economic burden for both diseases were observed. CONCLUSIONS If the risk factors and the different models of care remained as they currently are in the three institutions analyzed, the financial consequences would be of greater impact for the Mexican Institute of Social Security, following in order of importance the Institute of Services and Social Security for State Workers and lastly the Health Department. The financial needs for both diseases will represent approximately 13%-15% of the total budget allocated to the uninsured population and 15%-17% for the population insured depending on the region.

Challenges on the epidemiological and economic burden of diabetes and hypertension in Mexico

PubMed Central

Arredondo, Armando; Orozco, Emanuel; Alcalde-Rabanal, Jaqueline; Navarro, Juan; Azar, Alejandra

2018-01-01

ABSTRACT OBJECTIVE To analyze the epidemiological and economic burden of the health services demand due to diabetes and hypertension in Mexico. METHODS Evaluation study based on a time series study that had as a universe of study the assured and uninsured population that demands health services from the three main institutions of the Health System in Mexico: The Health Department, the Mexican Institute of Social Security, and Institute of Services and Social Security for State Workers. The financing method was based on instrumentation and consensus techniques for medium case management. In order to estimate the epidemiological changes and financial requirements, a time series of observed cases for diabetes and hypertension 1994–2013 was integrated. Probabilistic models were developed based on the Box-Jenkins technique for the period of 2013–2018 with 95% confidence intervals and p < 0.05. RESULTS Comparing results from 2013 versus 2018, in the five regions, different incremental trends of 14%–17% in epidemiological changes and 58%-66% in the economic burden for both diseases were observed. CONCLUSIONS If the risk factors and the different models of care remained as they currently are in the three institutions analyzed, the financial consequences would be of greater impact for the Mexican Institute of Social Security, following in order of importance the Institute of Services and Social Security for State Workers and lastly the Health Department. The financial needs for both diseases will represent approximately 13%–15% of the total budget allocated to the uninsured population and 15%–17% for the population insured depending on the region. PMID:29489993

A Reaction Time Experiment on Adult Attachment: The Development of a Measure for Neurophysiological Settings

PubMed Central

Wichmann, Theresia; Buchheim, Anna; Menning, Hans; Schenk, Ingmar; George, Carol; Pokorny, Dan

2016-01-01

In the last few decades, there has been an increase of experimental research on automatic unconscious processes concerning the evaluation of the self and others. Previous research investigated implicit aspects of romantic attachment using self-report measures as explicit instruments for assessing attachment style. There is a lack of experimental procedures feasible for neurobiological settings. We developed a reaction time (RT) experiment using a narrative attachment measure with an implicit nature and were interested to capture automatic processes, when the individuals’ attachment system is activated. We aimed to combine attachment methodology with knowledge from implicit measures by using a decision RT paradigm. This should serve as a means to capture implicit aspects of attachment. This experiment evaluated participants’ response to prototypic attachment sentences in association with their own attachment classification, measured with the Adult Attachment Projective Picture System (AAP). First the AAP was administered as the standardized interview procedure to 30 healthy participants, which were classified into a secure or insecure group. In the following experimental session, both experimenter and participants were blind with respect to classifications. One hundred twenty eight prototypically secure or insecure sentences related to the eight pictures of the AAP were presented to the participants. Their response and RTs were recorded. Based on the response (accept, reject) a continuous security scale was defined. Both the AAP classification and security scale were related to the RTs. Differentiated study hypotheses were confirmed for insecure sentences, which were accepted faster by participants from the insecure attachment group (or with lower security scale), and rejected faster by participants from secure attachment group (or with higher security scale). The elaborating unconscious processes were more activated by insecure sentences with potential attachment conflicts. The introduced paradigm is able to contribute to an experimental approach in attachment research. The RT analysis with the narrative procedure might be of interest for a broader variety of questions in experimental and neurophysiological settings to capture unconscious processes in association with internal working models of attachment. An electrophysiological model based on preliminary research is proposed for assessing the preconscious neuronal network related to secure or insecure attachment representations. PMID:27853426

Transaction-based building controls framework, Volume 2: Platform descriptive model and requirements

DOE Office of Scientific and Technical Information (OSTI.GOV)

Akyol, Bora A.; Haack, Jereme N.; Carpenter, Brandon J.

Transaction-based Building Controls (TBC) offer a control systems platform that provides an agent execution environment that meets the growing requirements for security, resource utilization, and reliability. This report outlines the requirements for a platform to meet these needs and describes an illustrative/exemplary implementation.

Comparison of process-based models to quantify nutrient flows and greenhouse gas emissions of milk production

USDA-ARS?s Scientific Manuscript database

Assessing and improving the sustainability of dairy production systems is essential to secure future food production. This requires a holistic approach that reveals trade-offs between emissions of the different greenhouse gases (GHG) and nutrient-based pollutants and ensures that interactions betwee...

Novel secret key generation techniques using memristor devices

NASA Astrophysics Data System (ADS)

Abunahla, Heba; Shehada, Dina; Yeun, Chan Yeob; Mohammad, Baker; Jaoude, Maguy Abi

2016-02-01

This paper proposes novel secret key generation techniques using memristor devices. The approach depends on using the initial profile of a memristor as a master key. In addition, session keys are generated using the master key and other specified parameters. In contrast to existing memristor-based security approaches, the proposed development is cost effective and power efficient since the operation can be achieved with a single device rather than a crossbar structure. An algorithm is suggested and demonstrated using physics based Matlab model. It is shown that the generated keys can have dynamic size which provides perfect security. Moreover, the proposed encryption and decryption technique using the memristor based generated keys outperforms Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) in terms of processing time. This paper is enriched by providing characterization results of a fabricated microscale Al/TiO2/Al memristor prototype in order to prove the concept of the proposed approach and study the impacts of process variations. The work proposed in this paper is a milestone towards System On Chip (SOC) memristor based security.

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

Social Security And Mental Illness: Reducing Disability With Supported Employment

PubMed Central

Drake, Robert E.; Skinner, Jonathan S.; Bond, Gary R.; Goldman, Howard H.

2010-01-01

Social Security Administration disability programs are expensive, growing, and headed toward bankruptcy. People with psychiatric disabilities now constitute the largest and most rapidly expanding subgroup of program beneficiaries. Evidence-based supported employment is a well-defined, rigorously tested service model that helps people with psychiatric disabilities obtain and succeed in competitive employment. Providing evidence-based supported employment and mental health services to this population could reduce the growing rates of disability and enable those already disabled to contribute positively to the workforce and to their own welfare, at little or no cost (and, depending on assumptions, a possible savings) to the government. PMID:19414885

Securely and Flexibly Sharing a Biomedical Data Management System

PubMed Central

Wang, Fusheng; Hussels, Phillip; Liu, Peiya

2011-01-01

Biomedical database systems need not only to address the issues of managing complex data, but also to provide data security and access control to the system. These include not only system level security, but also instance level access control such as access of documents, schemas, or aggregation of information. The latter is becoming more important as multiple users can share a single scientific data management system to conduct their research, while data have to be protected before they are published or IP-protected. This problem is challenging as users’ needs for data security vary dramatically from one application to another, in terms of who to share with, what resources to be shared, and at what access level. We develop a comprehensive data access framework for a biomedical data management system SciPort. SciPort provides fine-grained multi-level space based access control of resources at not only object level (documents and schemas), but also space level (resources set aggregated in a hierarchy way). Furthermore, to simplify the management of users and privileges, customizable role-based user model is developed. The access control is implemented efficiently by integrating access privileges into the backend XML database, thus efficient queries are supported. The secure access approach we take makes it possible for multiple users to share the same biomedical data management system with flexible access management and high data security. PMID:21625285

Secure steganographic communication algorithm based on self-organizing patterns.

PubMed

Saunoriene, Loreta; Ragulskis, Minvydas

2011-11-01

A secure steganographic communication algorithm based on patterns evolving in a Beddington-de Angelis-type predator-prey model with self- and cross-diffusion is proposed in this paper. Small perturbations of initial states of the system around the state of equilibrium result in the evolution of self-organizing patterns. Small differences between initial perturbations result in slight differences also in the evolving patterns. It is shown that the generation of interpretable target patterns cannot be considered as a secure mean of communication because contours of the secret image can be retrieved from the cover image using statistical techniques if only it represents small perturbations of the initial states of the system. An alternative approach when the cover image represents the self-organizing pattern that has evolved from initial states perturbed using the dot-skeleton representation of the secret image can be considered as a safe visual communication technique protecting both the secret image and communicating parties.

Advanced approach to information security management system model for industrial control system.

PubMed

Park, Sanghyun; Lee, Kyungho

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced Approach to Information Security Management System Model for Industrial Control System

PubMed Central

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. PMID:25136659

[ELGA--the electronic health record in the light of data protection and data security].

PubMed

Ströher, Alexander; Honekamp, Wilfried

2011-07-01

The introduction of an electronic health record (ELGA) is a subject discussed for a long time in Austria. Another big step toward ELGA is made at the end of 2010 on the pilot project e-medication in three model regions; other projects should follow. In addition, projects of the ELGA structure are sped up on the part of the ELGA GmbH to install the base of a functioning electronic health record. Unfortunately, many of these initiatives take place, so to speak, secretly, so that in the consciousness of the general public - and that includes not only patients but also physicians and other healthcare providers - always concerns about protection and security of such a storage of health data arouse. In this article the bases of the planned act are discussed taking into account the data protection and data security.

Resilience to leaking--dynamic systems modeling of information security.

PubMed

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack 'unjust' systems or 'conspiracies'. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for 'just' and 'unjust' entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the 'conspiracy'). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean' in direct adversary relations, but do not necessarily increase public benefit and societal immunization to 'conspiracies'. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here.

Rolling Process Modeling Report. Finite-Element Model Validation and Parametric Study on various Rolling Process parameters

DOE Office of Scientific and Technical Information (OSTI.GOV)

Soulami, Ayoub; Lavender, Curt A.; Paxton, Dean M.

2015-06-15

Pacific Northwest National Laboratory (PNNL) has been investigating manufacturing processes for the uranium-10% molybdenum alloy plate-type fuel for high-performance research reactors in the United States. This work supports the U.S. Department of Energy National Nuclear Security Administration’s Office of Material Management and Minimization Reactor Conversion Program. This report documents modeling results of PNNL’s efforts to perform finite-element simulations to predict roll-separating forces for various rolling mill geometries for PNNL, Babcock & Wilcox Co., Y-12 National Security Complex, Los Alamos National Laboratory, and Idaho National Laboratory. The model developed and presented in a previous report has been subjected to further validationmore » study using new sets of experimental data generated from a rolling mill at PNNL. Simulation results of both hot rolling and cold rolling of uranium-10% molybdenum coupons have been compared with experimental results. The model was used to predict roll-separating forces at different temperatures and reductions for five rolling mills within the National Nuclear Security Administration Fuel Fabrication Capability project. This report also presents initial results of a finite-element model microstructure-based approach to study the surface roughness at the interface between zirconium and uranium-10% molybdenum.« less

Rethinking Defensive Information Warfare

DTIC Science & Technology

2004-06-01

Countless studies, however, have demonstrated the weakness in this system.15 The tension between easily remembered passwords and suffi...vulnerabilities Undiscovered flaws The patch model for Internet security has failed spectacularly. Caida , 2004 Signature-Based Defense Anti virus, intrusion

Design and Test of Pseudorandom Number Generator Using a Star Network of Lorenz Oscillators

NASA Astrophysics Data System (ADS)

Cho, Kenichiro; Miyano, Takaya

We have recently developed a chaos-based stream cipher based on augmented Lorenz equations as a star network of Lorenz subsystems. In our method, the augmented Lorenz equations are used as a pseudorandom number generator. In this study, we propose a new method based on the augmented Lorenz equations for generating binary pseudorandom numbers and evaluate its security using the statistical tests of SP800-22 published by the National Institute for Standards and Technology in comparison with the performances of other chaotic dynamical models used as binary pseudorandom number generators. We further propose a faster version of the proposed method and evaluate its security using the statistical tests of TestU01 published by L’Ecuyer and Simard.

76 FR 32880 - Further Definition of “Swap,” “Security-Based Swap,” and “Security-Based Swap Agreement”; Mixed...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-07

... COMMODITY FUTURES TRADING COMMISSION 17 CFR Part 1 RIN 3038-AD46 SECURITIES AND EXCHANGE...-Based Swap Agreement Recordkeeping AGENCY: Commodity Futures Trading Commission; Securities and Exchange... Futures Trading Commission and the Securities and Exchange Commission published a document in the Federal...

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2013 CFR

2013-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2014 CFR

2014-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

Parental attachment style: examination of links with parent secure base provision and adolescent secure base use.

PubMed

Jones, Jason D; Cassidy, Jude

2014-01-01

The secure base construct represents one of attachment theory's most important contributions to our understanding of parent-child relationships and child development. The present study represents the first examination of how parents' self-reported attachment styles relate to parental secure base provision and adolescent (mean age = 16.6 years, SE = .59) secure base use during an observed parent-adolescent interaction. Further, the present study is the first to examine how fathers', as well as mothers', attachment styles relate to observed behavior in a parent-child interaction. At the bivariate level, maternal avoidance, but not anxiety, was negatively associated with observed adolescent secure base use. In addition, path analysis revealed that maternal avoidance was indirectly related to less adolescent secure base use through mothers' self-reported hostile behavior toward their adolescents and through adolescents' less positive perceptions of their mothers. Further, paternal anxiety, but not avoidance, was indirectly related to less adolescent secure base use through fathers' self-reported hostile behavior toward their adolescents. No significant findings emerged in relation to parental secure base provision. We discuss these results in the context of attachment theory and suggest directions for future research.

Integration of Dynamic Models in Range Operations

NASA Technical Reports Server (NTRS)

Bardina, Jorge; Thirumalainambi, Rajkumar

2004-01-01

This work addresses the various model interactions in real-time to make an efficient internet based decision making tool for Shuttle launch. The decision making tool depends on the launch commit criteria coupled with physical models. Dynamic interaction between a wide variety of simulation applications and techniques, embedded algorithms, and data visualizations are needed to exploit the full potential of modeling and simulation. This paper also discusses in depth details of web based 3-D graphics and applications to range safety. The advantages of this dynamic model integration are secure accessibility and distribution of real time information to other NASA centers.

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

Enabling search over encrypted multimedia databases

NASA Astrophysics Data System (ADS)

Lu, Wenjun; Swaminathan, Ashwin; Varna, Avinash L.; Wu, Min

2009-02-01

Performing information retrieval tasks while preserving data confidentiality is a desirable capability when a database is stored on a server maintained by a third-party service provider. This paper addresses the problem of enabling content-based retrieval over encrypted multimedia databases. Search indexes, along with multimedia documents, are first encrypted by the content owner and then stored onto the server. Through jointly applying cryptographic techniques, such as order preserving encryption and randomized hash functions, with image processing and information retrieval techniques, secure indexing schemes are designed to provide both privacy protection and rank-ordered search capability. Retrieval results on an encrypted color image database and security analysis of the secure indexing schemes under different attack models show that data confidentiality can be preserved while retaining very good retrieval performance. This work has promising applications in secure multimedia management.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

A Secure Base in Adolescence: Markers of Attachment Security in the Mother–Adolescent Relationship

PubMed Central

Allen, Joseph P.; McElhaney, Kathleen Boykin; Land, Deborah J.; Kuperminc, Gabriel P.; Moore, Cynthia W.; O’Beirne-Kelly, Heather; Kilmer, Sarah Liebman

2017-01-01

This study sought to identify ways in which adolescent attachment security, as assessed via the Adult Attachment Interview, is manifest in qualities of the secure base provided by the mother–adolescent relationship. Assessments included data coded from mother–adolescent interactions, test-based data, and adolescent self-reports obtained from an ethnically and socioeconomically diverse sample of moderately at-risk 9th and 10th graders. This study found several robust markers of adolescent attachment security in the mother–adolescent relationship. Each of these markers was found to contribute unique variance to explaining adolescent security, and in combination, they accounted for as much as 40% of the raw variance in adolescent security. These findings suggest that security is closely connected to the workings of the mother–adolescent relationship via a secure-base phenomenon, in which the teen can explore independence in thought and speech from the secure base of a maternal relationship characterized by maternal attunement to the adolescent and maternal supportiveness. PMID:12625451

A Framework for Architecture-Based Planning and Assessment to Support Modeling and Simulation of Network-Centric Command and Control

DTIC Science & Technology

2006-02-17

included system-unique specifications derived to counter these threats. But the international security environment has changed --- and it will continue... Netowrk -Centric Command and Control 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e. TASK...contains color images. 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 20 19a. NAME

Privacy and Access Control for IHE-Based Systems

NASA Astrophysics Data System (ADS)

Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

78 FR 21677 - Self-Regulatory Organizations; Miami International Securities Exchange LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-11

... end subscribers. Vendors impose price restraints based upon their business models. For example... revenue. Although the business models may differ, these vendors' pricing discipline is the same: They can... executions and of data as a unified cost of doing business with the exchange. A broker-dealer will direct...

Understanding Cortisol Reactivity across the Day at Child Care: The Potential Buffering Role of Secure Attachments to Caregivers

PubMed Central

Badanes, Lisa S.; Dmitrieva, Julia; Watamura, Sarah Enos

2011-01-01

Full-day center-based child care has been repeatedly associated with rising cortisol across the child care day. This study addressed the potential buffering role of attachment to mothers and lead teachers in 110 preschoolers while at child care. Using multi-level modeling and controlling for a number of child, family, and child care factors, children with more secure attachments to teachers were more likely to show falling cortisol across the child care day. Attachment to mothers interacted with child care quality, with buffering effects found for children with secure attachments attending higher quality child care. Implications for early childhood educators are discussed. PMID:22408288

Bigdata Driven Cloud Security: A Survey

NASA Astrophysics Data System (ADS)

Raja, K.; Hanifa, Sabibullah Mohamed

2017-08-01

Cloud Computing (CC) is a fast-growing technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Recently, it has been observed that massive growth in the scale of data or big data generated through cloud computing. CC consists of a front-end, includes the users’ computers and software required to access the cloud network, and back-end consists of various computers, servers and database systems that create the cloud. In SaaS (Software as-a-Service - end users to utilize outsourced software), PaaS (Platform as-a-Service-platform is provided) and IaaS (Infrastructure as-a-Service-physical environment is outsourced), and DaaS (Database as-a-Service-data can be housed within a cloud), where leading / traditional cloud ecosystem delivers the cloud services become a powerful and popular architecture. Many challenges and issues are in security or threats, most vital barrier for cloud computing environment. The main barrier to the adoption of CC in health care relates to Data security. When placing and transmitting data using public networks, cyber attacks in any form are anticipated in CC. Hence, cloud service users need to understand the risk of data breaches and adoption of service delivery model during deployment. This survey deeply covers the CC security issues (covering Data Security in Health care) so as to researchers can develop the robust security application models using Big Data (BD) on CC (can be created / deployed easily). Since, BD evaluation is driven by fast-growing cloud-based applications developed using virtualized technologies. In this purview, MapReduce [12] is a good example of big data processing in a cloud environment, and a model for Cloud providers.

A new intrusion prevention model using planning knowledge graph

NASA Astrophysics Data System (ADS)

Cai, Zengyu; Feng, Yuan; Liu, Shuru; Gan, Yong

2013-03-01

Intelligent plan is a very important research in artificial intelligence, which has applied in network security. This paper proposes a new intrusion prevention model base on planning knowledge graph and discuses the system architecture and characteristics of this model. The Intrusion Prevention based on plan knowledge graph is completed by plan recognition based on planning knowledge graph, and the Intrusion response strategies and actions are completed by the hierarchical task network (HTN) planner in this paper. Intrusion prevention system has the advantages of intelligent planning, which has the advantage of the knowledge-sharing, the response focused, learning autonomy and protective ability.

The Latent Structure of Secure Base Script Knowledge

ERIC Educational Resources Information Center

Waters, Theodore E. A.; Fraley, R. Chris; Groh, Ashley M.; Steele, Ryan D.; Vaughn, Brian E.; Bost, Kelly K.; Veríssimo, Manuela; Coppola, Gabrielle; Roisman, Glenn I.

2015-01-01

There is increasing evidence that attachment representations abstracted from childhood experiences with primary caregivers are organized as a cognitive script describing secure base use and support (i.e., the "secure base script"). To date, however, the latent structure of secure base script knowledge has gone unexamined--this despite…

Sparse Event Modeling with Hierarchical Bayesian Kernel Methods

DTIC Science & Technology

2016-01-05

SECURITY CLASSIFICATION OF: The research objective of this proposal was to develop a predictive Bayesian kernel approach to model count data based on...several predictive variables. Such an approach, which we refer to as the Poisson Bayesian kernel model , is able to model the rate of occurrence of...which adds specificity to the model and can make nonlinear data more manageable. Early results show that the 1. REPORT DATE (DD-MM-YYYY) 4. TITLE

Security architecture for HL/7 message interchange.

PubMed

Chen, T S; Liao, B S; Lin, M G; Gough, T G

2001-01-01

The promotion of quality medical treatment is very important to the healthcare providers as well as to patients. It requires that the medical resources of different hospitals be combined to ensure that medical information is shared and that resources are not wasted. A computer-based patient record is one of the best methods to accomplish the interchange of the patient's clinical data. In our system, the Health Level/Seven (HL/7) format is used for the interchange of the clinical data, as it has been supported by many healthcare providers and become a â standard'. The security of the interchange of clinical data is a serious issue for people using the Internet for data communication. Several international well-developed security algorithms, models and secure policies are adopted in the design of a security handler for an HL/7 architecture. The goal of our system is to combine our security system with the end-to-end communication systems constructed from the HL/7 format to establish a safe delivery channel. A suitable security interchange environment is implemented to address some shortcomings in clinical data interchange. located at the application layer of the ISO/OSI reference model. The medical message components, sub-components, and related types of message event are the primary goals of the HL/7 protocols. The patient management system, the doctor's system for recording his advice, examination and diagnosis as well as any financial management system are all covered by the HL/7 protocols. Healthcare providers and hospitals in Taiwan are very interested in developing the HL/7 protocols as a common standard for clinical data interchange.

Research Directions in Database Security IV

DTIC Science & Technology

1993-07-01

second algorithm, which is based on multiversion timestamp ordering, is that high level transactions can be forced to read arbitrarily old data values...system. The first, the single ver- sion model, stores only the latest veision of each data item, while the second, the 88 multiversion model, stores... Multiversion Database Model In the standard database model, where there is only one version of each data item, all transactions compete for the most recent

Statistical Analysis of Atmospheric Forecast Model Accuracy - A Focus on Multiple Atmospheric Variables and Location-Based Analysis

DTIC Science & Technology

2014-04-01

WRF ) model is a numerical weather prediction system designed for operational forecasting and atmospheric research. This report examined WRF model... WRF , weather research and forecasting, atmospheric effects 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT SAR 18. NUMBER OF...and Forecasting ( WRF ) model. The authors would also like to thank Ms. Sherry Larson, STS Systems Integration, LLC, ARL Technical Publishing Branch

[Landscape ecological security pattern during urban expansion of Nanchong City].

PubMed

Li, Sui; Shi, Tie-mao; Fu, Shi-lei; Zhou, Le; Liu, Miao; Wang, Wei

2011-03-01

Based on the theory of landscape ecological security pattern and the RS and GIS techniques, this paper analyzed the distribution of ecological security grades in Nanchong City, taking six elements including terrain condition, flood hazard, soil erosion, vegetation cover, geological disaster, and biological protection as the ecological constraints (or determinants) of urban expansion. According to the minimum cumulative resistance model, the ecological corridors and ecological nodes were built to strengthen the space contact of ecological network, and, on the basis of the protection of ecological safety, the reasonable trend of urban expansion and the optimization of space layout were investigated. The results showed that the ecological security of Nanchong City was quite good, with the regions of low ecological security mainly distributed in the west suburban mountains and the downstream region of Jialing River in the south of the City. Ecological elements were the most important constraints for the future expansion of urban space. There were more spaces for the urban expansion in the southern and northern parts of Nanchong City. To develop satellite towns would be the best selection to guarantee the ecological security of the city.

77 FR 71369 - Capital, Margin, and Segregation Requirements for Security-Based Swap Dealers and Major Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 [Release No. 34-68071; File No. S7-08-12] RIN 3235-AL12 Capital, Margin, and Segregation Requirements for Security-Based Swap Dealers and Major Security-Based Swap Participants and Capital Requirements for Broker-Dealers Correction In proposed rule...

Working models of attachment to parents and partners: implications for emotional behavior between partners.

PubMed

Mehta, Neera; Cowan, Philip A; Cowan, Carolyn P

2009-12-01

This study examined whether working models of attachment are associated with observed positive emotion, sadness, and anger during marital conflict. Individuals (n = 176) from a longitudinal study of families participated in the current cross-sectional study. Narrative interviews assessed the unique and combined contribution of attachment representations based on parents (adult attachment) and partner (couple attachment). The influence of partner's attachment, depression symptoms, and sex of participant was also examined. Hierarchical linear models demonstrated that one's couple attachment security predicts one's observed positive emotion, whereas the partner's couple attachment security predicts one's observed negative emotion. Partner's depression symptoms moderated the effects of partner's couple attachment. Adult attachment was not related to observed emotional behavior between partners. These findings have important clinical implications for individual, couple, and family therapy.

A network security monitor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Heberlein, L.T.; Dias, G.V.; Levitt, K.N.

1989-11-01

The study of security in computer networks is a rapidly growing area of interest because of the proliferation of networks and the paucity of security measures in most current networks. Since most networks consist of a collection of inter-connected local area networks (LANs), this paper concentrates on the security-related issues in a single broadcast LAN such as Ethernet. Specifically, we formalize various possible network attacks and outline methods of detecting them. Our basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, ourmore » work is similar to the host-based intrusion-detection systems such as SRI's IDES. Different from such systems, however, is our use of a hierarchical model to refine the focus of the intrusion-detection mechanism. We also report on the development of our experimental LAN monitor currently under implementation. Several network attacks have been simulated and results on how the monitor has been able to detect these attacks are also analyzed. Initial results demonstrate that many network attacks are detectable with our monitor, although it can surely be defeated. Current work is focusing on the integration of network monitoring with host-based techniques. 20 refs., 2 figs.« less

Real-time network security situation visualization and threat assessment based on semi-Markov process

NASA Astrophysics Data System (ADS)

Chen, Junhua

2013-03-01

To cope with a large amount of data in current sensed environments, decision aid tools should provide their understanding of situations in a time-efficient manner, so there is an increasing need for real-time network security situation awareness and threat assessment. In this study, the state transition model of vulnerability in the network based on semi-Markov process is proposed at first. Once events are triggered by an attacker's action or system response, the current states of the vulnerabilities are known. Then we calculate the transition probabilities of the vulnerability from the current state to security failure state. Furthermore in order to improve accuracy of our algorithms, we adjust the probabilities that they exploit the vulnerability according to the attacker's skill level. In the light of the preconditions and post-conditions of vulnerabilities in the network, attack graph is built to visualize security situation in real time. Subsequently, we predict attack path, recognize attack intention and estimate the impact through analysis of attack graph. These help administrators to insight into intrusion steps, determine security state and assess threat. Finally testing in a network shows that this method is reasonable and feasible, and can undertake tremendous analysis task to facilitate administrators' work.

Secure Multicast Tree Structure Generation Method for Directed Diffusion Using A* Algorithms

NASA Astrophysics Data System (ADS)

Kim, Jin Myoung; Lee, Hae Young; Cho, Tae Ho

The application of wireless sensor networks to areas such as combat field surveillance, terrorist tracking, and highway traffic monitoring requires secure communication among the sensor nodes within the networks. Logical key hierarchy (LKH) is a tree based key management model which provides secure group communication. When a sensor node is added or evicted from the communication group, LKH updates the group key in order to ensure the security of the communications. In order to efficiently update the group key in directed diffusion, we propose a method for secure multicast tree structure generation, an extension to LKH that reduces the number of re-keying messages by considering the addition and eviction ratios of the history data. For the generation of the proposed key tree structure the A* algorithm is applied, in which the branching factor at each level can take on different value. The experiment results demonstrate the efficiency of the proposed key tree structure against the existing key tree structures of fixed branching factors.

An IPSO-SVM algorithm for security state prediction of mine production logistics system

NASA Astrophysics Data System (ADS)

Zhang, Yanliang; Lei, Junhui; Ma, Qiuli; Chen, Xin; Bi, Runfang

2017-06-01

A theoretical basis for the regulation of corporate security warning and resources was provided in order to reveal the laws behind the security state in mine production logistics. Considering complex mine production logistics system and the variable is difficult to acquire, a superior security status predicting model of mine production logistics system based on the improved particle swarm optimization and support vector machine (IPSO-SVM) is proposed in this paper. Firstly, through the linear adjustments of inertia weight and learning weights, the convergence speed and search accuracy are enhanced with the aim to deal with situations associated with the changeable complexity and the data acquisition difficulty. The improved particle swarm optimization (IPSO) is then introduced to resolve the problem of parameter settings in traditional support vector machines (SVM). At the same time, security status index system is built to determine the classification standards of safety status. The feasibility and effectiveness of this method is finally verified using the experimental results.

Collaborating toward improving food security in Nunavut.

PubMed

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut.

Collaborating toward improving food security in Nunavut

PubMed Central

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Background Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. Objective The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. Design The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. Results In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. Conclusions The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut. PMID:23984307

Smart Sensing Based on DNA-Metal Interaction Enables a Label-Free and Resettable Security Model of Electrochemical Molecular Keypad Lock.

PubMed

Du, Yan; Han, Xu; Wang, Chenxu; Li, Yunhui; Li, Bingling; Duan, Hongwei

2018-01-26

Recently, molecular keypad locks have received increasing attention. As a new subgroup of smart biosensors, they show great potential for protecting information as a molecular security data processor, rather than merely molecular recognition and quantitation. Herein, label-free electrochemically transduced Ag + and cysteine (Cys) sensors were developed. A molecular keypad lock model with reset function was successfully realized based on the balanced interaction of metal ion with its nucleic acid and chemical ligands. The correct input of "1-2-3" (i.e., "Ag + -Cys-cDNA") is the only password of such molecular keypad lock. Moreover, the resetting process of either correct or wrong input order could be easily made by Cys, buffer, and DI water treatment. Therefore, our system provides an even smarter system of molecular keypad lock, which could inhibit illegal access of unauthorized users, holding great promise in information protection at the molecular level.

Teaching RFID Information Systems Security

ERIC Educational Resources Information Center

Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

2014-01-01

The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

A novel water poverty index model for evaluation of Chinese regional water security

NASA Astrophysics Data System (ADS)

Gong, L.; Jin, C. L.; Li, Y. X.; Zhou, Z. L.

2017-08-01

This study proposed an improved Water Poverty Index (WPI) model employed in evaluating Chinese regional water security. Firstly, the Chinese WPI index system was constructed, in which the indicators were obtained according to China River reality. A new mathematical model was then established for WPI values calculation on the basis of Center for Ecology and Hydrology (CEH) model. Furthermore, this new model was applied in Shiyanghe River (located in western China). It turned out that the Chinese index system could clearly reflect the indicators threatening security of river water and the Chinese WPI model is feasible. This work has also developed a Water Security Degree (WSD) standard which is able to be regarded as a scientific basis for further water resources utilization and water security warning mechanism formulation.

ONCHIT security in distributed environments: a proposed model for implantable devices.

PubMed

Lorence, Daniel; Lee, James; Richards, Michael

2010-08-01

Recent ONCHIT mandates call for increased individual health data collection efforts as well as heightened security measures. To date most healthcare organizations have been reluctant to exchange information, citing confidentiality concerns and unshared costs incurred by specific organizations. Implantable monitoring and treatment devices are rapidly emerging as data collection interface tools in response to such mandates. Proposed here is a translational, device-independent consumer-based solution, which focuses on information controlled by specific patients, and functions within a distributed (organization neutral) environment. While the conceptual applications employed in this technology set are provided by way of illustration, they may also serve as a transformative model for emerging EMR/EHR requirements.

A case study for a digital seabed database: Bohai Sea engineering geology database

NASA Astrophysics Data System (ADS)

Tianyun, Su; Shikui, Zhai; Baohua, Liu; Ruicai, Liang; Yanpeng, Zheng; Yong, Wang

2006-07-01

This paper discusses the designing plan of ORACLE-based Bohai Sea engineering geology database structure from requisition analysis, conceptual structure analysis, logical structure analysis, physical structure analysis and security designing. In the study, we used the object-oriented Unified Modeling Language (UML) to model the conceptual structure of the database and used the powerful function of data management which the object-oriented and relational database ORACLE provides to organize and manage the storage space and improve its security performance. By this means, the database can provide rapid and highly effective performance in data storage, maintenance and query to satisfy the application requisition of the Bohai Sea Oilfield Paradigm Area Information System.

A hierarchical detection method in external communication for self-driving vehicles based on TDMA.

PubMed

Alheeti, Khattab M Ali; Al-Ani, Muzhir Shaban; McDonald-Maier, Klaus

2018-01-01

Security is considered a major challenge for self-driving and semi self-driving vehicles. These vehicles depend heavily on communications to predict and sense their external environment used in their motion. They use a type of ad hoc network termed Vehicular ad hoc networks (VANETs). Unfortunately, VANETs are potentially exposed to many attacks on network and application level. This paper, proposes a new intrusion detection system to protect the communication system of self-driving cars; utilising a combination of hierarchical models based on clusters and log parameters. This security system is designed to detect Sybil and Wormhole attacks in highway usage scenarios. It is based on clusters, utilising Time Division Multiple Access (TDMA) to overcome some of the obstacles of VANETs such as high density, high mobility and bandwidth limitations in exchanging messages. This makes the security system more efficient, accurate and capable of real time detection and quick in identification of malicious behaviour in VANETs. In this scheme, each vehicle log calculates and stores different parameter values after receiving the cooperative awareness messages from nearby vehicles. The vehicles exchange their log data and determine the difference between the parameters, which is utilised to detect Sybil attacks and Wormhole attacks. In order to realize efficient and effective intrusion detection system, we use the well-known network simulator (ns-2) to verify the performance of the security system. Simulation results indicate that the security system can achieve high detection rates and effectively detect anomalies with low rate of false alarms.

Parental Attachment Style: Examination of Links with Parent Secure Base Provision and Adolescent Secure Base Use

PubMed Central

Jones, Jason D.; Cassidy, Jude

2014-01-01

The secure base construct is a core aspect of attachment theory and, according to Bowlby (1988), represents one of attachment theory’s most important contributions to our understanding of parent-child relationships and child development. The present study represents the first examination of how parents’ self-reported attachment styles relate to parental secure base provision and adolescent (Mage = 16.6 years, SE = .59) secure base use during an observed parent-adolescent interaction. Further, the present study is the first to examine how fathers’, as well as mothers’, attachment styles relate to observed behavior in a parent-child interaction. At the bivariate level, maternal avoidance, but not anxiety, was negatively associated with observed adolescent secure base use. In addition, path analysis revealed that maternal avoidance was indirectly related to less adolescent secure base use through mothers’ self-reported hostile behavior toward their adolescents and through adolescents’ less positive perceptions of their mothers. Further, paternal anxiety, but not avoidance, was indirectly related to less adolescent secure base use through fathers’ self-reported hostile behavior toward their adolescents. No significant findings emerged in relation to parental secure base provision. We discuss these results in the context of attachment theory and suggest directions for future research. PMID:24897927

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

DTIC Science & Technology

2007-09-01

the Systems Security Engineering Capability Maturity Model (SSE- CMM / ISO 21827) and its use in system software developments ...software development life cycle ( SDLC )? 6. In what ways should process improvement support security in the SDLC ? 1.2 10BPANEL RESOURCES For each... project management, and support practices through the use of the capability maturity models including the CMMI and the Systems Security

[The Explore of the Security Strategy Model in Hospital Mobile Clinic New Mode].

PubMed

Li, Ke; Xia, Yong; Wang, Wei

2016-03-01

The paper elaborates and analyzes the current status of mobile hospital information security, then puts forward a security new model of the mobile treatment, then its architecture and solutions is elaborated. The use of this model makes the overall security level of hospital information to be further improved and enhanced, it has a positive signifi cance to promote the overal hospital management level.

Modeling Security Bridge Certificate Authority Architecture

NASA Astrophysics Data System (ADS)

Ren, Yizhi; Li, Mingchu; Sakurai, Kouichi

Current Public Key Infrastructures suffer from a scaling problem, and some may have security problems, even given the topological simplification of bridge certification authorities. This paper analyzes the security problems in Bridge Certificate Authorities (BCA) model by using the concept of “impersonation risk, ” and proposes a new modified BCA model, which enhances its security, but is a bit more complex incertification path building and implementation than the existing one.

Food insecurity, a determinant of obesity? - an analysis from a population-based survey in the Paris metropolitan area, 2010.

PubMed

Martin-Fernandez, Judith; Caillavet, France; Lhuissier, Anne; Chauvin, Pierre

2014-01-01

The relationship between food insecurity and obesity is discussed in the literature. The objective of this study was to determine whether food insecurity and obesity were associated in the Paris metropolitan area. We used data from third wave of the Health, Inequalities and Social Ruptures (SIRS) cohort study, a longitudinal population-based, representative health and socioepidemiological survey of the general population in the Paris metropolitan area. The participants' BMI (calculated using self-reported height and weight) was analyzed as a continuous variable, and a dichotomous variable (BMI < 30 kg/m(2)/BMI ≥ 30 kg/m(2)) was constructed. Food insecurity was estimated using the Household Food Security Scale Module (HFSSM) and was treated as a trichotomous variable (food security / low food security / very low food security). Multilevel models were estimated for men and women separately. Obesity (BMI ≥ 30 kg/m(2)) prevalence was 10.2%. The determinant of obesity differs according to gender. After adjustment for age, income and the sociooccupational group, very low food security was associated with obesity in women (OR = 2.01, 95%CI 1.05-3.82), and women with very low food security had a higher BMI (Coef. = 1.78, 95% CI 0.24-3.31). This association, however, was not significant for men (OR = 1.84, 95%CI 0.64-5.30). In times of economic crisis, it is increasingly essential to explore and understand the pathway through which very low food security is linked to obesity.

Option pricing: Stock price, stock velocity and the acceleration Lagrangian

NASA Astrophysics Data System (ADS)

Baaquie, Belal E.; Du, Xin; Bhanap, Jitendra

2014-12-01

The industry standard Black-Scholes option pricing formula is based on the current value of the underlying security and other fixed parameters of the model. The Black-Scholes formula, with a fixed volatility, cannot match the market's option price; instead, it has come to be used as a formula for generating the option price, once the so called implied volatility of the option is provided as additional input. The implied volatility not only is an entire surface, depending on the strike price and maturity of the option, but also depends on calendar time, changing from day to day. The point of view adopted in this paper is that the instantaneous rate of return of the security carries part of the information that is provided by implied volatility, and with a few (time-independent) parameters required for a complete pricing formula. An option pricing formula is developed that is based on knowing the value of both the current price and rate of return of the underlying security which in physics is called velocity. Using an acceleration Lagrangian model based on the formalism of quantum mathematics, we derive the pricing formula for European call options. The implied volatility of the market can be generated by our pricing formula. Our option price is applied to foreign exchange rates and equities and the accuracy is compared with Black-Scholes pricing formula and with the market price.

Assessing uncertainties in surface water security: An empirical multimodel approach

NASA Astrophysics Data System (ADS)

Rodrigues, Dulce B. B.; Gupta, Hoshin V.; Mendiondo, Eduardo M.; Oliveira, Paulo Tarso S.

2015-11-01

Various uncertainties are involved in the representation of processes that characterize interactions among societal needs, ecosystem functioning, and hydrological conditions. Here we develop an empirical uncertainty assessment of water security indicators that characterize scarcity and vulnerability, based on a multimodel and resampling framework. We consider several uncertainty sources including those related to (i) observed streamflow data; (ii) hydrological model structure; (iii) residual analysis; (iv) the method for defining Environmental Flow Requirement; (v) the definition of critical conditions for water provision; and (vi) the critical demand imposed by human activities. We estimate the overall hydrological model uncertainty by means of a residual bootstrap resampling approach, and by uncertainty propagation through different methodological arrangements applied to a 291 km2 agricultural basin within the Cantareira water supply system in Brazil. Together, the two-component hydrograph residual analysis and the block bootstrap resampling approach result in a more accurate and precise estimate of the uncertainty (95% confidence intervals) in the simulated time series. We then compare the uncertainty estimates associated with water security indicators using a multimodel framework and the uncertainty estimates provided by each model uncertainty estimation approach. The range of values obtained for the water security indicators suggests that the models/methods are robust and performs well in a range of plausible situations. The method is general and can be easily extended, thereby forming the basis for meaningful support to end-users facing water resource challenges by enabling them to incorporate a viable uncertainty analysis into a robust decision-making process.

Provably secure identity-based identification and signature schemes from code assumptions

PubMed Central

Zhao, Yiming

2017-01-01

Code-based cryptography is one of few alternatives supposed to be secure in a post-quantum world. Meanwhile, identity-based identification and signature (IBI/IBS) schemes are two of the most fundamental cryptographic primitives, so several code-based IBI/IBS schemes have been proposed. However, with increasingly profound researches on coding theory, the security reduction and efficiency of such schemes have been invalidated and challenged. In this paper, we construct provably secure IBI/IBS schemes from code assumptions against impersonation under active and concurrent attacks through a provably secure code-based signature technique proposed by Preetha, Vasant and Rangan (PVR signature), and a security enhancement Or-proof technique. We also present the parallel-PVR technique to decrease parameter values while maintaining the standard security level. Compared to other code-based IBI/IBS schemes, our schemes achieve not only preferable public parameter size, private key size, communication cost and signature length due to better parameter choices, but also provably secure. PMID:28809940

Provably secure identity-based identification and signature schemes from code assumptions.

PubMed

Song, Bo; Zhao, Yiming

2017-01-01

Code-based cryptography is one of few alternatives supposed to be secure in a post-quantum world. Meanwhile, identity-based identification and signature (IBI/IBS) schemes are two of the most fundamental cryptographic primitives, so several code-based IBI/IBS schemes have been proposed. However, with increasingly profound researches on coding theory, the security reduction and efficiency of such schemes have been invalidated and challenged. In this paper, we construct provably secure IBI/IBS schemes from code assumptions against impersonation under active and concurrent attacks through a provably secure code-based signature technique proposed by Preetha, Vasant and Rangan (PVR signature), and a security enhancement Or-proof technique. We also present the parallel-PVR technique to decrease parameter values while maintaining the standard security level. Compared to other code-based IBI/IBS schemes, our schemes achieve not only preferable public parameter size, private key size, communication cost and signature length due to better parameter choices, but also provably secure.

A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

PubMed

Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

2011-10-01

In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model.

PubMed

Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

2016-09-28

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained.

A Hybrid Secure Scheme for Wireless Sensor Networks against Timing Attacks Using Continuous-Time Markov Chain and Queueing Model

PubMed Central

Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin

2016-01-01

Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained. PMID:27690042

An eConsent-based System Architecture Supporting Cooperation in Integrated Healthcare Networks.

PubMed

Bergmann, Joachim; Bott, Oliver J; Hoffmann, Ina; Pretschner, Dietrich P

2005-01-01

The economical need for efficient healthcare leads to cooperative shared care networks. A virtual electronic health record is required, which integrates patient related information but reflects the distributed infrastructure and restricts access only to those health professionals involved into the care process. Our work aims on specification and development of a system architecture fulfilling these requirements to be used in concrete regional pilot studies. Methodical analysis and specification have been performed in a healthcare network using the formal method and modelling tool MOSAIK-M. The complexity of the application field was reduced by focusing on the scenario of thyroid disease care, which still includes various interdisciplinary cooperation. Result is an architecture for a secure distributed electronic health record for integrated care networks, specified in terms of a MOSAIK-M-based system model. The architecture proposes business processes, application services, and a sophisticated security concept, providing a platform for distributed document-based, patient-centred, and secure cooperation. A corresponding system prototype has been developed for pilot studies, using advanced application server technologies. The architecture combines a consolidated patient-centred document management with a decentralized system structure without needs for replication management. An eConsent-based approach assures, that access to the distributed health record remains under control of the patient. The proposed architecture replaces message-based communication approaches, because it implements a virtual health record providing complete and current information. Acceptance of the new communication services depends on compatibility with the clinical routine. Unique and cross-institutional identification of a patient is also a challenge, but will loose significance with establishing common patient cards.

[Assessment and early warning of land ecological security in rapidly urbanizing coastal area: A case study of Caofeidian new district, Hebei, China].

PubMed

Zhang, Li; Chen, Ying; Wang, Shu-tao; Men, Ming-xin; Xu, Hao

2015-08-01

Assessment and early warning of land ecological security (LES) in rapidly urbanizing coastal area is an important issue to ensure sustainable land use and effective maintenance of land ecological security. In this study, an index system for the land ecological security of Caofeidian new district was established based on the Pressure-State-Response (P-S-R) model. Initial assessment units of 1 km x 1 km created with the remote sensing data and GIS methods were spatially interpolated to a fine pixel size of 30 m x 30 m, which were combined with the early warning method (using classification tree method) to evaluate the land ecological security of Caofeidian in 2005 and 2013. The early warning level was classed into four categories: security with degradation potential, sub-security with slow degradation, sub-security with rapid degradation, and insecurity. Result indicated that, from 2005 to 2013, the average LES of Caofeidian dropped from 0.55 to 0.52, indicating a degradation of land ecological security from medium security level to medium-low security level. The areas at the levels of insecurity with rapid degradation were mainly located in the rapid urbanization areas, illustrating that rapid expansion of urban construction land was the key factor to the deterioration of the regional land ecological security. Industrial District, Shilihai town and Nanpu saltern, in which the lands at the levels of insecurity and sub-security with rapid degradation or slow degradation accounted for 58.3%, 98.9% and 81.2% of their respective districts, were at the stage of high early warning. Thus, land ecological security regulation for these districts should be strengthened in near future. The study could provide a reference for land use planning and ecological protection of Caofeidian new district.

75 FR 55575 - Joint Public Roundtable To Discuss Data for Swaps and Security-Based Swaps, Swap Data...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-13

...; File No. 4-611] Joint Public Roundtable To Discuss Data for Swaps and Security- Based Swaps, Swap Data Repositories, Security-Based Swap Data Repositories, and Real-Time Public Reporting AGENCY: Commodity Futures... public roundtable discussion at which invited participants will discuss data for swaps and security-based...

Petri net modeling of encrypted information flow in federated cloud

NASA Astrophysics Data System (ADS)

Khushk, Abdul Rauf; Li, Xiaozhong

2017-08-01

Solutions proposed and developed for the cost-effective cloud systems suffer from a combination of secure private clouds and less secure public clouds. Need to locate applications within different clouds poses a security risk to the information flow of the entire system. This study addresses this by assigning security levels of a given lattice to the entities of a federated cloud system. A dynamic flow sensitive security model featuring Bell-LaPadula procedures is explored that tracks and authenticates the secure information flow in federated clouds. Additionally, a Petri net model is considered as a case study to represent the proposed system and further validate the performance of the said system.

Rapid Development of Hybrid Courses for Distance Education: A Midwestern University's Pilot Project

ERIC Educational Resources Information Center

Rust, Jodi

2011-01-01

A descriptive case study was used to explore how repurposing and a pedagogical-based instructional design model, the multimodal model (Picciano, 2009), were used to create quality distance education courses in a rapid development setting at a Midwestern land grant university. Data triangulation was used to secure data from faculty member…

A Decomposition Method for Security Constrained Economic Dispatch of a Three-Layer Power System

NASA Astrophysics Data System (ADS)

Yang, Junfeng; Luo, Zhiqiang; Dong, Cheng; Lai, Xiaowen; Wang, Yang

2018-01-01

This paper proposes a new decomposition method for the security-constrained economic dispatch in a three-layer large-scale power system. The decomposition is realized using two main techniques. The first is to use Ward equivalencing-based network reduction to reduce the number of variables and constraints in the high-layer model without sacrificing accuracy. The second is to develop a price response function to exchange signal information between neighboring layers, which significantly improves the information exchange efficiency of each iteration and results in less iterations and less computational time. The case studies based on the duplicated RTS-79 system demonstrate the effectiveness and robustness of the proposed method.

Statistics-based email communication security behavior recognition

NASA Astrophysics Data System (ADS)

Yi, Junkai; Su, Yueyang; Zhao, Xianghui

2017-08-01

With the development of information technology, e-mail has become a popular communication medium. It has great significant to determine the relationship between the two sides of the communication. Firstly, this paper analysed and processed the content and attachment of e-mail using the skill of steganalysis and malware analysis. And it also conducts the following feature extracting and behaviour model establishing which based on Naive Bayesian theory. Then a behaviour analysis method was employed to calculate and evaluate the communication security. Finally, some experiments about the accuracy of the behavioural relationship of communication identifying has been carried out. The result shows that this method has a great effects and correctness as eighty-four percent.

SCOTCH: Secure Counting Of encrypTed genomiC data using a Hybrid approach.

PubMed

Chenghong, Wang; Jiang, Yichen; Mohammed, Noman; Chen, Feng; Jiang, Xiaoqian; Al Aziz, Md Momin; Sadat, Md Nazmus; Wang, Shuang

2017-01-01

As genomic data are usually at large scale and highly sensitive, it is essential to enable both efficient and secure analysis, by which the data owner can securely delegate both computation and storage on untrusted public cloud. Counting query of genotypes is a basic function for many downstream applications in biomedical research (e.g., computing allele frequency, calculating chi-squared statistics, etc.). Previous solutions show promise on secure counting of outsourced data but the efficiency is still a big limitation for real world applications. In this paper, we propose a novel hybrid solution to combine a rigorous theoretical model (homomorphic encryption) and the latest hardware-based infrastructure (i.e., Software Guard Extensions) to speed up the computation while preserving the privacy of both data owners and data users. Our results demonstrated efficiency by using the real data from the personal genome project.

Deterministic secure quantum communication using a single d-level system.

PubMed

Jiang, Dong; Chen, Yuanyuan; Gu, Xuemei; Xie, Ling; Chen, Lijun

2017-03-22

Deterministic secure quantum communication (DSQC) can transmit secret messages between two parties without first generating a shared secret key. Compared with quantum key distribution (QKD), DSQC avoids the waste of qubits arising from basis reconciliation and thus reaches higher efficiency. In this paper, based on data block transmission and order rearrangement technologies, we propose a DSQC protocol. It utilizes a set of single d-level systems as message carriers, which are used to directly encode the secret message in one communication process. Theoretical analysis shows that these employed technologies guarantee the security, and the use of a higher dimensional quantum system makes our protocol achieve higher security and efficiency. Since only quantum memory is required for implementation, our protocol is feasible with current technologies. Furthermore, Trojan horse attack (THA) is taken into account in our protocol. We give a THA model and show that THA significantly increases the multi-photon rate and can thus be detected.

Security-Oriented and Load-Balancing Wireless Data Routing Game in the Integration of Advanced Metering Infrastructure Network in Smart Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

He, Fulin; Cao, Yang; Zhang, Jun Jason

Ensuring flexible and reliable data routing is indispensable for the integration of Advanced Metering Infrastructure (AMI) networks, we propose a secure-oriented and load-balancing wireless data routing scheme. A novel utility function is designed based on security routing scheme. Then, we model the interactive security-oriented routing strategy among meter data concentrators or smart grid meters as a mixed-strategy network formation game. Finally, such problem results in a stable probabilistic routing scheme with proposed distributed learning algorithm. One contributions is that we studied that different types of applications affect the routing selection strategy and the strategy tendency. Another contributions is that themore » chosen strategy of our mixed routing can adaptively to converge to a new mixed strategy Nash equilibrium (MSNE) during the learning process in the smart grid.« less

SCOTCH: Secure Counting Of encrypTed genomiC data using a Hybrid approach

PubMed Central

Chenghong, Wang; Jiang, Yichen; Mohammed, Noman; Chen, Feng; Jiang, Xiaoqian; Al Aziz, Md Momin; Sadat, Md Nazmus; Wang, Shuang

2017-01-01

As genomic data are usually at large scale and highly sensitive, it is essential to enable both efficient and secure analysis, by which the data owner can securely delegate both computation and storage on untrusted public cloud. Counting query of genotypes is a basic function for many downstream applications in biomedical research (e.g., computing allele frequency, calculating chi-squared statistics, etc.). Previous solutions show promise on secure counting of outsourced data but the efficiency is still a big limitation for real world applications. In this paper, we propose a novel hybrid solution to combine a rigorous theoretical model (homomorphic encryption) and the latest hardware-based infrastructure (i.e., Software Guard Extensions) to speed up the computation while preserving the privacy of both data owners and data users. Our results demonstrated efficiency by using the real data from the personal genome project. PMID:29854245

An assessment of technology-based service encounters & network security on the e-health care systems of medical centers in Taiwan

PubMed Central

Chang, Hsin Hsin; Chang, Ching Sheng

2008-01-01

Background Enhancing service efficiency and quality has always been one of the most important factors to heighten competitiveness in the health care service industry. Thus, how to utilize information technology to reduce work load for staff and expeditiously improve work efficiency and healthcare service quality is presently the top priority for every healthcare institution. In this fast changing modern society, e-health care systems are currently the best possible way to achieve enhanced service efficiency and quality under the restraint of healthcare cost control. The electronic medical record system and the online appointment system are the core features in employing e-health care systems in the technology-based service encounters. Methods This study implemented the Service Encounters Evaluation Model, the European Customer Satisfaction Index, the Attribute Model and the Overall Affect Model for model inference. A total of 700 copies of questionnaires from two authoritative southern Taiwan medical centers providing the electronic medical record system and the online appointment system service were distributed, among which 590 valid copies were retrieved with a response rate of 84.3%. We then used SPSS 11.0 and the Linear Structural Relationship Model (LISREL 8.54) to analyze and evaluate the data. Results The findings are as follows: (1) Technology-based service encounters have a positive impact on service quality, but not patient satisfaction; (2) After experiencing technology-based service encounters, the cognition of the service quality has a positive effect on patient satisfaction; and (3) Network security contributes a positive moderating effect on service quality and patient satisfaction. Conclusion It revealed that the impact of electronic workflow (online appointment system service) on service quality was greater than electronic facilities (electronic medical record systems) in technology-based service encounters. Convenience and credibility are the most important factors of service quality in technology-based service encounters that patients demand. Due to the openness of networks, patients worry that transaction information could be intercepted; also, the credibility of the hospital involved is even a bigger concern, as patients have a strong sense of distrust. Therefore, in the operation of technology-based service encounters, along with providing network security, it is essential to build an atmosphere of psychological trust. PMID:18419820

An assessment of technology-based service encounters & network security on the e-health care systems of medical centers in Taiwan.

PubMed

Chang, Hsin Hsin; Chang, Ching Sheng

2008-04-17

Enhancing service efficiency and quality has always been one of the most important factors to heighten competitiveness in the health care service industry. Thus, how to utilize information technology to reduce work load for staff and expeditiously improve work efficiency and healthcare service quality is presently the top priority for every healthcare institution. In this fast changing modern society, e-health care systems are currently the best possible way to achieve enhanced service efficiency and quality under the restraint of healthcare cost control. The electronic medical record system and the online appointment system are the core features in employing e-health care systems in the technology-based service encounters. This study implemented the Service Encounters Evaluation Model, the European Customer Satisfaction Index, the Attribute Model and the Overall Affect Model for model inference. A total of 700 copies of questionnaires from two authoritative southern Taiwan medical centers providing the electronic medical record system and the online appointment system service were distributed, among which 590 valid copies were retrieved with a response rate of 84.3%. We then used SPSS 11.0 and the Linear Structural Relationship Model (LISREL 8.54) to analyze and evaluate the data. The findings are as follows: (1) Technology-based service encounters have a positive impact on service quality, but not patient satisfaction; (2) After experiencing technology-based service encounters, the cognition of the service quality has a positive effect on patient satisfaction; and (3) Network security contributes a positive moderating effect on service quality and patient satisfaction. It revealed that the impact of electronic workflow (online appointment system service) on service quality was greater than electronic facilities (electronic medical record systems) in technology-based service encounters. Convenience and credibility are the most important factors of service quality in technology-based service encounters that patients demand. Due to the openness of networks, patients worry that transaction information could be intercepted; also, the credibility of the hospital involved is even a bigger concern, as patients have a strong sense of distrust. Therefore, in the operation of technology-based service encounters, along with providing network security, it is essential to build an atmosphere of psychological trust.

Forgery quality and its implications for behavioral biometric security.

PubMed

Ballard, Lucas; Lopresti, Daniel; Monrose, Fabian

2007-10-01

Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.

Physical-layer security analysis of a quantum-noise randomized cipher based on the wire-tap channel model.

PubMed

Jiao, Haisong; Pu, Tao; Zheng, Jilin; Xiang, Peng; Fang, Tao

2017-05-15

The physical-layer security of a quantum-noise randomized cipher (QNRC) system is, for the first time, quantitatively evaluated with secrecy capacity employed as the performance metric. Considering quantum noise as a channel advantage for legitimate parties over eavesdroppers, the specific wire-tap models for both channels of the key and data are built with channel outputs yielded by quantum heterodyne measurement; the general expressions of secrecy capacities for both channels are derived, where the matching codes are proved to be uniformly distributed. The maximal achievable secrecy rate of the system is proposed, under which secrecy of both the key and data is guaranteed. The influences of various system parameters on secrecy capacities are assessed in detail. The results indicate that QNRC combined with proper channel codes is a promising framework of secure communication for long distance with high speed, which can be orders of magnitude higher than the perfect secrecy rates of other encryption systems. Even if the eavesdropper intercepts more signal power than the legitimate receiver, secure communication (up to Gb/s) can still be achievable. Moreover, the secrecy of running key is found to be the main constraint to the systemic maximal secrecy rate.

A decision framework for managing risk to airports from terrorist attack.

PubMed

Shafieezadeh, Abdollah; Cha, Eun J; Ellingwood, Bruce R

2015-02-01

This article presents an asset-level security risk management framework to assist stakeholders of critical assets with allocating limited budgets for enhancing their safety and security against terrorist attack. The proposed framework models the security system of an asset, considers various threat scenarios, and models the sequential decision framework of attackers during the attack. Its novel contributions are the introduction of the notion of partial neutralization of attackers by defenders, estimation of total loss from successful, partially successful, and unsuccessful actions of attackers at various stages of an attack, and inclusion of the effects of these losses on the choices made by terrorists at various stages of the attack. The application of the proposed method is demonstrated in an example dealing with security risk management of a U.S. commercial airport, in which a set of plausible threat scenarios and risk mitigation options are considered. It is found that a combination of providing blast-resistant cargo containers and a video surveillance system on the airport perimeter fence is the best option based on minimum expected life-cycle cost considering a 10-year service period. © 2014 Society for Risk Analysis.

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

PubMed

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-05-17

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

3VSR: Three Valued Secure Routing for Vehicular Ad Hoc Networks using Sensing Logic in Adversarial Environment

PubMed Central

Wang, Liangmin

2018-01-01

Today IoT integrate thousands of inter networks and sensing devices e.g., vehicular networks, which are considered to be challenging due to its high speed and network dynamics. The goal of future vehicular networks is to improve road safety, promote commercial or infotainment products and to reduce the traffic accidents. All these applications are based on the information exchange among nodes, so not only reliable data delivery but also the authenticity and credibility of the data itself are prerequisite. To cope with the aforementioned problem, trust management come up as promising candidate to conduct node’s transaction and interaction management, which requires distributed mobile nodes cooperation for achieving design goals. In this paper, we propose a trust-based routing protocol i.e., 3VSR (Three Valued Secure Routing), which extends the widely used AODV (Ad hoc On-demand Distance Vector) routing protocol and employs the idea of Sensing Logic-based trust model to enhance the security solution of VANET (Vehicular Ad-Hoc Network). The existing routing protocol are mostly based on key or signature-based schemes, which off course increases computation overhead. In our proposed 3VSR, trust among entities is updated frequently by means of opinion derived from sensing logic due to vehicles random topologies. In 3VSR the theoretical capabilities are based on Dirichlet distribution by considering prior and posterior uncertainty of the said event. Also by using trust recommendation message exchange, nodes are able to reduce computation and routing overhead. The simulated results shows that the proposed scheme is secure and practical. PMID:29538314

3VSR: Three Valued Secure Routing for Vehicular Ad Hoc Networks using Sensing Logic in Adversarial Environment.

PubMed

Sohail, Muhammad; Wang, Liangmin

2018-03-14

Today IoT integrate thousands of inter networks and sensing devices e.g., vehicular networks, which are considered to be challenging due to its high speed and network dynamics. The goal of future vehicular networks is to improve road safety, promote commercial or infotainment products and to reduce the traffic accidents. All these applications are based on the information exchange among nodes, so not only reliable data delivery but also the authenticity and credibility of the data itself are prerequisite. To cope with the aforementioned problem, trust management come up as promising candidate to conduct node's transaction and interaction management, which requires distributed mobile nodes cooperation for achieving design goals. In this paper, we propose a trust-based routing protocol i.e., 3VSR (Three Valued Secure Routing), which extends the widely used AODV (Ad hoc On-demand Distance Vector) routing protocol and employs the idea of Sensing Logic-based trust model to enhance the security solution of VANET (Vehicular Ad-Hoc Network). The existing routing protocol are mostly based on key or signature-based schemes, which off course increases computation overhead. In our proposed 3VSR, trust among entities is updated frequently by means of opinion derived from sensing logic due to vehicles random topologies. In 3VSR the theoretical capabilities are based on Dirichlet distribution by considering prior and posterior uncertainty of the said event. Also by using trust recommendation message exchange, nodes are able to reduce computation and routing overhead. The simulated results shows that the proposed scheme is secure and practical.

Secure access control and large scale robust representation for online multimedia event detection.

PubMed

Liu, Changyu; Lu, Bin; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

Utilization of Integrated Assessment Modeling for determining geologic CO2 storage security

NASA Astrophysics Data System (ADS)

Pawar, R.

2017-12-01

Geologic storage of carbon dioxide (CO2) has been extensively studied as a potential technology to mitigate atmospheric concentration of CO2. Multiple international research & development efforts, large-scale demonstration and commercial projects are helping advance the technology. One of the critical areas of active investigation is prediction of long-term CO2 storage security and risks. A quantitative methodology for predicting a storage site's long-term performance is critical for making key decisions necessary for successful deployment of commercial scale projects where projects will require quantitative assessments of potential long-term liabilities. These predictions are challenging given that they require simulating CO2 and in-situ fluid movements as well as interactions through the primary storage reservoir, potential leakage pathways (such as wellbores, faults, etc.) and shallow resources such as groundwater aquifers. They need to take into account the inherent variability and uncertainties at geologic sites. This talk will provide an overview of an approach based on integrated assessment modeling (IAM) to predict long-term performance of a geologic storage site including, storage reservoir, potential leakage pathways and shallow groundwater aquifers. The approach utilizes reduced order models (ROMs) to capture the complex physical/chemical interactions resulting due to CO2 movement and interactions but are computationally extremely efficient. Applicability of the approach will be demonstrated through examples that are focused on key storage security questions such as what is the probability of leakage of CO2 from a storage reservoir? how does storage security vary for different geologic environments and operational conditions? how site parameter variability and uncertainties affect storage security, etc.

An improved anonymous authentication scheme for roaming in ubiquitous networks.

PubMed

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick; Won, Dongho

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

An improved anonymous authentication scheme for roaming in ubiquitous networks

PubMed Central

Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick

2018-01-01

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. PMID:29505575

An improved task-role-based access control model for G-CSCW applications

NASA Astrophysics Data System (ADS)

He, Chaoying; Chen, Jun; Jiang, Jie; Han, Gang

2005-10-01

Access control is an important and popular security mechanism for multi-user applications. GIS-based Computer Supported Cooperative Work (G-CSCW) application is one of such applications. This paper presents an improved Task-Role-Based Access Control (X-TRBAC) model for G-CSCW applications. The new model inherits the basic concepts of the old ones, such as role and task. Moreover, it has introduced two concepts, i.e. object hierarchy and operation hierarchy, and the corresponding rules to improve the efficiency of permission definition in access control models. The experiments show that the method can simplify the definition of permissions, and it is more applicable for G-CSCW applications.

78 FR 4365 - Capital, Margin, and Segregation Requirements for Security-Based Swap Dealers and Major Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-22

... 3235-AL12 Capital, Margin, and Segregation Requirements for Security-Based Swap Dealers and Major... public comment to establish capital, margin, and segregation requirements for security-based swap dealers... soliciting comment on proposed rules and rule amendments establishing capital, margin, and segregation...

Developing a Security Metrics Scorecard for Healthcare Organizations.

PubMed

Elrefaey, Heba; Borycki, Elizabeth; Kushniruk, Andrea

2015-01-01

In healthcare, information security is a key aspect of protecting a patient's privacy and ensuring systems availability to support patient care. Security managers need to measure the performance of security systems and this can be achieved by using evidence-based metrics. In this paper, we describe the development of an evidence-based security metrics scorecard specific to healthcare organizations. Study participants were asked to comment on the usability and usefulness of a prototype of a security metrics scorecard that was developed based on current research in the area of general security metrics. Study findings revealed that scorecards need to be customized for the healthcare setting in order for the security information to be useful and usable in healthcare organizations. The study findings resulted in the development of a security metrics scorecard that matches the healthcare security experts' information requirements.

The Quality of Maternal Secure-Base Scripts Predicts Children's Secure-Base Behavior at Home in Three Sociocultural Groups

ERIC Educational Resources Information Center

Vaughn, Brian E.; Coppola, Gabrielle; Verissimo, Manuela; Monteiro, Ligia; Santos, Antonio Jose; Posada, German; Carbonell, Olga A.; Plata, Sandra J.; Waters, Harriet S.; Bost, Kelly K.; McBride, Brent; Shin, Nana; Korth, Bryan

2007-01-01

The secure-base phenomenon is central to the Bowlby/Ainsworth theory of attachment and is also central to the assessment of attachment across the lifespan. The present study tested whether mothers' knowledge about the secure-base phenomenon, as assessed using a recently designed wordlist prompt measure for eliciting attachment-relevant stories,…

33 CFR 165.1102 - Security Zone; Naval Base Point Loma; San Diego Bay, San Diego, CA.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security Zone; Naval Base Point... Guard District § 165.1102 Security Zone; Naval Base Point Loma; San Diego Bay, San Diego, CA. (a) Location. The following area is a security zone: The water adjacent to the Naval Base Point Loma, San Diego...

Authentic leadership, group cohesion and group identification in security and emergency teams.

PubMed

García-Guiu López, Carlos; Molero Alonso, Fernando; Moya Morales, Miguel; Moriano León, Juan Antonio

2015-01-01

Authentic leadership (AL) is a kind of leadership that inspires and promotes positive psychological capacities, underlining the moral and ethical component of behavior. The proposed investigation studies the relations among AL, cohesion, and group identification in security and emergency teams. A cross-sectional research design was conducted in which participated 221 members from 26 fire departments and operative teams from the local police of three Spanish provinces. The following questionnaires were administered: Authentic Leadership (ALQ), Group Cohesion (GEQ), and Mael and Ashford's Group Identification Questionnaire. A direct and positive relation was found between AL, cohesion, and group identification. An indirect relation was also found between AL and group cohesion through group identification, indicating the existence of partial mediation. The utility of the proposed model based on AL is considered; this model can be employed by those in charge of the fire departments and operative groups in organizations to improve workteams' cohesion. Both AL and group identification help to explain group cohesion in organizations committed to security and emergencies.

Motivations for Providing a Secure Base: Links with Attachment Orientation and Secure Base Support Behavior

PubMed Central

Feeney, Brooke C.; Collins, Nancy L.; Van Vleet, Meredith; Tomlinson, Jennifer

2015-01-01

This investigation examined the importance of underlying motivations in predicting secure base support behavior, as well as the extent to which support motivations are predicted by individual differences in attachment orientation. Participants were 189 married couples who participated in two laboratory sessions: During a questionnaire session, couples completed assessments of their underlying motivations for providing, and for not providing, support for their partner's exploration (i.e., goal-strivings), as well as assessments of their typical secure base support behavior. In an observational session, couples engaged in a discussion of one member's personal goals, during which the partner's secure base support was assessed. Results revealed a variety of distinct motivations for providing, and for not providing, secure base support to one's partner, as well as theoretically expected links between these motivations and both secure base behavior and attachment orientation. This work establishes motivations as important mechanisms that underlie the effective or ineffective provision of relational support. PMID:23581972

Credit BG. Northeast and northwest facades of Building 4496 (Security ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

Credit BG. Northeast and northwest facades of Building 4496 (Security Facility) as seen when looking south (178°) from entrance to secured area. The Control Tower (Building 4500) appears in background. The Security Facility is part of the secured Building 4505 complex - Edwards Air Force Base, North Base, Security Facility, Northeast of A Street, Boron, Kern County, CA

Children affected by HIV/AIDS: SAFE, a model for promoting their security, health, and development.

PubMed

Betancourt, Theresa S; Fawzi, Mary K S; Bruderlein, Claude; Desmond, Chris; Kim, Jim Y

2010-05-01

A human security framework posits that individuals are the focus of strategies that protect the safety and integrity of people by proactively promoting children's well being, placing particular emphasis on prevention efforts and health promotion. This article applies this framework to a rights-based approach in order to examine the health and human rights of children affected by HIV/AIDS. The SAFE model describes sources of insecurity faced by children across four fundamental dimensions of child well-being and the survival strategies that children and families may employ in response. The SAFE model includes: Safety/protection; Access to health care and basic physiological needs; Family/connection to others; and Education/livelihoods. We argue that it is critical to examine the situation of children through an integrated lens that effectively looks at human security and children's rights through a holistic approach to treatment and care rather than artificially limiting our scope of work to survival-oriented interventions for children affected by HIV/AIDS. Interventions targeted narrowly at children, in isolation of their social and communal environment as outlined in the SAFE model, may in fact undermine protective resources in operation in families and communities and present additional threats to children's basic security. An integrated approach to the basic security and care of children has implications for the prospects of millions of children directly infected or indirectly affected by HIV/AIDS around the world. The survival strategies that young people and their families engage in must be recognized as a roadmap for improving their protection and promoting healthy development. Although applied to children affected by HIV/AIDS in the present analysis, the SAFE model has implications for guiding the care and protection of children and families facing adversity due to an array of circumstances from armed conflict and displacement to situations of extreme poverty.

Resilience to Leaking — Dynamic Systems Modeling of Information Security

PubMed Central

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack ‘unjust’ systems or ‘conspiracies’. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for ‘just’ and ‘unjust’ entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the ‘conspiracy’). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean’ in direct adversary relations, but do not necessarily increase public benefit and societal immunization to ‘conspiracies’. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here. PMID:23227151

Assessing Uncertainties in Surface Water Security: A Probabilistic Multi-model Resampling approach

NASA Astrophysics Data System (ADS)

Rodrigues, D. B. B.

2015-12-01

Various uncertainties are involved in the representation of processes that characterize interactions between societal needs, ecosystem functioning, and hydrological conditions. Here, we develop an empirical uncertainty assessment of water security indicators that characterize scarcity and vulnerability, based on a multi-model and resampling framework. We consider several uncertainty sources including those related to: i) observed streamflow data; ii) hydrological model structure; iii) residual analysis; iv) the definition of Environmental Flow Requirement method; v) the definition of critical conditions for water provision; and vi) the critical demand imposed by human activities. We estimate the overall uncertainty coming from the hydrological model by means of a residual bootstrap resampling approach, and by uncertainty propagation through different methodological arrangements applied to a 291 km² agricultural basin within the Cantareira water supply system in Brazil. Together, the two-component hydrograph residual analysis and the block bootstrap resampling approach result in a more accurate and precise estimate of the uncertainty (95% confidence intervals) in the simulated time series. We then compare the uncertainty estimates associated with water security indicators using a multi-model framework and provided by each model uncertainty estimation approach. The method is general and can be easily extended forming the basis for meaningful support to end-users facing water resource challenges by enabling them to incorporate a viable uncertainty analysis into a robust decision making process.

Establishing a School-Based Mentoring Program for Youth Who Are Transitioning from a Secure Facility

ERIC Educational Resources Information Center

Waller, Katherine S.; Houchins, David E.; Nomvete, Patsy Thomas

2010-01-01

Youth with disabilities face many obstacles when transitioning from a juvenile detention facility back to school. A school-based mentoring program provides formerly incarcerated youth with support and encouragement from a caring, responsible adult. Youth with positive role models such as a mentor are more likely to successfully transition back to…

17 CFR 41.14 - Transition period for indexes that cease being narrow-based security indexes.

Code of Federal Regulations, 2014 CFR

2014-04-01

... day tolerance provision. An index that is a narrow-based security index that becomes a broad-based... than forty-five days. An index that is a narrow-based security index that becomes a broad-based...

Household food security and breast-feeding duration among Canadian Inuit.

PubMed

McIsaac, Kathryn E; Stock, David C; Lou, Wendy

2017-01-01

There have been few studies investigating the association between food security and breast-feeding duration and none have been conducted among Canadian Inuit, a population disproportionately burdened with food insecurity. We evaluated the association between household food security and breast-feeding duration in Canadian Inuit children. Data were obtained from the Nunavut Inuit Child Health Survey, a population-based cross-sectional survey. The Canadian Territory of Nunavut in 2007 and 2008. Caregivers of Inuit children aged 3-5 years. Participating children were randomly sampled from community medical centre lists. Out of 215 children, 147 lived in food-insecure households (68·4 %). Using restricted mean survival time models, we estimated that children in food-secure households were breast-fed for 16·8 (95 % CI 12·5, 21·2) months and children in food-insecure households were breast-fed for 21·4 (95 % CI 17·9, 24·8) months. In models adjusting for social class, traditional knowledge and child health, household food security was not associated with breast-feeding duration (hazard ratio=0·82, 95 % CI 0·58, 1·14). Our research does not support the hypothesis that children living in food-insecure households were breast-fed for a longer duration than children living in food-secure households. However, we found that more than 50 % of mothers in food-insecure households continued breast-feeding well beyond 1 year. Many mothers in food-secure households also continued to breast-feed beyond 1 year. Given the high prevalence of food insecurity in Inuit communities, we need to ensure infants and their caregivers are being adequately nourished to support growth and breast-feeding, respectively.

Unconditionally Secure Blind Signatures

NASA Astrophysics Data System (ADS)

Hara, Yuki; Seito, Takenobu; Shikata, Junji; Matsumoto, Tsutomu

The blind signature scheme introduced by Chaum allows a user to obtain a valid signature for a message from a signer such that the message is kept secret for the signer. Blind signature schemes have mainly been studied from a viewpoint of computational security so far. In this paper, we study blind signatures in unconditional setting. Specifically, we newly introduce a model of unconditionally secure blind signature schemes (USBS, for short). Also, we propose security notions and their formalization in our model. Finally, we propose a construction method for USBS that is provably secure in our security notions.

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

PubMed Central

Hu, Hequn; Liao, Xuewen

2017-01-01

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission (PSST), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. PSST is analyzed for the proposed secure schemes, and the closed form expressions of PSST for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better PSST than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar PSST, the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations. PMID:28869540

Impact of climate change on crop yield and role of model for achieving food security.

PubMed

Kumar, Manoj

2016-08-01

In recent times, several studies around the globe indicate that climatic changes are likely to impact the food production and poses serious challenge to food security. In the face of climate change, agricultural systems need to adapt measures for not only increasing food supply catering to the growing population worldwide with changing dietary patterns but also to negate the negative environmental impacts on the earth. Crop simulation models are the primary tools available to assess the potential consequences of climate change on crop production and informative adaptive strategies in agriculture risk management. In consideration with the important issue, this is an attempt to provide a review on the relationship between climate change impacts and crop production. It also emphasizes the role of crop simulation models in achieving food security. Significant progress has been made in understanding the potential consequences of environment-related temperature and precipitation effect on agricultural production during the last half century. Increased CO2 fertilization has enhanced the potential impacts of climate change, but its feasibility is still in doubt and debates among researchers. To assess the potential consequences of climate change on agriculture, different crop simulation models have been developed, to provide informative strategies to avoid risks and understand the physical and biological processes. Furthermore, they can help in crop improvement programmes by identifying appropriate future crop management practises and recognizing the traits having the greatest impact on yield. Nonetheless, climate change assessment through model is subjected to a range of uncertainties. The prediction uncertainty can be reduced by using multimodel, incorporating crop modelling with plant physiology, biochemistry and gene-based modelling. For devloping new model, there is a need to generate and compile high-quality field data for model testing. Therefore, assessment of agricultural productivity to sustain food security for generations is essential to maintain a collective knowledge and resources for preventing negative impact as well as managing crop practises.

RSA-Based Password-Authenticated Key Exchange, Revisited

NASA Astrophysics Data System (ADS)

Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

The RSA-based Password-Authenticated Key Exchange (PAKE) protocols have been proposed to realize both mutual authentication and generation of secure session keys where a client is sharing his/her password only with a server and the latter should generate its RSA public/private key pair (e, n), (d, n) every time due to the lack of PKI (Public-Key Infrastructures). One of the ways to avoid a special kind of off-line (so called e-residue) attacks in the RSA-based PAKE protocols is to deploy a challenge/response method by which a client verifies the relative primality of e and φ(n) interactively with a server. However, this kind of RSA-based PAKE protocols did not give any proof of the underlying challenge/response method and therefore could not specify the exact complexity of their protocols since there exists another security parameter, needed in the challenge/response method. In this paper, we first present an RSA-based PAKE (RSA-PAKE) protocol that can deploy two different challenge/response methods (denoted by Challenge/Response Method1 and Challenge/Response Method2). The main contributions of this work include: (1) Based on the number theory, we prove that the Challenge/Response Method1 and the Challenge/Response Method2 are secure against e-residue attacks for any odd prime e (2) With the security parameter for the on-line attacks, we show that the RSA-PAKE protocol is provably secure in the random oracle model where all of the off-line attacks are not more efficient than on-line dictionary attacks; and (3) By considering the Hamming weight of e and its complexity in the. RSA-PAKE protocol, we search for primes to be recommended for a practical use. We also compare the RSA-PAKE protocol with the previous ones mainly in terms of computation and communication complexities.

Can an Atmospherically Forced Ocean Model Accurately Simulate Sea Surface Temperature During ENSO Events?

DTIC Science & Technology

2010-01-01

Ruth H. Preller, 7300 Security, Code 1226 Office of Counsel.Code 1008.3 ADOR/Director NCST E. R. Franchi , 7000 Public Affairs (Unclassified...Ruth H. Prellcr. 7300 Security. Code 1226 Office nl Cot nsal.Co’de’""" 10OB.3 ADORfOireMO,’ NCST. E. R. Franchi , 7000 Public Affairs ftMCl»SS/»d...over the global ocean. Similarly, the monthly mean MODAS SST climatology is based on Advanced Very-High Resolution Radiometer (AVHRR) Multi

Covert Channel Analysis of Trusted Systems. A Guide to Understanding

DTIC Science & Technology

1993-11-01

equ-|tions that ca ! s :-0 cff the two-state graph. Each equation is based on the fact that the set of transmissions beginning in a given state consists...in the "ready" queue( s ) can be loaded in available CPUs during the same quantum only if they have the same security level. In this mode, called the...Luckenbaugh86] G. L. Luckenbaugh, V. D. Gligor, L. J. Dotterer, C. S . Chandersekaran, and N. Vasudevan, "Interpretation of the Bell -La Padula Model In Secure

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

NASA Astrophysics Data System (ADS)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

ERIC Educational Resources Information Center

Ilvonen, Ilona

2013-01-01

Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

Securing the Aviation Transportation System

DTIC Science & Technology

2007-12-01

accessed 27 May 2007) 13 Robert W. Poole, Jr., “ Airport Security : Time for a New Model,” Reason Foundation online article, January 2006, Available from...15 Robert W. Poole, Jr., “ Airport Security : Time for a New Model,” Reason Foundation online article, January 2006...commercial jetliners. 24 Peter St. John, Air Piracy, Airport Security , and International Terrorism

Physical-layer security analysis of PSK quantum-noise randomized cipher in optically amplified links

NASA Astrophysics Data System (ADS)

Jiao, Haisong; Pu, Tao; Xiang, Peng; Zheng, Jilin; Fang, Tao; Zhu, Huatao

2017-08-01

The quantitative security of quantum-noise randomized cipher (QNRC) in optically amplified links is analyzed from the perspective of physical-layer advantage. Establishing the wire-tap channel models for both key and data, we derive the general expressions of secrecy capacities for the key against ciphertext-only attack and known-plaintext attack, and that for the data, which serve as the basic performance metrics. Further, the maximal achievable secrecy rate of the system is proposed, under which secrecy of both the key and data is guaranteed. Based on the same framework, the secrecy capacities of various cases can be assessed and compared. The results indicate perfect secrecy is potentially achievable for data transmission, and an elementary principle of setting proper number of photons and bases is given to ensure the maximal data secrecy capacity. But the key security is asymptotically perfect, which tends to be the main constraint of systemic maximal secrecy rate. Moreover, by adopting cascaded optical amplification, QNRC can realize long-haul transmission with secure rate up to Gb/s, which is orders of magnitude higher than the perfect secrecy rates of other encryption systems.

Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

PubMed Central

Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C.-W.

2014-01-01

Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions. PMID:25207333

Efficient and provable secure pairing-free security-mediated identity-based identification schemes.

PubMed

Chin, Ji-Jian; Tan, Syh-Yuan; Heng, Swee-Huay; Phan, Raphael C-W

2014-01-01

Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user's secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.