Multiscale Enaction Model (MEM): the case of complexity and “context-sensitivity” in vision

PubMed Central

Laurent, Éric

2014-01-01

I review the data on human visual perception that reveal the critical role played by non-visual contextual factors influencing visual activity. The global perspective that progressively emerges reveals that vision is sensitive to multiple couplings with other systems whose nature and levels of abstraction in science are highly variable. Contrary to some views where vision is immersed in modular hard-wired modules, rather independent from higher-level or other non-cognitive processes, converging data gathered in this article suggest that visual perception can be theorized in the larger context of biological, physical, and social systems with which it is coupled, and through which it is enacted. Therefore, any attempt to model complexity and multiscale couplings, or to develop a complex synthesis in the fields of mind, brain, and behavior, shall involve a systematic empirical study of both connectedness between systems or subsystems, and the embodied, multiscale and flexible teleology of subsystems. The conceptual model (Multiscale Enaction Model [MEM]) that is introduced in this paper finally relates empirical evidence gathered from psychology to biocomputational data concerning the human brain. Both psychological and biocomputational descriptions of MEM are proposed in order to help fill in the gap between scales of scientific analysis and to provide an account for both the autopoiesis-driven search for information, and emerging perception. PMID:25566115

GeneLab: NASA's Open Access, Collaborative Platform for Systems Biology and Space Medicine

NASA Technical Reports Server (NTRS)

Berrios, Daniel C.; Thompson, Terri G.; Fogle, Homer W.; Rask, Jon C.; Coughlan, Joseph C.

2015-01-01

NASA is investing in GeneLab1 (http:genelab.nasa.gov), a multi-year effort to maximize utilization of the limited resources to conduct biological and medical research in space, principally aboard the International Space Station (ISS). High-throughput genomic, transcriptomic, proteomic or other omics analyses from experiments conducted on the ISS will be stored in the GeneLab Data Systems (GLDS), an open-science information system that will also include a biocomputation platform with collaborative science capabilities, to enable the discovery and validation of molecular networks.

The integrated microbial genome resource of analysis.

PubMed

Checcucci, Alice; Mengoni, Alessio

2015-01-01

Integrated Microbial Genomes and Metagenomes (IMG) is a biocomputational system that allows to provide information and support for annotation and comparative analysis of microbial genomes and metagenomes. IMG has been developed by the US Department of Energy (DOE)-Joint Genome Institute (JGI). IMG platform contains both draft and complete genomes, sequenced by Joint Genome Institute and other public and available genomes. Genomes of strains belonging to Archaea, Bacteria, and Eukarya domains are present as well as those of viruses and plasmids. Here, we provide some essential features of IMG system and case study for pangenome analysis.

The biological microprocessor, or how to build a computer with biological parts

PubMed Central

Moe-Behrens, Gerd HG

2013-01-01

Systemics, a revolutionary paradigm shift in scientific thinking, with applications in systems biology, and synthetic biology, have led to the idea of using silicon computers and their engineering principles as a blueprint for the engineering of a similar machine made from biological parts. Here we describe these building blocks and how they can be assembled to a general purpose computer system, a biological microprocessor. Such a system consists of biological parts building an input / output device, an arithmetic logic unit, a control unit, memory, and wires (busses) to interconnect these components. A biocomputer can be used to monitor and control a biological system. PMID:24688733

Synthetic biology: insights into biological computation.

PubMed

Manzoni, Romilde; Urrios, Arturo; Velazquez-Garcia, Silvia; de Nadal, Eulàlia; Posas, Francesc

2016-04-18

Organisms have evolved a broad array of complex signaling mechanisms that allow them to survive in a wide range of environmental conditions. They are able to sense external inputs and produce an output response by computing the information. Synthetic biology attempts to rationally engineer biological systems in order to perform desired functions. Our increasing understanding of biological systems guides this rational design, while the huge background in electronics for building circuits defines the methodology. In this context, biocomputation is the branch of synthetic biology aimed at implementing artificial computational devices using engineered biological motifs as building blocks. Biocomputational devices are defined as biological systems that are able to integrate inputs and return outputs following pre-determined rules. Over the last decade the number of available synthetic engineered devices has increased exponentially; simple and complex circuits have been built in bacteria, yeast and mammalian cells. These devices can manage and store information, take decisions based on past and present inputs, and even convert a transient signal into a sustained response. The field is experiencing a fast growth and every day it is easier to implement more complex biological functions. This is mainly due to advances in in vitro DNA synthesis, new genome editing tools, novel molecular cloning techniques, continuously growing part libraries as well as other technological advances. This allows that digital computation can now be engineered and implemented in biological systems. Simple logic gates can be implemented and connected to perform novel desired functions or to better understand and redesign biological processes. Synthetic biological digital circuits could lead to new therapeutic approaches, as well as new and efficient ways to produce complex molecules such as antibiotics, bioplastics or biofuels. Biological computation not only provides possible biomedical and biotechnological applications, but also affords a greater understanding of biological systems.

ARC-1995-AC95-0368-3

NASA Image and Video Library

1995-10-27

Dr Murial Ross's Virtual Reality Application for Neuroscience Research Biocomputation. To study human disorders of balance and space motion sickness. Shown here is a 3D reconstruction of a nerve ending in inner ear, nature's wiring of balance organs.

3-D Imaging In Virtual Environment: A Scientific Clinical and Teaching Tool

NASA Technical Reports Server (NTRS)

Ross, Muriel D.; DeVincenzi, Donald L. (Technical Monitor)

1996-01-01

The advent of powerful graphics workstations and computers has led to the advancement of scientific knowledge through three-dimensional (3-D) reconstruction and imaging of biological cells and tissues. The Biocomputation Center at NASA Ames Research Center pioneered the effort to produce an entirely computerized method for reconstruction of objects from serial sections studied in a transmission electron microscope (TEM). The software developed, ROSS (Reconstruction of Serial Sections), is now being distributed to users across the United States through Space Act Agreements. The software is in widely disparate fields such as geology, botany, biology and medicine. In the Biocomputation Center, ROSS serves as the basis for development of virtual environment technologies for scientific and medical use. This report will describe the Virtual Surgery Workstation Project that is ongoing with clinicians at Stanford University Medical Center, and the role of the Visible Human data in the project.

Run-length encoding graphic rules, biochemically editable designs and steganographical numeric data embedment for DNA-based cryptographical coding system.

PubMed

Kawano, Tomonori

2013-03-01

There have been a wide variety of approaches for handling the pieces of DNA as the "unplugged" tools for digital information storage and processing, including a series of studies applied to the security-related area, such as DNA-based digital barcodes, water marks and cryptography. In the present article, novel designs of artificial genes as the media for storing the digitally compressed data for images are proposed for bio-computing purpose while natural genes principally encode for proteins. Furthermore, the proposed system allows cryptographical application of DNA through biochemically editable designs with capacity for steganographical numeric data embedment. As a model case of image-coding DNA technique application, numerically and biochemically combined protocols are employed for ciphering the given "passwords" and/or secret numbers using DNA sequences. The "passwords" of interest were decomposed into single letters and translated into the font image coded on the separate DNA chains with both the coding regions in which the images are encoded based on the novel run-length encoding rule, and the non-coding regions designed for biochemical editing and the remodeling processes revealing the hidden orientation of letters composing the original "passwords." The latter processes require the molecular biological tools for digestion and ligation of the fragmented DNA molecules targeting at the polymerase chain reaction-engineered termini of the chains. Lastly, additional protocols for steganographical overwriting of the numeric data of interests over the image-coding DNA are also discussed.

Photographer: Digital Telepresence: Dr Murial Ross's Virtual Reality Application for Neuroscience

NASA Technical Reports Server (NTRS)

1995-01-01

Photographer: Digital Telepresence: Dr Murial Ross's Virtual Reality Application for Neuroscience Research Biocomputation. To study human disorders of balance and space motion sickness. Shown here is a 3D reconstruction of a nerve ending in inner ear, nature's wiring of balance organs.

Self-assembling holographic biosensors and biocomputers.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Light, Yooli Kim; Bachand, George David; Schoeniger, Joseph S.

2006-05-01

We present concepts for self-assembly of diffractive optics with potential uses in biosensors and biocomputers. The simplest such optics, diffraction gratings, can potentially be made from chemically-stabilized microtubules migrating on nanopatterned tracks of the motor protein kinesin. We discuss the fabrication challenges involved in patterning sub-micron-scale structures with proteins that must be maintained in aqueous buffers to preserve their activity. A novel strategy is presented that employs dry contact printing onto glass-supported amino-silane monolayers of heterobifunctional crosslinkers, followed by solid-state reactions of these cross-linkers, to graft patterns of reactive groups onto the surface. Successive solution-phase addition of cysteine-mutant proteins andmore » amine-reactive polyethylene glycol allows assembly of features onto the printed patterns. We present data from initial experiments showing successful micro- and nanopatterning of lines of single-cysteine mutants of kinesin interleaved with lines of polyethylene, indicating that this strategy can be employed to arrays of features with resolutions suitable for gratings.« less

Teaching Molecular Phylogenetics through Investigating a Real-World Phylogenetic Problem

ERIC Educational Resources Information Center

Zhang, Xiaorong

2012-01-01

A phylogenetics exercise is incorporated into the "Introduction to biocomputing" course, a junior-level course at Savannah State University. This exercise is designed to help students learn important concepts and practical skills in molecular phylogenetics through solving a real-world problem. In this application, students are required to identify…

Run-length encoding graphic rules, biochemically editable designs and steganographical numeric data embedment for DNA-based cryptographical coding system

PubMed Central

Kawano, Tomonori

2013-01-01

There have been a wide variety of approaches for handling the pieces of DNA as the “unplugged” tools for digital information storage and processing, including a series of studies applied to the security-related area, such as DNA-based digital barcodes, water marks and cryptography. In the present article, novel designs of artificial genes as the media for storing the digitally compressed data for images are proposed for bio-computing purpose while natural genes principally encode for proteins. Furthermore, the proposed system allows cryptographical application of DNA through biochemically editable designs with capacity for steganographical numeric data embedment. As a model case of image-coding DNA technique application, numerically and biochemically combined protocols are employed for ciphering the given “passwords” and/or secret numbers using DNA sequences. The “passwords” of interest were decomposed into single letters and translated into the font image coded on the separate DNA chains with both the coding regions in which the images are encoded based on the novel run-length encoding rule, and the non-coding regions designed for biochemical editing and the remodeling processes revealing the hidden orientation of letters composing the original “passwords.” The latter processes require the molecular biological tools for digestion and ligation of the fragmented DNA molecules targeting at the polymerase chain reaction-engineered termini of the chains. Lastly, additional protocols for steganographical overwriting of the numeric data of interests over the image-coding DNA are also discussed. PMID:23750303

Whole-cell biocomputing

NASA Technical Reports Server (NTRS)

Simpson, M. L.; Sayler, G. S.; Fleming, J. T.; Applegate, B.

2001-01-01

The ability to manipulate systems on the molecular scale naturally leads to speculation about the rational design of molecular-scale machines. Cells might be the ultimate molecular-scale machines and our ability to engineer them is relatively advanced when compared with our ability to control the synthesis and direct the assembly of man-made materials. Indeed, engineered whole cells deployed in biosensors can be considered one of the practical successes of molecular-scale devices. However, these devices explore only a small portion of cellular functionality. Individual cells or self-organized groups of cells perform extremely complex functions that include sensing, communication, navigation, cooperation and even fabrication of synthetic nanoscopic materials. In natural systems, these capabilities are controlled by complex genetic regulatory circuits, which are only partially understood and not readily accessible for use in engineered systems. Here, we focus on efforts to mimic the functionality of man-made information-processing systems within whole cells.

DNA-programmed dynamic assembly of quantum dots for molecular computation.

PubMed

He, Xuewen; Li, Zhi; Chen, Muzi; Ma, Nan

2014-12-22

Despite the widespread use of quantum dots (QDs) for biosensing and bioimaging, QD-based bio-interfaceable and reconfigurable molecular computing systems have not yet been realized. DNA-programmed dynamic assembly of multi-color QDs is presented for the construction of a new class of fluorescence resonance energy transfer (FRET)-based QD computing systems. A complete set of seven elementary logic gates (OR, AND, NOR, NAND, INH, XOR, XNOR) are realized using a series of binary and ternary QD complexes operated by strand displacement reactions. The integration of different logic gates into a half-adder circuit for molecular computation is also demonstrated. This strategy is quite versatile and straightforward for logical operations and would pave the way for QD-biocomputing-based intelligent molecular diagnostics. © 2014 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Access to DNA and protein databases on the Internet.

PubMed

Harper, R

1994-02-01

During the past year, the number of biological databases that can be queried via Internet has dramatically increased. This increase has resulted from the introduction of networking tools, such as Gopher and WAIS, that make it easy for research workers to index databases and make them available for on-line browsing. Biocomputing in the nineties will see the advent of more client/server options for the solution of problems in bioinformatics.

In-Situ Bioreduction and Removal of Ammonium Perchlorate

DTIC Science & Technology

2006-05-09

Ader, PhD. Max Coleman, PhD. Swades Chaudhuri, PhD. Susan O’Connor MSc, MSc Royce Bruce, MSc. Urania Michaelidou, MSc. Melissa Rice, MSc. Sarah...1993. SeqApp, 1.9a157 ed. Biocomputing Office, Biology Dept., Indiana University, Bloomington, IN. 44. Giordano , G., L. Saracino, and L. Grillet. 1985...Mutant of E. coli K-12. Biocimica et Biophysica Acta 839:181-190. 45. Guigliarelli, B., A. Magalon, M. Asso, P. Bertrand, C. Frixon, G. Giordano

Biocomputional construction of a gene network under acid stress in Synechocystis sp. PCC 6803.

PubMed

Li, Yi; Rao, Nini; Yang, Feng; Zhang, Ying; Yang, Yang; Liu, Han-ming; Guo, Fengbiao; Huang, Jian

2014-01-01

Acid stress is one of the most serious threats that cyanobacteria have to face, and it has an impact at all levels from genome to phenotype. However, very little is known about the detailed response mechanism to acid stress in this species. We present here a general analysis of the gene regulatory network of Synechocystis sp. PCC 6803 in response to acid stress using comparative genome analysis and biocomputational prediction. In this study, we collected 85 genes and used them as an initial template to predict new genes through co-regulation, protein-protein interactions and the phylogenetic profile, and 179 new genes were obtained to form a complete template. In addition, we found that 11 enriched pathways such as glycolysis are closely related to the acid stress response. Finally, we constructed a regulatory network for the intricate relationship of these genes and summarize the key steps in response to acid stress. This is the first time a bioinformatic approach has been taken systematically to gene interactions in cyanobacteria and the elaboration of their cell metabolism and regulatory pathways under acid stress, which is more efficient than a traditional experimental study. The results also provide theoretical support for similar research into environmental stresses in cyanobacteria and possible industrial applications. Copyright © 2014 Institut Pasteur. Published by Elsevier Masson SAS. All rights reserved.

Star Mapping with Slime Mold Physarum Polycephalum

NASA Astrophysics Data System (ADS)

Mihklepp, M.; Domnitch, E.; Gelfand, D.; Foing, B. H.; van der Heide, E.

2014-04-01

Human curiosity and exploration towards outer space has led to many fantastic inventions and given way to alternative scenarios about the origins of life. In the Space Science in the Arts course together with ESTEC with support from ILEWG. I got interested about unicellular slime mold Physarum polycephalum. There has been and still is a lot of research on Physarum polycephalum. This brainless eucaryotic microbe has its smartness and external memory strategies. Physarum can navigate through a maze made of agar using the shortest route possible when two pieces of food are placed at two separate exits of the maze. It can build efficient networks - Physarum created network similar to the existing Tokyo train system. It is being used to control a robot, in USB-sensor and in sound synthesis. Right now there is a lot of research about using Physarum in bio-computing.

Computational Approaches to Vestibular Research

NASA Technical Reports Server (NTRS)

Ross, Muriel D.; Wade, Charles E. (Technical Monitor)

1994-01-01

The Biocomputation Center at NASA Ames Research Center is dedicated to a union between computational, experimental and theoretical approaches to the study of neuroscience and of life sciences in general. The current emphasis is on computer reconstruction and visualization of vestibular macular architecture in three-dimensions (3-D), and on mathematical modeling and computer simulation of neural activity in the functioning system. Our methods are being used to interpret the influence of spaceflight on mammalian vestibular maculas in a model system, that of the adult Sprague-Dawley rat. More than twenty 3-D reconstructions of type I and type II hair cells and their afferents have been completed by digitization of contours traced from serial sections photographed in a transmission electron microscope. This labor-intensive method has now been replace d by a semiautomated method developed in the Biocomputation Center in which conventional photography is eliminated. All viewing, storage and manipulation of original data is done using Silicon Graphics workstations. Recent improvements to the software include a new mesh generation method for connecting contours. This method will permit the investigator to describe any surface, regardless of complexity, including highly branched structures such as are routinely found in neurons. This same mesh can be used for 3-D, finite volume simulation of synapse activation and voltage spread on neuronal surfaces visualized via the reconstruction process. These simulations help the investigator interpret the relationship between neuroarchitecture and physiology, and are of assistance in determining which experiments will best test theoretical interpretations. Data are also used to develop abstract, 3-D models that dynamically display neuronal activity ongoing in the system. Finally, the same data can be used to visualize the neural tissue in a virtual environment. Our exhibit will depict capabilities of our computational approaches and some of our findings from their application. For example, our research has demonstrated that maculas of adult mammals retain the property of synaptic plasticity. Ribbon synapses increase numerically and undergo changes in type and distribution (p<0.0001) in type II hair cells after exposure to microgravity for as few as nine days. The finding of macular synaptic plasticity is pertinent to the clinic, and may help explain some. balance disorders in humans. The software used in our investigations will be demonstrated for those interested in applying it in their own research.

Synthesizing Biomolecule-based Boolean Logic Gates

PubMed Central

Miyamoto, Takafumi; Razavi, Shiva; DeRose, Robert; Inoue, Takanari

2012-01-01

One fascinating recent avenue of study in the field of synthetic biology is the creation of biomolecule-based computers. The main components of a computing device consist of an arithmetic logic unit, the control unit, memory, and the input and output devices. Boolean logic gates are at the core of the operational machinery of these parts, hence to make biocomputers a reality, biomolecular logic gates become a necessity. Indeed, with the advent of more sophisticated biological tools, both nucleic acid- and protein-based logic systems have been generated. These devices function in the context of either test tubes or living cells and yield highly specific outputs given a set of inputs. In this review, we discuss various types of biomolecular logic gates that have been synthesized, with particular emphasis on recent developments that promise increased complexity of logic gate circuitry, improved computational speed, and potential clinical applications. PMID:23526588

Synthesizing biomolecule-based Boolean logic gates.

PubMed

Miyamoto, Takafumi; Razavi, Shiva; DeRose, Robert; Inoue, Takanari

2013-02-15

One fascinating recent avenue of study in the field of synthetic biology is the creation of biomolecule-based computers. The main components of a computing device consist of an arithmetic logic unit, the control unit, memory, and the input and output devices. Boolean logic gates are at the core of the operational machinery of these parts, and hence to make biocomputers a reality, biomolecular logic gates become a necessity. Indeed, with the advent of more sophisticated biological tools, both nucleic acid- and protein-based logic systems have been generated. These devices function in the context of either test tubes or living cells and yield highly specific outputs given a set of inputs. In this review, we discuss various types of biomolecular logic gates that have been synthesized, with particular emphasis on recent developments that promise increased complexity of logic gate circuitry, improved computational speed, and potential clinical applications.

VERS: a virtual environment for reconstructive surgery planning

NASA Astrophysics Data System (ADS)

Montgomery, Kevin N.

1997-05-01

The virtual environment for reconstructive surgery (VERS) project at the NASA Ames Biocomputation Center is applying virtual reality technology to aid surgeons in planning surgeries. We are working with a craniofacial surgeon at Stanford to assemble and visualize the bone structure of patients requiring reconstructive surgery either through developmental abnormalities or trauma. This project is an extension of our previous work in 3D reconstruction, mesh generation, and immersive visualization. The current VR system, consisting of an SGI Onyx RE2, FakeSpace BOOM and ImmersiveWorkbench, Virtual Technologies CyberGlove and Ascension Technologies tracker, is currently in development and has already been used to visualize defects preoperatively. In the near future it will be used to more fully plan the surgery and compute the projected result to soft tissue structure. This paper presents the work in progress and details the production of a high-performance, collaborative, and networked virtual environment.

Meeting Report: “Metagenomics, Metadata and Meta-analysis” (M3) Special Interest Group at ISMB 2009

PubMed Central

Field, Dawn; Friedberg, Iddo; Sterk, Peter; Kottmann, Renzo; Glöckner, Frank Oliver; Hirschman, Lynette; Garrity, George M.; Cochrane, Guy; Wooley, John; Gilbert, Jack

2009-01-01

This report summarizes the proceedings of the “Metagenomics, Metadata and Meta-analysis” (M3) Special Interest Group (SIG) meeting held at the Intelligent Systems for Molecular Biology 2009 conference. The Genomic Standards Consortium (GSC) hosted this meeting to explore the bottlenecks and emerging solutions for obtaining biological insights through large-scale comparative analysis of metagenomic datasets. The M3 SIG included 16 talks, half of which were selected from submitted abstracts, a poster session and a panel discussion involving members of the GSC Board. This report summarizes this one-day SIG, attempts to identify shared themes and recapitulates community recommendations for the future of this field. The GSC will also host an M3 workshop at the Pacific Symposium on Biocomputing (PSB) in January 2010. Further information about the GSC and its range of activities can be found at http://gensc.org/. PMID:21304668

BRCC36, a Novel Subunit of a BRCA1 E3 Ubiquitin Ligasa Complex: Candidates for BRCA3

DTIC Science & Technology

2007-06-01

Constructed Using Standard Components. Pacific Symposium on Biocomputing 1:724. 12 CHEN, Xiaowei Hughes-Davies L, Huntsman D, Ruas M, Fuks F, Bye J...gene in sporadic ovarian tumours. Nat Genet 1995;9:439–43. 16. Hughes-Davies L, Huntsman D, Ruas M, et al. EMSY links the BRCA2 pathway to sporadic...mutations involving splice donor sites. Genet Test 8:133–138. Campos B, Diez O, Domenech M, Baena M, Balmana J, Sanz J, Ramirez A, Alonso C, Baiget M

A label-free and enzyme-free system for operating various logic devices using poly(thymine)-templated CuNPs and SYBR Green I as signal transducers

NASA Astrophysics Data System (ADS)

Wu, Changtong; Zhou, Chunyang; Wang, Erkang; Dong, Shaojun

2016-07-01

For the first time by integrating fluorescent polyT-templated CuNPs and SYBR Green I, a basic INHIBIT gate and four advanced logic circuits (2-to-1 encoder, 4-to-2 encoder, 1-to-2 decoder and 1-to-2 demultiplexer) have been conceptually realized under label-free and enzyme-free conditions. Taking advantage of the selective formation of CuNPs on ss-DNA, the implementation of these advanced logic devices were achieved without any usage of dye quenching groups or other nanomaterials like graphene oxide or AuNPs since polyA strands not only worked as an input but also acted as effective inhibitors towards polyT templates, meeting the aim of developing bio-computing with cost-effective and operationally simple methods. In short, polyT-templated CuNPs, as promising fluorescent signal reporters, are successfully applied to fabricate advanced logic devices, which may present a potential path for future development of molecular computations.For the first time by integrating fluorescent polyT-templated CuNPs and SYBR Green I, a basic INHIBIT gate and four advanced logic circuits (2-to-1 encoder, 4-to-2 encoder, 1-to-2 decoder and 1-to-2 demultiplexer) have been conceptually realized under label-free and enzyme-free conditions. Taking advantage of the selective formation of CuNPs on ss-DNA, the implementation of these advanced logic devices were achieved without any usage of dye quenching groups or other nanomaterials like graphene oxide or AuNPs since polyA strands not only worked as an input but also acted as effective inhibitors towards polyT templates, meeting the aim of developing bio-computing with cost-effective and operationally simple methods. In short, polyT-templated CuNPs, as promising fluorescent signal reporters, are successfully applied to fabricate advanced logic devices, which may present a potential path for future development of molecular computations. Electronic supplementary information (ESI) available. See DOI: 10.1039/c6nr04069a

Flexible regulation of DNA displacement reaction through nucleic acid-recognition enzyme and its application in keypad lock system and biosensing.

PubMed

Li, Chao; Shi, Liu; Tao, Yaqin; Mao, Xiaoxia; Xiang, Yang; Li, Genxi

2017-08-30

Toehold-mediated DNA strand displacement reaction (SDR) plays pivotal roles for the construction of diverse dynamic DNA nanodevices. To date, many elements have been introduced into SDR system to achieve controllable activation and fine regulation. However, as the most relevant stimuli for nucleic acid involved reaction, nucleic acid-recognizing enzymes (NAEs) have received nearly no attention so far despite SDR often takes place in NAEs-enriched environment (i.e., biological fluids). Herein, we report a set of NAEs-controlled SDR strategies, which take full advantage of NAEs' properties. In this study, three different kinds of enzymes belonging to several classes (i.e., exonuclease, endonuclease and polymerase) have been used to activate or inhibit SDR, and more importantly, some mechanisms behind these strategies on how NAEs affect SDR have also been revealed. The exploration to use NAEs as possible cues to operate SDR will expand the available toolbox to build novel stimuli-fueled DNA nanodevices and could open the door to many applications including enzyme-triggered biocomputing and biosensing.

Universal computing by DNA origami robots in a living animal

PubMed Central

Levner, Daniel; Ittah, Shmulik; Abu-Horowitz, Almogit; Bachelet, Ido

2014-01-01

Biological systems are collections of discrete molecular objects that move around and collide with each other. Cells carry out elaborate processes by precisely controlling these collisions, but developing artificial machines that can interface with and control such interactions remains a significant challenge. DNA is a natural substrate for computing and has been used to implement a diverse set of mathematical problems1-3, logic circuits4-6 and robotics7-9. The molecule also naturally interfaces with living systems, and different forms of DNA-based biocomputing have previously been demonstrated10-13. Here we show that DNA origami14-16 can be used to fabricate nanoscale robots that are capable of dynamically interacting with each other17-18 in a living animal. The interactions generate logical outputs, which are relayed to switch molecular payloads on or off. As a proof-of-principle, we use the system to create architectures that emulate various logic gates (AND, OR, XOR, NAND, NOT, CNOT, and a half adder). Following an ex vivo prototyping phase, we successfully employed the DNA origami robots in living cockroaches (Blaberus discoidalis) to control a molecule that targets the cells of the animal. PMID:24705510

BRCC36, a Novel Subunit of a BRCA1 E3 Ubiquitin Ligase Complex: Candidates for BRCA3

DTIC Science & Technology

2008-06-01

Biocomputing 1:724. Hughes-Davies L, Huntsman D, Ruas M, Fuks F, Bye J, Chin SF, Milner J, Brown LA, Hsu F, Gilks B and others. 2003. EMSY links the...16. Hughes-Davies L, Huntsman D, Ruas M, et al. EMSY links the BRCA2 pathway to sporadic breast and ovarian cancer. Cell 2003;115:523–35. 17...BRCA1 germ- line mutations involving splice donor sites. Genet Test 8:133–138. Campos B, Diez O, Domenech M, Baena M, Balmana J, Sanz J, Ramirez A

Customizing cell signaling using engineered genetic logic circuits.

PubMed

Wang, Baojun; Buck, Martin

2012-08-01

Cells live in an ever-changing environment and continuously sense, process and react to environmental signals using their inherent signaling and gene regulatory networks. Recently, there have been great advances on rewiring the native cell signaling and gene networks to program cells to sense multiple noncognate signals and integrate them in a logical manner before initiating a desired response. Here, we summarize the current state-of-the-art of engineering synthetic genetic logic circuits to customize cellular signaling behaviors, and discuss their promising applications in biocomputing, environmental, biotechnological and biomedical areas as well as the remaining challenges in this growing field. Copyright © 2012 Elsevier Ltd. All rights reserved.

PATTERNS IN BIOMEDICAL DATA-HOW DO WE FIND THEM?

PubMed

Basile, Anna O; Verma, Anurag; Byrska-Bishop, Marta; Pendergrass, Sarah A; Darabos, Christian; Lester Kirchner, H

2017-01-01

Given the exponential growth of biomedical data, researchers are faced with numerous challenges in extracting and interpreting information from these large, high-dimensional, incomplete, and often noisy data. To facilitate addressing this growing concern, the "Patterns in Biomedical Data-How do we find them?" session of the 2017 Pacific Symposium on Biocomputing (PSB) is devoted to exploring pattern recognition using data-driven approaches for biomedical and precision medicine applications. The papers selected for this session focus on novel machine learning techniques as well as applications of established methods to heterogeneous data. We also feature manuscripts aimed at addressing the current challenges associated with the analysis of biomedical data.

Molecules to maps: tools for visualization and interaction in support of computational biology.

PubMed

Kraemer, E T; Ferrin, T E

1998-01-01

The volume of data produced by genome projects, X-ray crystallography, NMR spectroscopy, and electron and confocal microscopy present the bioinformatics community with new challenges for analyzing, understanding, and exchanging this data. At the 1998 Pacific Symposium on Biocomputing, a track entitled 'Molecules to Maps: Tools for Visualization and Interaction in Computational Biology' provided tool developers and users with the opportunity to discuss advances in tools and techniques to assist scientists in evaluating, absorbing, navigating, and correlating this sea of information, through visualization and user interaction. In this paper we present these advances and discuss some of the challenges that remain to be solved.

Computer-aided biochemical programming of synthetic microreactors as diagnostic devices.

PubMed

Courbet, Alexis; Amar, Patrick; Fages, François; Renard, Eric; Molina, Franck

2018-04-26

Biological systems have evolved efficient sensing and decision-making mechanisms to maximize fitness in changing molecular environments. Synthetic biologists have exploited these capabilities to engineer control on information and energy processing in living cells. While engineered organisms pose important technological and ethical challenges, de novo assembly of non-living biomolecular devices could offer promising avenues toward various real-world applications. However, assembling biochemical parts into functional information processing systems has remained challenging due to extensive multidimensional parameter spaces that must be sampled comprehensively in order to identify robust, specification compliant molecular implementations. We introduce a systematic methodology based on automated computational design and microfluidics enabling the programming of synthetic cell-like microreactors embedding biochemical logic circuits, or protosensors , to perform accurate biosensing and biocomputing operations in vitro according to temporal logic specifications. We show that proof-of-concept protosensors integrating diagnostic algorithms detect specific patterns of biomarkers in human clinical samples. Protosensors may enable novel approaches to medicine and represent a step toward autonomous micromachines capable of precise interfacing of human physiology or other complex biological environments, ecosystems, or industrial bioprocesses. © 2018 The Authors. Published under the terms of the CC BY 4.0 license.

A Method for Growing Bio-memristors from Slime Mold.

PubMed

Miranda, Eduardo Reck; Braund, Edward

2017-11-02

Our research is aimed at gaining a better understanding of the electronic properties of organisms in order to engineer novel bioelectronic systems and computing architectures based on biology. This specific paper focuses on harnessing the unicellular slime mold Physarum polycephalum to develop bio-memristors (or biological memristors) and bio-computing devices. The memristor is a resistor that possesses memory. It is the 4th fundamental passive circuit element (the other three are the resistor, the capacitor, and the inductor), which is paving the way for the design of new kinds of computing systems; e.g., computers that might relinquish the distinction between storage and a central processing unit. When applied with an AC voltage, the current vs. voltage characteristic of a memristor is a pinched hysteresis loop. It has been shown that P. polycephalum produces pinched hysteresis loops under AC voltages and displays adaptive behavior that is comparable with the functioning of a memristor. This paper presents the method that we developed for implementing bio-memristors with P. polycephalum and introduces the development of a receptacle to culture the organism, which facilitates its deployment as an electronic circuit component. Our method has proven to decrease growth time, increase component lifespan, and standardize electrical observations.

High-performance biocomputing for simulating the spread of contagion over large contact networks

PubMed Central

2012-01-01

Background Many important biological problems can be modeled as contagion diffusion processes over interaction networks. This article shows how the EpiSimdemics interaction-based simulation system can be applied to the general contagion diffusion problem. Two specific problems, computational epidemiology and human immune system modeling, are given as examples. We then show how the graphics processing unit (GPU) within each compute node of a cluster can effectively be used to speed-up the execution of these types of problems. Results We show that a single GPU can accelerate the EpiSimdemics computation kernel by a factor of 6 and the entire application by a factor of 3.3, compared to the execution time on a single core. When 8 CPU cores and 2 GPU devices are utilized, the speed-up of the computational kernel increases to 9.5. When combined with effective techniques for inter-node communication, excellent scalability can be achieved without significant loss of accuracy in the results. Conclusions We show that interaction-based simulation systems can be used to model disparate and highly relevant problems in biology. We also show that offloading some of the work to GPUs in distributed interaction-based simulations can be an effective way to achieve increased intra-node efficiency. PMID:22537298

The Grid as a healthcare provision tool.

PubMed

Hernández, V; Blanquer, I

2005-01-01

This paper presents a survey on HealthGrid technologies, describing the current status of Grid and eHealth and analyzing them in the medium-term future. The objective is to analyze the key points, barriers and driving forces for the take-up of HealthGrids. The article considers the procedures from other Grid disciplines such as high energy physics or biomolecular engineering and discusses the differences with respect to healthcare. It analyzes the status of the basic technology, the needs of the eHealth environment and the successes of current projects in health and other relevant disciplines. Information and communication technology (ICT) in healthcare is a promising area for the use of the Grid. There are many driving forces that are fostering the application of the secure, pervasive, ubiquitous and transparent access to information and computing resources that Grid technologies can provide. However, there are many barriers that must be solved. Many technical problems that arise in eHealth (standardization of data, federation of databases, content-based knowledge extraction, and management of personal data ...) can be solved with Grid technologies. The article presents the development of successful and demonstrative applications as the key for the take-up of HealthGrids, where short-term future medical applications will surely be biocomputing-oriented, and the future of Grid technologies on medical imaging seems promising. Finally, exploitation of HealthGrid is analyzed considering the curve of the adoption of ICT solutions and the definition of business models, which are far more complex than in other e-business technologies such ASP.

Autopoiesis + extended cognition + nature = can buildings think?

PubMed Central

Dollens, Dennis

2015-01-01

To incorporate metabolic, bioremedial functions into the performance of buildings and to balance generative architecture's dominant focus on computational programming and digital fabrication, this text first discusses hybridizing Maturana and Varela's biological theory of autopoiesis with Andy Clark's hypothesis of extended cognition. Doing so establishes a procedural protocol to research biological domains from which design could source data/insight from biosemiotics, sensory plants, and biocomputation. I trace computation and botanic simulations back to Alan Turing's little-known 1950s Morphogenetic drawings, reaction-diffusion algorithms, and pioneering artificial intelligence (AI) in order to establish bioarchitecture's generative point of origin. I ask provocatively, Can buildings think? as a question echoing Turing's own, "Can machines think?" PMID:26478784

Workshop on Molecular Animation

PubMed Central

Bromberg, Sarina; Chiu, Wah; Ferrin, Thomas E.

2011-01-01

Summary February 25–26, 2010, in San Francisco, the Resource for Biocomputing, Visualization and Informatics (RBVI) and the National Center for Macromolecular Imaging (NCMI) hosted a molecular animation workshop for 21 structural biologists, molecular animators, and creators of molecular visualization software. Molecular animation aims to visualize scientific understanding of biomolecular processes and structures. The primary goal of the workshop was to identify the necessary tools for: producing high quality molecular animations, understanding complex molecular and cellular structures, creating publication supplementary materials and conference presentations, and teaching science to students and the public. Another use of molecular animation emerged in the workshop: helping to focus scientific inquiry about the motions of molecules and enhancing informal communication within and between laboratories. PMID:20947014

Groups: knowledge spreadsheets for symbolic biocomputing.

PubMed

Travers, Michael; Paley, Suzanne M; Shrager, Jeff; Holland, Timothy A; Karp, Peter D

2013-01-01

Knowledge spreadsheets (KSs) are a visual tool for interactive data analysis and exploration. They differ from traditional spreadsheets in that rather than being oriented toward numeric data, they work with symbolic knowledge representation structures and provide operations that take into account the semantics of the application domain. 'Groups' is an implementation of KSs within the Pathway Tools system. Groups allows Pathway Tools users to define a group of objects (e.g. groups of genes or metabolites) from a Pathway/Genome Database. Groups can be transformed (e.g. by transforming a metabolite group to the group of pathways in which those metabolites are substrates); combined through set operations; analysed (e.g. through enrichment analysis); and visualized (e.g. by painting onto a metabolic map diagram). Users of the Pathway Tools-based BioCyc.org website have made extensive use of Groups, and an informal survey of Groups users suggests that Groups has achieved the goal of allowing biologists themselves to perform some data manipulations that previously would have required the assistance of a programmer. Database URL: BioCyc.org.

Enzyme-regulated the changes of pH values for assembling a colorimetric and multistage interconnection logic network with multiple readouts.

PubMed

Huang, Yanyan; Ran, Xiang; Lin, Youhui; Ren, Jinsong; Qu, Xiaogang

2015-04-22

Based on enzymatic reactions-triggered changes of pH values and biocomputing, a novel and multistage interconnection biological network with multiple easy-detectable signal outputs has been developed. Compared with traditional chemical computing, the enzyme-based biological system could overcome the interference between reactions or the incompatibility of individual computing gates and offer a unique opportunity to assemble multicomponent/multifunctional logic circuitries. Our system included four enzyme inputs: β-galactosidase (β-gal), glucose oxidase (GOx), esterase (Est) and urease (Ur). With the assistance of two signal transducers (gold nanoparticles and acid-base indicators) or pH meter, the outputs of the biological network could be conveniently read by the naked eyes. In contrast to current methods, the approach present here could realize cost-effective, label-free and colorimetric logic operations without complicated instrument. By designing a series of Boolean logic operations, we could logically make judgment of the compositions of the samples on the basis of visual output signals. Our work offered a promising paradigm for future biological computing technology and might be highly useful in future intelligent diagnostics, prodrug activation, smart drug delivery, process control, and electronic applications. Copyright © 2015 Elsevier B.V. All rights reserved.

A Method for Growing Bio-memristors from Slime Mold

PubMed Central

Miranda, Eduardo Reck; Braund, Edward

2017-01-01

Our research is aimed at gaining a better understanding of the electronic properties of organisms in order to engineer novel bioelectronic systems and computing architectures based on biology. This specific paper focuses on harnessing the unicellular slime mold Physarum polycephalum to develop bio-memristors (or biological memristors) and bio-computing devices. The memristor is a resistor that possesses memory. It is the 4th fundamental passive circuit element (the other three are the resistor, the capacitor, and the inductor), which is paving the way for the design of new kinds of computing systems; e.g., computers that might relinquish the distinction between storage and a central processing unit. When applied with an AC voltage, the current vs. voltage characteristic of a memristor is a pinched hysteresis loop. It has been shown that P. polycephalum produces pinched hysteresis loops under AC voltages and displays adaptive behavior that is comparable with the functioning of a memristor. This paper presents the method that we developed for implementing bio-memristors with P. polycephalum and introduces the development of a receptacle to culture the organism, which facilitates its deployment as an electronic circuit component. Our method has proven to decrease growth time, increase component lifespan, and standardize electrical observations. PMID:29155754

Unique life sciences research facilities at NASA Ames Research Center

NASA Technical Reports Server (NTRS)

Mulenburg, G. M.; Vasques, M.; Caldwell, W. F.; Tucker, J.

1994-01-01

The Life Science Division at NASA's Ames Research Center has a suite of specialized facilities that enable scientists to study the effects of gravity on living systems. This paper describes some of these facilities and their use in research. Seven centrifuges, each with its own unique abilities, allow testing of a variety of parameters on test subjects ranging from single cells through hardware to humans. The Vestibular Research Facility allows the study of both centrifugation and linear acceleration on animals and humans. The Biocomputation Center uses computers for 3D reconstruction of physiological systems, and interactive research tools for virtual reality modeling. Psycophysiological, cardiovascular, exercise physiology, and biomechanical studies are conducted in the 12 bed Human Research Facility and samples are analyzed in the certified Central Clinical Laboratory and other laboratories at Ames. Human bedrest, water immersion and lower body negative pressure equipment are also available to study physiological changes associated with weightlessness. These and other weightlessness models are used in specialized laboratories for the study of basic physiological mechanisms, metabolism and cell biology. Visual-motor performance, perception, and adaptation are studied using ground-based models as well as short term weightlessness experiments (parabolic flights). The unique combination of Life Science research facilities, laboratories, and equipment at Ames Research Center are described in detail in relation to their research contributions.

Solving a four-destination traveling salesman problem using Escherichia coli cells as biocomputers.

PubMed

Esau, Michael; Rozema, Mark; Zhang, Tuo Huang; Zeng, Dawson; Chiu, Stephanie; Kwan, Rachel; Moorhouse, Cadence; Murray, Cameron; Tseng, Nien-Tsu; Ridgway, Doug; Sauvageau, Dominic; Ellison, Michael

2014-12-19

The Traveling Salesman Problem involves finding the shortest possible route visiting all destinations on a map only once before returning to the point of origin. The present study demonstrates a strategy for solving Traveling Salesman Problems using modified E. coli cells as processors for massively parallel computing. Sequential, combinatorial DNA assembly was used to generate routes, in the form of plasmids made up of marker genes, each representing a path between destinations, and short connecting linkers, each representing a given destination. Upon growth of the population of modified E. coli, phenotypic selection was used to eliminate invalid routes, and statistical analysis was performed to successfully identify the optimal solution. The strategy was successfully employed to solve a four-destination test problem.

Smart Sensors: Why and when the origin was and why and where the future will be

NASA Astrophysics Data System (ADS)

Corsi, C.

2013-12-01

Smart Sensors is a technique developed in the 70's when the processing capabilities, based on readout integrated with signal processing, was still far from the complexity needed in advanced IR surveillance and warning systems, because of the enormous amount of noise/unwanted signals emitted by operating scenario especially in military applications. The Smart Sensors technology was kept restricted within a close military environment exploding in applications and performances in the 90's years thanks to the impressive improvements in the integrated signal read-out and processing achieved by CCD-CMOS technologies in FPA. In fact the rapid advances of "very large scale integration" (VLSI) processor technology and mosaic EO detector array technology allowed to develop new generations of Smart Sensors with much improved signal processing by integrating microcomputers and other VLSI signal processors. inside the sensor structure achieving some basic functions of living eyes (dynamic stare, non-uniformity compensation, spatial and temporal filtering). New and future technologies (Nanotechnology, Bio-Organic Electronics, Bio-Computing) are lightning a new generation of Smart Sensors extending the Smartness from the Space-Time Domain to Spectroscopic Functional Multi-Domain Signal Processing. History and future forecasting of Smart Sensors will be reported.

PepComposer: computational design of peptides binding to a given protein surface

PubMed Central

Obarska-Kosinska, Agnieszka; Iacoangeli, Alfredo; Lepore, Rosalba; Tramontano, Anna

2016-01-01

There is a wide interest in designing peptides able to bind to a specific region of a protein with the aim of interfering with a known interaction or as starting point for the design of inhibitors. Here we describe PepComposer, a new pipeline for the computational design of peptides binding to a given protein surface. PepComposer only requires the target protein structure and an approximate definition of the binding site as input. We first retrieve a set of peptide backbone scaffolds from monomeric proteins that harbor the same backbone arrangement as the binding site of the protein of interest. Next, we design optimal sequences for the identified peptide scaffolds. The method is fully automatic and available as a web server at http://biocomputing.it/pepcomposer/webserver. PMID:27131789

Towards a first implementation of the WLIMES approach in living system studies advancing the diagnostics and therapy in augmented personalized medicine.

PubMed

Simeonov, Plamen L

2017-12-01

The goal of this paper is to advance an extensible theory of living systems using an approach to biomathematics and biocomputation that suitably addresses self-organized, self-referential and anticipatory systems with multi-temporal multi-agents. Our first step is to provide foundations for modelling of emergent and evolving dynamic multi-level organic complexes and their sustentative processes in artificial and natural life systems. Main applications are in life sciences, medicine, ecology and astrobiology, as well as robotics, industrial automation, man-machine interface and creative design. Since 2011 over 100 scientists from a number of disciplines have been exploring a substantial set of theoretical frameworks for a comprehensive theory of life known as Integral Biomathics. That effort identified the need for a robust core model of organisms as dynamic wholes, using advanced and adequately computable mathematics. The work described here for that core combines the advantages of a situation and context aware multivalent computational logic for active self-organizing networks, Wandering Logic Intelligence (WLI), and a multi-scale dynamic category theory, Memory Evolutive Systems (MES), hence WLIMES. This is presented to the modeller via a formal augmented reality language as a first step towards practical modelling and simulation of multi-level living systems. Initial work focuses on the design and implementation of this visual language and calculus (VLC) and its graphical user interface. The results will be integrated within the current methodology and practices of theoretical biology and (personalized) medicine to deepen and to enhance the holistic understanding of life. Copyright © 2017 Elsevier B.V. All rights reserved.

GeneBee-net: Internet-based server for analyzing biopolymers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brodsky, L.I.; Ivanov, V.V.; Nikolaev, V.K.

This work describes a network server for searching databanks of biopolymer structures and performing other biocomputing procedures; it is available via direct Internet connection. Basic server procedures are dedicated to homology (similarity) search of sequence and 3D structure of proteins. The homologies found could be used to build multiple alignments, predict protein and RNA secondary structure, and construct phylogenetic trees. In addition to traditional methods of sequence similarity search, the authors propose {open_quotes}non-matrix{close_quotes} (correlational) search. An analogous approach is used to identify regions of similar tertiary structure of proteins. Algorithm concepts and usage examples are presented for new methods. Servicemore » logic is based upon interaction of a client program and server procedures. The client program allows the compilation of queries and the processing of results of an analysis.« less

New Applications for Phage Integrases

PubMed Central

Fogg, Paul C.M.; Colloms, Sean; Rosser, Susan; Stark, Marshall; Smith, Margaret C.M.

2014-01-01

Within the last 25 years, bacteriophage integrases have rapidly risen to prominence as genetic tools for a wide range of applications from basic cloning to genome engineering. Serine integrases such as that from ϕC31 and its relatives have found an especially wide range of applications within diverse micro-organisms right through to multi-cellular eukaryotes. Here, we review the mechanisms of the two major families of integrases, the tyrosine and serine integrases, and the advantages and disadvantages of each type as they are applied in genome engineering and synthetic biology. In particular, we focus on the new areas of metabolic pathway construction and optimization, biocomputing, heterologous expression and multiplexed assembly techniques. Integrases are versatile and efficient tools that can be used in conjunction with the various extant molecular biology tools to streamline the synthetic biology production line. PMID:24857859

Human microbiome visualization using 3D technology.

PubMed

Moore, Jason H; Lari, Richard Cowper Sal; Hill, Douglas; Hibberd, Patricia L; Madan, Juliette C

2011-01-01

High-throughput sequencing technology has opened the door to the study of the human microbiome and its relationship with health and disease. This is both an opportunity and a significant biocomputing challenge. We present here a 3D visualization methodology and freely-available software package for facilitating the exploration and analysis of high-dimensional human microbiome data. Our visualization approach harnesses the power of commercial video game development engines to provide an interactive medium in the form of a 3D heat map for exploration of microbial species and their relative abundance in different patients. The advantage of this approach is that the third dimension provides additional layers of information that cannot be visualized using a traditional 2D heat map. We demonstrate the usefulness of this visualization approach using microbiome data collected from a sample of premature babies with and without sepsis.

Prediction of site-specific interactions in antibody-antigen complexes: the proABC method and server.

PubMed

Olimpieri, Pier Paolo; Chailyan, Anna; Tramontano, Anna; Marcatili, Paolo

2013-09-15

Antibodies or immunoglobulins are proteins of paramount importance in the immune system. They are extremely relevant as diagnostic, biotechnological and therapeutic tools. Their modular structure makes it easy to re-engineer them for specific purposes. Short of undergoing a trial and error process, these experiments, as well as others, need to rely on an understanding of the specific determinants of the antibody binding mode. In this article, we present a method to identify, on the basis of the antibody sequence alone, which residues of an antibody directly interact with its cognate antigen. The method, based on the random forest automatic learning techniques, reaches a recall and specificity as high as 80% and is implemented as a free and easy-to-use server, named prediction of Antibody Contacts. We believe that it can be of great help in re-design experiments as well as a guide for molecular docking experiments. The results that we obtained also allowed us to dissect which features of the antibody sequence contribute most to the involvement of specific residues in binding to the antigen. http://www.biocomputing.it/proABC. anna.tramontano@uniroma1.it or paolo.marcatili@gmail.com Supplementary data are available at Bioinformatics online.

The Essential Component in DNA-Based Information Storage System: Robust Error-Tolerating Module

PubMed Central

Yim, Aldrin Kay-Yuen; Yu, Allen Chi-Shing; Li, Jing-Woei; Wong, Ada In-Chun; Loo, Jacky F. C.; Chan, King Ming; Kong, S. K.; Yip, Kevin Y.; Chan, Ting-Fung

2014-01-01

The size of digital data is ever increasing and is expected to grow to 40,000 EB by 2020, yet the estimated global information storage capacity in 2011 is <300 EB, indicating that most of the data are transient. DNA, as a very stable nano-molecule, is an ideal massive storage device for long-term data archive. The two most notable illustrations are from Church et al. and Goldman et al., whose approaches are well-optimized for most sequencing platforms – short synthesized DNA fragments without homopolymer. Here, we suggested improvements on error handling methodology that could enable the integration of DNA-based computational process, e.g., algorithms based on self-assembly of DNA. As a proof of concept, a picture of size 438 bytes was encoded to DNA with low-density parity-check error-correction code. We salvaged a significant portion of sequencing reads with mutations generated during DNA synthesis and sequencing and successfully reconstructed the entire picture. A modular-based programing framework – DNAcodec with an eXtensible Markup Language-based data format was also introduced. Our experiments demonstrated the practicability of long DNA message recovery with high error tolerance, which opens the field to biocomputing and synthetic biology. PMID:25414846

Engineering nucleic acid structures for programmable molecular circuitry and intracellular biocomputation

NASA Astrophysics Data System (ADS)

Li, Jiang; Green, Alexander A.; Yan, Hao; Fan, Chunhai

2017-11-01

Nucleic acids have attracted widespread attention due to the simplicity with which they can be designed to form discrete structures and programmed to perform specific functions at the nanoscale. The advantages of DNA/RNA nanotechnology offer numerous opportunities for in-cell and in-vivo applications, and the technology holds great promise to advance the growing field of synthetic biology. Many elegant examples have revealed the potential in integrating nucleic acid nanostructures in cells and in vivo where they can perform important physiological functions. In this Review, we summarize the current abilities of DNA/RNA nanotechnology to realize applications in live cells and then discuss the key problems that must be solved to fully exploit the useful properties of nanostructures. Finally, we provide viewpoints on how to integrate the tools provided by DNA/RNA nanotechnology and related new technologies to construct nucleic acid nanostructure-based molecular circuitry for synthetic biology.

A single-layer platform for Boolean logic and arithmetic through DNA excision in mammalian cells

PubMed Central

Weinberg, Benjamin H.; Hang Pham, N. T.; Caraballo, Leidy D.; Lozanoski, Thomas; Engel, Adrien; Bhatia, Swapnil; Wong, Wilson W.

2017-01-01

Genetic circuits engineered for mammalian cells often require extensive fine-tuning to perform their intended functions. To overcome this problem, we present a generalizable biocomputing platform that can engineer genetic circuits which function in human cells with minimal optimization. We used our Boolean Logic and Arithmetic through DNA Excision (BLADE) platform to build more than 100 multi-input-multi-output circuits. We devised a quantitative metric to evaluate the performance of the circuits in human embryonic kidney and Jurkat T cells. Of 113 circuits analysed, 109 functioned (96.5%) with the correct specified behavior without any optimization. We used our platform to build a three-input, two-output Full Adder and six-input, one-output Boolean Logic Look Up Table. We also used BLADE to design circuits with temporal small molecule-mediated inducible control and circuits that incorporate CRISPR/Cas9 to regulate endogenous mammalian genes. PMID:28346402

Evidence for a vast peptide overlap between West Nile virus and human proteomes.

PubMed

Capone, Giovanni; Pagoni, Maria; Delfino, Antonella Pesce; Kanduc, Darja

2013-10-01

The primary amino acid sequence of West Nile virus (WNV) polyprotein, GenBank accession number M12294, was analyzed by computional biology. WNV is a mosquito-borne neurotropic flavivirus that has emerged globally as a significant cause of viral encephalitis in humans. Using pentapeptides as scanning units and the perfect peptide match program from PIR International Protein Sequence Database, we compared the WNV polyprotein and the human proteome. WNV polyprotein showed significant sequence similarities to a number of human proteins. Several of these proteins are involved in embryogenesis, neurite outgrowth, cortical neuron branching, formation of mature synapses, semaphorin interactions, and voltage dependent L-type calcium channel subunits. The biocomputional study suggest that common amino acid segments might represent a potential platform for further studies on the neurological pathophysiology of WNV infections. © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

BIOCOMPUTATION: some history and prospects.

PubMed

Cull, Paul

2013-06-01

At first glance, biology and computer science are diametrically opposed sciences. Biology deals with carbon based life forms shaped by evolution and natural selection. Computer Science deals with electronic machines designed by engineers and guided by mathematical algorithms. In this brief paper, we review biologically inspired computing. We discuss several models of computation which have arisen from various biological studies. We show what these have in common, and conjecture how biology can still suggest answers and models for the next generation of computing problems. We discuss computation and argue that these biologically inspired models do not extend the theoretical limits on computation. We suggest that, in practice, biological models may give more succinct representations of various problems, and we mention a few cases in which biological models have proved useful. We also discuss the reciprocal impact of computer science on biology and cite a few significant contributions to biological science. Copyright © 2013 Elsevier Ireland Ltd. All rights reserved.

49 CFR 659.23 - System security plan: contents.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: contents. 659.23 Section 659... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at a... system security plan; and (e) Document the rail transit agency's process for making its system security...

Multi-input and -output logic circuits based on bioelectrocatalysis with horseradish peroxidase and glucose oxidase immobilized in multi-responsive copolymer films on electrodes.

PubMed

Yu, Xue; Lian, Wenjing; Zhang, Jiannan; Liu, Hongyun

2016-06-15

Herein, poly(N-isopropylacrylamide-co-N,N'-dimethylaminoethylmethacrylate) copolymer films were polymerized on electrode surface with a simple one-step method, and the enzyme horseradish peroxidase (HRP) was embedded in the films simultaneously, which were designated as P(NiPAAm-co-DMEM)-HRP. The films exhibited a reversible structure change with the external stimuli, such as pH, CO2, temperature and SO4(2-), causing the cyclic voltammetric (CV) response of electroactive K3Fe(CN)6 at the film electrodes to display the corresponding multi-stimuli sensitive ON-OFF behavior. Based on the switchable CV property of the system and the electrochemical reduction of H2O2 catalyzed by HRP in the films and mediated by Fe(CN)6(3-) in solution, a 5-input/3-output logic gate was established. To further increase the complexity of the logic system, another enzyme glucose oxidase (GOD) was added into the films, designated as P(NiPAAm-co-DMEM)-HRP-GOD. In the presence of oxygen, the oxidation of glucose in the solution was catalyzed by GOD in the films, and the produced H2O2 in situ was recognized and electrocatalytically reduced by HRP and mediated by Fe(CN)6(3-). Based on the bienzyme films, a cascaded or concatenated 4-input/3-output logic gate system was proposed. The present work combined the multi-responsive interface with bioelectrocatalysis to construct cascaded logic circuits, which might open a new avenue to develop biocomputing elements with more sophisticated functions and design novel glucose biosensors. Copyright © 2016 Elsevier B.V. All rights reserved.

Secure key storage and distribution

DOEpatents

Agrawal, Punit

2015-06-02

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

Smart materials on the way to theranostic nanorobots: Molecular machines and nanomotors, advanced biosensors, and intelligent vehicles for drug delivery.

PubMed

Sokolov, Ilya L; Cherkasov, Vladimir R; Tregubov, Andrey A; Buiucli, Sveatoslav R; Nikitin, Maxim P

2017-06-01

Theranostics, a fusion of two key parts of modern medicine - diagnostics and therapy of the organism's disorders, promises to bring the efficacy of medical treatment to a fundamentally new level and to become the basis of personalized medicine. Extrapolating today's progress in the field of smart materials to the long-run prospect, we can imagine future intelligent agents capable of performing complex analysis of different physiological factors inside the living organism and implementing a built-in program thereby triggering a series of therapeutic actions. These agents, by analogy with their macroscopic counterparts, can be called nanorobots. It is quite obscure what these devices are going to look like but they will be more or less based on today's achievements in nanobiotechnology. The present Review is an attempt to systematize highly diverse nanomaterials, which may potentially serve as modules for theranostic nanorobotics, e.g., nanomotors, sensing units, and payload carriers. Biocomputing-based sensing, externally actuated or chemically "fueled" autonomous movement, swarm inter-agent communication behavior are just a few inspiring examples that nanobiotechnology can offer today for construction of truly intelligent drug delivery systems. The progress of smart nanomaterials toward fully autonomous drug delivery nanorobots is an exciting prospect for disease treatment. Synergistic combination of the available approaches and their further development may produce intelligent drugs of unmatched functionality. Copyright © 2017 Elsevier B.V. All rights reserved.

31 CFR 356.4 - What are the book-entry systems in which auctioned Treasury securities may be issued?

Code of Federal Regulations, 2010 CFR

2010-07-01

... in which auctioned Treasury securities may be issued? There are three book-entry securities systems... marketable Treasury securities. We maintain and transfer securities in these three book-entry systems at... inflation. Securities may be transferred from one system to the other, unless the securities are not...

Correlation Research of Medical Security Management System Network Platform in Medical Practice

NASA Astrophysics Data System (ADS)

Jie, Wang; Fan, Zhang; Jian, Hao; Li-nong, Yu; Jun, Fei; Ping, Hao; Ya-wei, Shen; Yue-jin, Chang

Objective-The related research of medical security management system network in medical practice. Methods-Establishing network platform of medical safety management system, medical security network host station, medical security management system(C/S), medical security management system of departments and sections, comprehensive query, medical security disposal and examination system. Results-In medical safety management, medical security management system can reflect the hospital medical security problem, and can achieve real-time detection and improve the medical security incident detection rate. Conclusion-The application of the research in the hospital management implementation, can find hospital medical security hidden danger and the problems of medical disputes, and can help in resolving medical disputes in time and achieve good work efficiency, which is worth applying in the hospital practice.

76 FR 58786 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-22

... National Security Agency/Central Security System systems of records notices subject to the Privacy Act of... inquiries to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; Systems of Records AGENCY: National Security Agency/Central Security Service, Department of Defense (DoD...

31 CFR 306.23 - Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Legacy Treasury Direct® Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury... Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System. (a) Eligible... book-entry securities system. (b) Conversion of Registered Security to book-entry form to be held in...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

NASA Astrophysics Data System (ADS)

Li, X. S.; Peng, Z. Y.; Li, T. T.

2016-08-01

This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS). 80.277... Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety..., “RTCM Standard 11020.0—Ship Security Alert Systems (SSAS) using the Cospas-Sarsat System,” Version 1.0...

76 FR 43993 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-22

...; System of Records AGENCY: National Security Agency/Central Security Service, Department of Defense. ACTION: Notice to Delete a System of Records. SUMMARY: The National Security Agency/Central Security.... FOR FURTHER INFORMATION CONTACT: Ms. Anne Hill, National Security Agency/Central Security Service...

31 CFR 306.23 - Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System.

Code of Federal Regulations, 2010 CFR

2010-07-01

... TREASURY DIRECT Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury Regulations... Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System. (a) Eligible issues. The... conversion to the TREASURY DIRECT Book-entry Securities System. The notice shall specify the period during...

[Application of classified protection of information security in the information system of air pollution and health impact monitoring].

PubMed

Hao, Shuxin; Lü, Yiran; Liu, Jie; Liu, Yue; Xu, Dongqun

2018-01-01

To study the application of classified protection of information security in the information system of air pollution and health impact monitoring, so as to solve the possible safety risk of the information system. According to the relevant national standards and requirements for the information system security classified protection, and the professional characteristics of the information system, to design and implement the security architecture of information system, also to determine the protection level of information system. Basic security measures for the information system were developed in the technical safety and management safety aspects according to the protection levels, which effectively prevented the security risk of the information system. The information system established relatively complete information security protection measures, to enhanced the security of professional information and system service, and to ensure the safety of air pollution and health impact monitoring project carried out smoothly.

Security Evolution.

ERIC Educational Resources Information Center

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

33 CFR 106.255 - Security systems and equipment maintenance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... maintained according to manufacturers' recommendations. (b) Security systems must be regularly tested in... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance. (a...

An integrative approach to predicting the functional effects of small indels in non-coding regions of the human genome

PubMed Central

Ferlaino, Michael; Rogers, Mark F.; Shihab, Hashem A.; Mort, Matthew; Cooper, David N.; Gaunt, Tom R.; Campbell, Colin

2018-01-01

Background Small insertions and deletions (indels) have a significant influence in human disease and, in terms of frequency, they are second only to single nucleotide variants as pathogenic mutations. As the majority of mutations associated with complex traits are located outside the exome, it is crucial to investigate the potential pathogenic impact of indels in non-coding regions of the human genome. Results We present FATHMM-indel, an integrative approach to predict the functional effect, pathogenic or neutral, of indels in non-coding regions of the human genome. Our method exploits various genomic annotations in addition to sequence data. When validated on benchmark data, FATHMM-indel significantly outperforms CADD and GAVIN, state of the art models in assessing the pathogenic impact of non-coding variants. FATHMM-indel is available via a web server at indels.biocompute.org.uk. Conclusions FATHMM-indel can accurately predict the functional impact and prioritise small indels throughout the whole non-coding genome. PMID:28985712

Approaching the thermodynamic view of protein folding through the reproduction of Anfinsen's experiment by undergraduate physical biochemistry students.

PubMed

Fernandez-Reche, Andres; Cobos, Eva S; Luque, Irene; Ruiz-Sanz, Javier; Martinez, Jose C

2018-01-04

In 1972 Christian B. Anfinsen received the Nobel Prize in Chemistry for "…his work on ribonuclease, especially concerning the connection between the amino acid sequence and the biologically active conformation." The understanding of this principle is crucial for physical biochemistry students, since protein folding studies, bio-computing sciences and protein design approaches are founded on such a well-demonstrated connection. Herein, we describe a detailed and easy-to-follow experiment to reproduce the most relevant assays carried out at Anfinsen's laboratory in the 60s. This experiment provides students with a platform to interpret by themselves the structural and kinetic experiments conceived to understand the protein folding problem. In addition, this three-day experiment brings students a nice opportunity for protein manipulation as well as for the setting up of spectroscopic and chromatographic techniques. © 2018 by The International Union of Biochemistry and Molecular Biology, 2018. © 2018 The International Union of Biochemistry and Molecular Biology.

An integrative approach to predicting the functional effects of small indels in non-coding regions of the human genome.

PubMed

Ferlaino, Michael; Rogers, Mark F; Shihab, Hashem A; Mort, Matthew; Cooper, David N; Gaunt, Tom R; Campbell, Colin

2017-10-06

Small insertions and deletions (indels) have a significant influence in human disease and, in terms of frequency, they are second only to single nucleotide variants as pathogenic mutations. As the majority of mutations associated with complex traits are located outside the exome, it is crucial to investigate the potential pathogenic impact of indels in non-coding regions of the human genome. We present FATHMM-indel, an integrative approach to predict the functional effect, pathogenic or neutral, of indels in non-coding regions of the human genome. Our method exploits various genomic annotations in addition to sequence data. When validated on benchmark data, FATHMM-indel significantly outperforms CADD and GAVIN, state of the art models in assessing the pathogenic impact of non-coding variants. FATHMM-indel is available via a web server at indels.biocompute.org.uk. FATHMM-indel can accurately predict the functional impact and prioritise small indels throughout the whole non-coding genome.

Intersection of toxicogenomics and high throughput screening in the Tox21 program: an NIEHS perspective.

PubMed

Merrick, B Alex; Paules, Richard S; Tice, Raymond R

Humans are exposed to thousands of chemicals with inadequate toxicological data. Advances in computational toxicology, robotic high throughput screening (HTS), and genome-wide expression have been integrated into the Tox21 program to better predict the toxicological effects of chemicals. Tox21 is a collaboration among US government agencies initiated in 2008 that aims to shift chemical hazard assessment from traditional animal toxicology to target-specific, mechanism-based, biological observations using in vitro assays and lower organism models. HTS uses biocomputational methods for probing thousands of chemicals in in vitro assays for gene-pathway response patterns predictive of adverse human health outcomes. In 1999, NIEHS began exploring the application of toxicogenomics to toxicology and recent advances in NextGen sequencing should greatly enhance the biological content obtained from HTS platforms. We foresee an intersection of new technologies in toxicogenomics and HTS as an innovative development in Tox21. Tox21 goals, priorities, progress, and challenges will be reviewed.

Computational discovery of small open reading frames in Bacillus lehensis

NASA Astrophysics Data System (ADS)

Zainuddin, Nurhafizhoh; Illias, Rosli Md.; Mahadi, Nor Muhammad; Firdaus-Raih, Mohd

2015-09-01

Bacillus lehensis is a Gram-positive and endospore-forming alkalitolerant bacterial strain. In recent years there has been increasing interest in alkaliphilic bacteria and their ability to grow under extreme conditions as well as their ability to serve various important functions in industrial biology especially enzyme production. Small open reading frames (sORFs) have emerged as important regulators in various biological roles such as tumor progression, hormone signalling and stress response. Over the past decade, many biocomputational tools have been developed to predict genes in bacterial genomes. In this study, three softwares were used to predict sORF (≤ 80 aa) in B. lehensis by using whole genome sequence. We used comparative analysis to identify the sORFs in B. lehensis that conserved across all other bacterial genomes. We extended the analysis by doing the homology analysis against protein database. This study established the sORFs in B. lehensis that are conserved across bacteria which might has important biological function which still remain elusive in biological field.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

75 FR 56079 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-15

... to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to amend a system of records. SUMMARY: The National Security Agency/Central Security Service is proposing to...

Computer Security Systems Enable Access.

ERIC Educational Resources Information Center

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

Energy System Integration Facility Secure Data Center | Energy Systems

Science.gov Websites

Integration Facility | NREL Energy System Integration Facility Secure Data Center Energy System Integration Facility Secure Data Center The Energy Systems Integration Facility's Secure Data Center provides

77 FR 56628 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to add a system of records. SUMMARY: The National Security Agency/Central Security Service proposes to add a new...

78 FR 45913 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-30

... National Security Agency/Central Security Service systems of records subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act Office, 9800...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to alter...

77 FR 26259 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-03

.... SUPPLEMENTARY INFORMATION: The National Security Agency systems of records notice subject to the Privacy Act of... of Records AGENCY: National Security Agency/Central Security Service. ACTION: Notice to Delete a System of Records. SUMMARY: The National Security Agency/Central Security Service is deleting a system of...

75 FR 67697 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-03

... National Security Agency's record system notices for records systems subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act (FOIA)/Privacy Act Office...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to add a...

75 FR 43494 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-26

... National Security Agency's record system notices for records systems subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act and Privacy Act Office, 9800...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to...

8 CFR 103.34 - Security of records systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Security of records systems. 103.34 Section 103.34 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS POWERS AND DUTIES; AVAILABILITY OF RECORDS § 103.34 Security of records systems. The security of records systems...

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-04-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-01-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

Information technology security system engineering methodology

NASA Technical Reports Server (NTRS)

Childs, D.

2003-01-01

A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

6 CFR 5.31 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security of systems of records. 5.31 Section 5.31 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.31 Security of systems of records. (a) In general. Each component...

Personal health record systems and their security protection.

PubMed

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

28 CFR 700.24 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 28 Judicial Administration 2 2010-07-01 2010-07-01 false Security of systems of records. 700.24... Records Under the Privacy Act of 1974 § 700.24 Security of systems of records. (a) The Office Administrator or Security Officer shall be responsible for issuing regulations governing the security of systems...

A cross-case comparative analysis of international security forces' impacts on health systems in conflict-affected and fragile states.

PubMed

Bourdeaux, Margaret; Kerry, Vanessa; Haggenmiller, Christian; Nickel, Karlheinz

2015-01-01

Destruction of health systems in fragile and conflict-affected states increases civilian mortality. Despite the size, scope, scale and political influence of international security forces intervening in fragile states, little attention has been paid to array of ways they may impact health systems beyond their effects on short-term humanitarian health aid delivery. Using case studies we published on international security forces' impacts on health systems in Haiti, Kosovo, Afghanistan and Libya, we conducted a comparative analysis that examined three questions: What aspects, or building blocks, of health systems did security forces impact across the cases and what was the nature of these impacts? What forums or mechanisms did international security forces use to interact with health system actors? What policies facilitated or hindered security forces from supporting health systems? We found international security forces impacted health system governance, information systems and indigenous health delivery organizations. Positive impacts included bolstering the authority, transparency and capability of health system leadership. Negative impacts included undermining the impartial nature of indigenous health institutions by using health projects to achieve security objectives. Interactions between security and health actors were primarily ad hoc, often to the detriment of health system support efforts. When international security forces were engaged in health system support activities, the most helpful communication and consultative mechanisms to manage their involvement were ones that could address a wide array of problems, were nimble enough to accommodate rapidly changing circumstances, leveraged the power of personal relationships, and were able to address the tensions that arose between security and health system supporting strategies. Policy barriers to international security organizations participating in health system support included lack of mandate, conflicts between security strategies and health system preservation, and lack of interoperability between security and indigenous health organizations with respect to logistics and sharing information. The cases demonstrate both the opportunities and risks of international security organizations involvement in health sector protection, recovery and reconstruction. We discuss two potential approaches to engaging these organizations in health system support that may increase the chances of realizing these opportunities while mitigating risks.

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2013 CFR

2013-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2013-01-01 2013-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2014 CFR

2014-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2014-01-01 2014-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

Building a Secure Library System.

ERIC Educational Resources Information Center

Benson, Allen C.

1998-01-01

Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

33 CFR 106.265 - Security measures for restricted areas.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Telecommunications; (iii) Power distribution system; (iv) Access points for ventilation and air-conditioning systems... security areas within the OCS facility; (6) Protect security and surveillance equipment and systems; and (7... security and surveillance equipment and systems and their controls, and lighting system controls; and (3...

77 FR 32111 - Privacy Act System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-31

... or fraud, or harm to the security or integrity of this system or other systems or programs (whether... to comment. FCC/MB-2 System Name: Broadcast Station Public Inspection Files. Security Classification: The FCC's Security Operations Center (SOC) has not assigned a security classification to this system...

75 FR 8096 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-023...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-23

... Prevention Program System of Records AGENCY: Privacy Office, DHS. ACTION: Notice of Privacy Act system of... to establish a new system of records titled, ``Department of Homeland Security/Transportation Security Administration--023 Workplace Violence Prevention Program System of Records.'' This system will...

An enhanced security solution for electronic medical records based on AES hybrid technique with SOAP/XML and SHA-1.

PubMed

Kiah, M L Mat; Nabi, Mohamed S; Zaidan, B B; Zaidan, A A

2013-10-01

This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.

78 FR 56263 - HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc., SLM Holdings, Inc., Spring Creek Healthcare Systems... securities of Security Intelligence Technologies, Inc. because it has not filed any periodic reports since...

Development of a medical information system that minimizes staff workload and secures system safety at a small medical institution

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Koyama, Tadashi

2005-04-01

We developed a secure system that minimizes staff workload and secures safety of a medical information system. In this study, we assess the legal security requirements and risks occurring from the use of digitized data. We then analyze the security measures for ways of reducing these risks. In the analysis, not only safety, but also costs of security measures and ease of operability are taken into consideration. Finally, we assess the effectiveness of security measures by employing our system in small-sized medical institution. As a result of the current study, we developed and implemented several security measures, such as authentications, cryptography, data back-up, and secure sockets layer protocol (SSL) in our system. In conclusion, the cost for the introduction and maintenance of a system is one of the primary difficulties with its employment by a small-sized institution. However, with recent reductions in the price of computers, and certain advantages of small-sized medical institutions, the development of an efficient system configuration has become possible.

49 CFR 659.25 - Annual review of system safety program plan and system security plan.

Code of Federal Regulations, 2010 CFR

2010-10-01

... system security plan. 659.25 Section 659.25 Transportation Other Regulations Relating to Transportation... and system security plan. (a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan and system security plan. (b) In the event the rail...

45 CFR 95.621 - ADP reviews.

Code of Federal Regulations, 2011 CFR

2011-10-01

... use; (C) Software and data security; (D) Telecommunications security; (E) Personnel security; (F... Federal review. (f) ADP System Security Requirements and Review Process—(1) ADP System Security Requirement. State agencies are responsible for the security of all ADP projects under development, and...

Versatile and Programmable DNA Logic Gates on Universal and Label-Free Homogeneous Electrochemical Platform.

PubMed

Ge, Lei; Wang, Wenxiao; Sun, Ximei; Hou, Ting; Li, Feng

2016-10-04

Herein, a novel universal and label-free homogeneous electrochemical platform is demonstrated, on which a complete set of DNA-based two-input Boolean logic gates (OR, NAND, AND, NOR, INHIBIT, IMPLICATION, XOR, and XNOR) is constructed by simply and rationally deploying the designed DNA polymerization/nicking machines without complicated sequence modulation. Single-stranded DNA is employed as the proof-of-concept target/input to initiate or prevent the DNA polymerization/nicking cyclic reactions on these DNA machines to synthesize numerous intact G-quadruplex sequences or binary G-quadruplex subunits as the output. The generated output strands then self-assemble into G-quadruplexes that render remarkable decrease to the diffusion current response of methylene blue and, thus, provide the amplified homogeneous electrochemical readout signal not only for the logic gate operations but also for the ultrasensitive detection of the target/input. This system represents the first example of homogeneous electrochemical logic operation. Importantly, the proposed homogeneous electrochemical logic gates possess the input/output homogeneity and share a constant output threshold value. Moreover, the modular design of DNA polymerization/nicking machines enables the adaptation of these homogeneous electrochemical logic gates to various input and output sequences. The results of this study demonstrate the versatility and universality of the label-free homogeneous electrochemical platform in the design of biomolecular logic gates and provide a potential platform for the further development of large-scale DNA-based biocomputing circuits and advanced biosensors for multiple molecular targets.

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

ERIC Educational Resources Information Center

Okolo, Nkiru Benjamin

2016-01-01

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

48 CFR 2301.101 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 2301.101 Federal Acquisition Regulations System SOCIAL SECURITY ADMINISTRATION GENERAL SOCIAL SECURITY ACQUISITION REGULATION SYSTEM Purpose, Authority, Issuance 2301.101 Purpose. (a) The Social Security... Social Security Administration (SSA) which conform to the Federal Acquisition Regulation (FAR) System. (b...

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held December 9, 2010...

75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held March 10, 2011, from...

76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-21

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held February 8, 2011...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2011 CFR

2011-10-01

... 47 Telecommunication 5 2011-10-01 2011-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2014 CFR

2014-10-01

... 47 Telecommunication 5 2014-10-01 2014-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2012 CFR

2012-10-01

... 47 Telecommunication 5 2012-10-01 2012-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2013 CFR

2013-10-01

... 47 Telecommunication 5 2013-10-01 2013-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-01

... to Facility Vulnerability Assessments and the Integration of Security Systems AGENCY: Coast Guard...-sharing measures. Security System Integration Alternatives Require each MTSA-regulated facility owner or... other forms of security system integration. Information Requested 1. We request comments on the...

20 CFR 404.1901 - Introduction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... social security system of the United States and the social security system of a foreign country. An... be based on a combination of a person's periods of coverage under the social security system of the United States and the social security system of the foreign country. An agreement also provides for the...

45 CFR 307.13 - Security and confidentiality for computerized support enforcement systems in operation after...

Code of Federal Regulations, 2010 CFR

2010-10-01

... ENFORCEMENT SYSTEMS § 307.13 Security and confidentiality for computerized support enforcement systems in... systems in operation after October 1, 1997. (a) Information integrity and security. Have safeguards... 45 Public Welfare 2 2010-10-01 2010-10-01 false Security and confidentiality for computerized...

49 CFR 659.21 - System security plan: general requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: general requirements. 659.21... State Oversight Agency § 659.21 System security plan: general requirements. (a) The oversight agency shall require the rail transit agency to implement a system security plan that, at a minimum, complies...

Multimedia Security System for Security and Medical Applications

ERIC Educational Resources Information Center

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-06

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held November 2, 2010...

76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems DATES: The meeting will be held April 13, 2011, from...

The systems approach to airport security: The FAA (Federal Aviation Administration)/BWI (Baltimore-Washington International) Airport demonstration project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Caskey, D.L.; Olascoaga, M.T.

1990-01-01

Sandia National Laboratories has been involved in designing, installing and evaluating security systems for various applications during the past 15 years. A systems approach to security that evolved from this experience was applied to aviation security for the Federal Aviation Administration. A general systems study of aviation security in the United States was concluded in 1987. One result of the study was a recommendation that an enhanced security system concept designed to meet specified objectives be demonstrated at an operational airport. Baltimore-Washington International Airport was selected as the site for the demonstration project which began in 1988 and will bemore » completed in 1992. This article introduced the systems approach to airport security and discussed its application at Baltimore-Washington International Airport. Examples of design features that could be included in an enhanced security concept also were presented, including details of the proposed Ramps Area Intrusion Detection System (RAIDS).« less

Research and realization of info-net security controlling system

NASA Astrophysics Data System (ADS)

Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-03-01

The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

Privacy vs usability: a qualitative exploration of patients' experiences with secure Internet communication with their general practitioner.

PubMed

Tjora, Aksel; Tran, Trung; Faxvaag, Arild

2005-05-31

Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces.

Privacy vs Usability: A Qualitative Exploration of Patients' Experiences With Secure Internet Communication With Their General Practitioner

PubMed Central

Tran, Trung; Faxvaag, Arild

2005-01-01

Background Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. Objectives The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Methods Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Results Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Conclusions Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces. PMID:15998606

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

22 CFR 308.10 - Security of records systems-manual and automated.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 22 Foreign Relations 2 2010-04-01 2010-04-01 true Security of records systems-manual and automated... Security of records systems—manual and automated. The head of the agency has the responsibility of... destruction of manual and automatic record systems. These security safeguards shall apply to all systems in...

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Security of systems of records. 792.67 Section... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792.67 Security of systems of records. (a) Each system manager, with the approval of the head of that...

Securing the Global Airspace System Via Identity-Based Security

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

Information Systems Security Management: A Review and a Classification of the ISO Standards

NASA Astrophysics Data System (ADS)

Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

75 FR 49943 - New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-16

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY: Transportation... INFORMATION CONTACT: Joanna Johnson, Office of Information Technology, TSA-11, Transportation Security...

System and method for secure group transactions

DOEpatents

Goldsmith, Steven Y [Rochester, MN

2006-04-25

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

Contextualizing Secure Information System Design: A Socio-Technical Approach

ERIC Educational Resources Information Center

Charif, Abdul Rahim

2017-01-01

Secure Information Systems (SIS) design paradigms have evolved in generations to adapt to IS security needs. However, modern IS are still vulnerable and are far from secure. The development of an underlying IS cannot be reduced to "technological fixes" neither is the design of SIS. Technical security cannot ensure IS security.…

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities.

PubMed

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min; Yoo, Sooyoung

2012-06-01

The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another.

Secure electronic commerce communication system based on CA

NASA Astrophysics Data System (ADS)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

Evaluation on Electronic Securities Settlements Systems by AHP Methods

NASA Astrophysics Data System (ADS)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Design and implementation of a secure workflow system based on PKI/PMI

NASA Astrophysics Data System (ADS)

Yan, Kai; Jiang, Chao-hui

2013-03-01

As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

Development of quantitative security optimization approach for the picture archives and carrying system between a clinic and a rehabilitation center

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Kajima, Toshio; Koyama, Tadashi; Muranaka, Hiroyuki; Dojo, Hirofumi; Aratani, Yasuhiko

2002-05-01

The target of our study is to analyze the level of necessary security requirements, to search for suitable security measures and to optimize security distribution to every portion of the medical practice. Quantitative expression must be introduced to our study, if possible, to enable simplified follow-up security procedures and easy evaluation of security outcomes or results. Using fault tree analysis (FTA), system analysis showed that system elements subdivided into groups by details result in a much more accurate analysis. Such subdivided composition factors greatly depend on behavior of staff, interactive terminal devices, kinds of services provided, and network routes. Security measures were then implemented based on the analysis results. In conclusion, we identified the methods needed to determine the required level of security and proposed security measures for each medical information system, and the basic events and combinations of events that comprise the threat composition factors. Methods for identifying suitable security measures were found and implemented. Risk factors for each basic event, a number of elements for each composition factor, and potential security measures were found. Methods to optimize the security measures for each medical information system were proposed, developing the most efficient distribution of risk factors for basic events.

ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

DOT National Transportation Integrated Search

2013-07-29

The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

Securing a Lock on Safety.

ERIC Educational Resources Information Center

Daneman, Kathy

1998-01-01

Describes the integration of security systems to provide enhanced security that is both effective and long lasting. Examines combining card-access systems with camera surveillance, and highly visible emergency phones and security officers. as one of many possible combinations. Some systems most capable of being integrated are listed. (GR)

The electronic security partnership of safety/security and information systems departments.

PubMed

Yow, J Art

2012-01-01

The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

DTIC Science & Technology

2007-09-01

the Systems Security Engineering Capability Maturity Model (SSE- CMM / ISO 21827) and its use in system software developments ...software development life cycle ( SDLC )? 6. In what ways should process improvement support security in the SDLC ? 1.2 10BPANEL RESOURCES For each... project management, and support practices through the use of the capability maturity models including the CMMI and the Systems Security

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

Petri net modeling of encrypted information flow in federated cloud

NASA Astrophysics Data System (ADS)

Khushk, Abdul Rauf; Li, Xiaozhong

2017-08-01

Solutions proposed and developed for the cost-effective cloud systems suffer from a combination of secure private clouds and less secure public clouds. Need to locate applications within different clouds poses a security risk to the information flow of the entire system. This study addresses this by assigning security levels of a given lattice to the entities of a federated cloud system. A dynamic flow sensitive security model featuring Bell-LaPadula procedures is explored that tracks and authenticates the secure information flow in federated clouds. Additionally, a Petri net model is considered as a case study to represent the proposed system and further validate the performance of the said system.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Information Systems, Security, and Privacy.

ERIC Educational Resources Information Center

Ware, Willis H.

1984-01-01

Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

Wide Area Security Region Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Makarov, Yuri V.; Lu, Shuai; Guo, Xinxin

2010-03-31

This report develops innovative and efficient methodologies and practical procedures to determine the wide-area security region of a power system, which take into consideration all types of system constraints including thermal, voltage, voltage stability, transient and potentially oscillatory stability limits in the system. The approach expands the idea of transmission system nomograms to a multidimensional case, involving multiple system limits and parameters such as transmission path constraints, zonal generation or load, etc., considered concurrently. The security region boundary is represented using its piecewise approximation with the help of linear inequalities (so called hyperplanes) in a multi-dimensional space, consisting of systemmore » parameters that are critical for security analyses. The goal of this approximation is to find a minimum set of hyperplanes that describe the boundary with a given accuracy. Methodologies are also developed to use the security hyperplanes, pre-calculated offline, to determine system security margins in real-time system operations, to identify weak elements in the system, and to calculate key contributing factors and sensitivities to determine the best system controls in real time and to assist in developing remedial actions and transmission system enhancements offline . A prototype program that automates the simulation procedures used to build the set of security hyperplanes has also been developed. The program makes it convenient to update the set of security hyperplanes necessitated by changes in system configurations. A prototype operational tool that uses the security hyperplanes to assess security margins and to calculate optimal control directions in real time has been built to demonstrate the project success. Numerical simulations have been conducted using the full-size Western Electricity Coordinating Council (WECC) system model, and they clearly demonstrated the feasibility and the effectiveness of the developed technology. Recommendations for the future work have also been formulated.« less

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-23

... risk of harm to economic or property interests, identity theft or fraud, or harm to the security or... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2009-0041] Privacy Act of 1974; Department of Homeland Security/ALL--023 Personnel Security Management System of Records AGENCY...

Building Security. Honeywell Planning Guide.

ERIC Educational Resources Information Center

Honeywell, Inc., Minneapolis, Minn.

A general discussion of building detection and alarm systems to provide security against burglary and vandalism is provided by a manufacturer of automated monitoring and control systems. Security systems are identified as--(1) local alarm system, (2) central station alarm system, (3) proprietary alarm system, and (4) direct connect alarm system..…

Using SysML to model complex systems for security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cano, Lester Arturo

2010-08-01

As security systems integrate more Information Technology the design of these systems has tended to become more complex. Some of the most difficult issues in designing Complex Security Systems (CSS) are: Capturing Requirements: Defining Hardware Interfaces: Defining Software Interfaces: Integrating Technologies: Radio Systems: Voice Over IP Systems: Situational Awareness Systems.

Perimeter security alarm system based on fiber Bragg grating

NASA Astrophysics Data System (ADS)

Zhang, Cui; Wang, Lixin

2010-11-01

With the development of the society and economy and the improvement of living standards, people need more and more pressing security. Perimeter security alarm system is widely regarded as the first line of defense. A highly sensitive Fiber Bragg grating (FBG) vibration sensor based on the theory of the string vibration, combined with neural network adaptive dynamic programming algorithm for the perimeter security alarm system make the detection intelligently. Intelligent information processing unit identify the true cause of the vibration of the invasion or the natural environment by analyzing the frequency of vibration signals, energy, amplitude and duration. Compared with traditional perimeter security alarm systems, such as infrared perimeter security system and electric fence system, FBG perimeter security alarm system takes outdoor passive structures, free of electromagnetic interference, transmission distance through optical fiber can be as long as 20 km It is able to detect the location of event within short period of time (high-speed response, less than 3 second).This system can locate the fiber cable's breaking sites and alarm automatically if the cable were be cut. And the system can prevent effectively the false alarm from small animals, birds, strong wind, scattering things, snowfalls and vibration of sensor line itself. It can also be integrated into other security systems. This system can be widely used in variety fields such as military bases, nuclear sites, airports, warehouses, prisons, residence community etc. It will be a new force of perimeter security technology.

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will...

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

Developing an Undergraduate Information Systems Security Track

ERIC Educational Resources Information Center

Sharma, Aditya; Murphy, Marianne C.; Rosso, Mark A.; Grant, Donna

2013-01-01

Information Systems Security as a specialized area of study has mostly been taught at the graduate level. This paper highlights the efforts of establishing an Information Systems (IS) Security track at the undergraduate level. As there were many unanswered questions and concerns regarding the Security curriculum, focus areas, the benefit of…

Designing a Retirement System for Federal Workers Covered by Social Security.

ERIC Educational Resources Information Center

Library of Congress, Washington, DC. Congressional Research Service.

A study examined principal cost and benefit issues to be resolved in designing a new retirement system for Federal workers covered by Social Security. The new Federal system would be built on the base of Social Security and would take into account the Social Security program's taxes and benefits. The current Civil Service Retirement System (CSRS)…

A Complex Systems Approach to More Resilient Multi-Layered Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Nathanael J. K.; Jones, Katherine A.; Bandlow, Alisa

In July 2012, protestors cut through security fences and gained access to the Y-12 National Security Complex. This was believed to be a highly reliable, multi-layered security system. This report documents the results of a Laboratory Directed Research and Development (LDRD) project that created a consistent, robust mathematical framework using complex systems analysis algorithms and techniques to better understand the emergent behavior, vulnerabilities and resiliency of multi-layered security systems subject to budget constraints and competing security priorities. Because there are several dimensions to security system performance and a range of attacks that might occur, the framework is multi-objective for amore » performance frontier to be estimated. This research explicitly uses probability of intruder interruption given detection (P I) as the primary resilience metric. We demonstrate the utility of this framework with both notional as well as real-world examples of Physical Protection Systems (PPSs) and validate using a well-established force-on-force simulation tool, Umbra.« less

Methodology development for quantitative optimization of security enhancement in medical information systems -Case study in a PACS and a multi-institutional radiotherapy database-.

PubMed

Haneda, Kiyofumi; Umeda, Tokuo; Koyama, Tadashi; Harauchi, Hajime; Inamura, Kiyonari

2002-01-01

The target of our study is to establish the methodology for analyzing level of security requirements, for searching suitable security measures and for optimizing security distribution to every portion of medical practice. Quantitative expression must be introduced to our study as possible for the purpose of easy follow up of security procedures and easy evaluation of security outcomes or results. Results of system analysis by fault tree analysis (FTA) clarified that subdivided system elements in detail contribute to much more accurate analysis. Such subdivided composition factors very much depended on behavior of staff, interactive terminal devices, kinds of service, and routes of network. As conclusion, we found the methods to analyze levels of security requirements for each medical information systems employing FTA, basic events for each composition factor and combination of basic events. Methods for searching suitable security measures were found. Namely risk factors for each basic event, number of elements for each composition factor and candidates of security measure elements were found. Method to optimize the security measures for each medical information system was proposed. Namely optimum distribution of risk factors in terms of basic events were figured out, and comparison of them between each medical information systems became possible.

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

PubMed Central

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

2012-01-01

Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

MELODI: Mining Enriched Literature Objects to Derive Intermediates

PubMed Central

Elsworth, Benjamin; Dawe, Karen; Vincent, Emma E; Langdon, Ryan; Lynch, Brigid M; Martin, Richard M; Relton, Caroline; Higgins, Julian P T; Gaunt, Tom R

2018-01-01

Abstract Background The scientific literature contains a wealth of information from different fields on potential disease mechanisms. However, identifying and prioritizing mechanisms for further analytical evaluation presents enormous challenges in terms of the quantity and diversity of published research. The application of data mining approaches to the literature offers the potential to identify and prioritize mechanisms for more focused and detailed analysis. Methods Here we present MELODI, a literature mining platform that can identify mechanistic pathways between any two biomedical concepts. Results Two case studies demonstrate the potential uses of MELODI and how it can generate hypotheses for further investigation. First, an analysis of ETS-related gene ERG and prostate cancer derives the intermediate transcription factor SP1, recently confirmed to be physically interacting with ERG. Second, examining the relationship between a new potential risk factor for pancreatic cancer identifies possible mechanistic insights which can be studied in vitro. Conclusions We have demonstrated the possible applications of MELODI, including two case studies. MELODI has been implemented as a Python/Django web application, and is freely available to use at [www.melodi.biocompute.org.uk]. PMID:29342271

VizPrimer: a web server for visualized PCR primer design based on known gene structure.

PubMed

Zhou, Yang; Qu, Wubin; Lu, Yiming; Zhang, Yanchun; Wang, Xiaolei; Zhao, Dongsheng; Yang, Yi; Zhang, Chenggang

2011-12-15

The visualization of gene structure plays an important role in polymerase chain reaction (PCR) primer design, especially for eukaryotic genes with a number of splice variants that users need to distinguish between via PCR. Here, we describe a visualized web server for primer design named VizPrimer. It utilizes the new information technology (IT) tools, HTML5 to display gene structure and JavaScript to interact with the users. In VizPrimer, the users can focus their attention on the gene structure and primer design strategy, without wasting time calculating the exon positions of splice variants or manually configuring complicated parameters. In addition, VizPrimer is also suitable for the design of PCR primers for amplifying open reading frames and detecting single nucleotide polymorphisms (SNPs). VizPrimer is freely available at http://biocompute.bmi.ac.cn/CZlab/VizPrimer/. The web server supported browsers: Chrome (≥5.0), Firefox (≥3.0), Safari (≥4.0) and Opera (≥10.0). zhangcg@bmi.ac.cn; yangyi528@vip.sina.com.

Transforming exoelectrogens for biotechnology using synthetic biology.

PubMed

TerAvest, Michaela A; Ajo-Franklin, Caroline M

2016-04-01

Extracellular electron transfer pathways allow certain bacteria to transfer energy between intracellular chemical energy stores and extracellular solids through redox reactions. Microorganisms containing these pathways, exoelectrogens, are a critical part of microbial electrochemical technologies that aim to impact applications in bioenergy, biosensing, and biocomputing. However, there are not yet any examples of economically viable microbial electrochemical technologies due to the limitations of naturally occurring exoelectrogens. Here we first briefly summarize recent discoveries in understanding extracellular electron transfer pathways, then review in-depth the creation of customized and novel exoelectrogens for biotechnological applications. We analyze engineering efforts to increase current production in native exoelectrogens, which reveals that modulating certain processes within extracellular electron transfer are more effective than others. We also review efforts to create new exoelectrogens and highlight common challenges in this work. Lastly, we summarize work utilizing engineered exoelectrogens for biotechnological applications and the key obstacles to their future development. Fueled by the development of genetic tools, these approaches will continue to expand and genetically modified organisms will continue to improve the outlook for microbial electrochemical technologies. © 2015 Wiley Periodicals, Inc.

Analyzing the security of an existing computer system

NASA Technical Reports Server (NTRS)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

ERIC Educational Resources Information Center

Edwards, Gregory

2011-01-01

Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

10 CFR 95.49 - Security of automatic data processing (ADP) systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of...

48 CFR 3052.204-70 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Security requirements for... System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 3052.204-70 Security requirements...

48 CFR 3052.204-70 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 7 2013-10-01 2012-10-01 true Security requirements for... System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 3052.204-70 Security requirements...

Application of the Quality Functional Deployment Method in Mobility Aid Securement System Design

DOT National Transportation Integrated Search

1992-12-01

The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

5 CFR 9701.231 - Conversion of positions and employees to the DHS classification system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Transitional...

Technical solutions for mitigating security threats caused by health professionals in clinical settings.

PubMed

Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

2015-08-01

The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

77 FR 70792 - Privacy Act of 1974; Retirement of Department of Homeland Security Transportation Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-27

... from its inventory of record systems. TSA will rely upon DHS/ALL-017 General Legal Records (November 23, 2011, 76 FR 72428) to cover its legal activities. Eliminating the system of records notice DHS/TSA-009... Department of Homeland Security Transportation Security Administration System of Records AGENCY: Privacy...

78 FR 25282 - Privacy Act of 1974; Department of Homeland Security Federal Emergency Management Agency-008...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-30

... Assistance Files System of Records AGENCY: Privacy Office, Department of Homeland Security. ACTION: Notice of Privacy Act System of Records. SUMMARY: In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to update and reissue a current Department of Homeland Security system of...

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... data and automated systems shall be adequately trained in the security and privacy of personal data. (4... technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of manual and...

45 CFR 2508.10 - Who has the responsibility for maintaining adequate technical, physical, and security safeguards...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... the security and privacy of such records. (7) The disposal and destruction of records within a system... adequate technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 4 2014-01-01 2014-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

Security Techniques for Sensor Systems and the Internet of Things

ERIC Educational Resources Information Center

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

Computer applications for the hospital security department--buying or developing a shift log reporting system.

PubMed

Gruber, T

1996-01-01

The author presents guidelines to help a security department select a computer system to track security activities--whether it's a commercial software product, an in-house developed program, or a do-it-yourself designed system. Computerized security activity reporting, he believes, is effective and beneficial.

Network security system for health and medical information using smart IC card

NASA Astrophysics Data System (ADS)

Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

1998-07-01

A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

Information security system quality assessment through the intelligent tools

NASA Astrophysics Data System (ADS)

Trapeznikov, E. V.

2018-04-01

The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

33 CFR 105.250 - Security systems and equipment maintenance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... systems must be regularly tested in accordance with the manufacturers' recommendations; noted deficiencies... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and...

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

Evaluation of power system security and development of transmission pricing method

NASA Astrophysics Data System (ADS)

Kim, Hyungchul

The electric power utility industry is presently undergoing a change towards the deregulated environment. This has resulted in unbundling of generation, transmission and distribution services. The introduction of competition into unbundled electricity services may lead system operation closer to its security boundaries resulting in smaller operating safety margins. The competitive environment is expected to lead to lower price rates for customers and higher efficiency for power suppliers in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing. In power system security assessment, the following issues are discussed (1) The description of probabilistic methods for power system security assessment; (2) The computation time of simulation methods; (3) on-line security assessment for operation. A probabilistic method using Monte-Carlo simulation is proposed for power system security assessment. This method takes into account dynamic and static effects corresponding to contingencies. Two different Kohonen networks, Self-Organizing Maps and Learning Vector Quantization, are employed to speed up the probabilistic method. The combination of Kohonen networks and Monte-Carlo simulation can reduce computation time in comparison with straight Monte-Carlo simulation. A technique for security assessment employing Bayes classifier is also proposed. This method can be useful for system operators to make security decisions during on-line power system operation. This dissertation also suggests an approach for allocating transmission transaction costs based on reliability benefits in transmission services. The proposed method shows the transmission transaction cost of reliability benefits when transmission line capacities are considered. The ratio between allocation by transmission line capacity-use and allocation by reliability benefits is computed using the probability of system failure.

Using RFID to enhance security in off-site data storage.

PubMed

Lopez-Carmona, Miguel A; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system's benefits in terms of efficiency and failure prevention.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2011 CFR

2011-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

Development of an Independent Locking Securement System for Mobility Aids on Public Transportation Vehicles

DOT National Transportation Integrated Search

1992-12-01

The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

Implementation and evaluation of an efficient secure computation system using ‘R’ for healthcare statistics

PubMed Central

Chida, Koji; Morohashi, Gembu; Fuji, Hitoshi; Magata, Fumihiko; Fujimura, Akiko; Hamada, Koki; Ikarashi, Dai; Yamamoto, Ryuichi

2014-01-01

Background and objective While the secondary use of medical data has gained attention, its adoption has been constrained due to protection of patient privacy. Making medical data secure by de-identification can be problematic, especially when the data concerns rare diseases. We require rigorous security management measures. Materials and methods Using secure computation, an approach from cryptography, our system can compute various statistics over encrypted medical records without decrypting them. An issue of secure computation is that the amount of processing time required is immense. We implemented a system that securely computes healthcare statistics from the statistical computing software ‘R’ by effectively combining secret-sharing-based secure computation with original computation. Results Testing confirmed that our system could correctly complete computation of average and unbiased variance of approximately 50 000 records of dummy insurance claim data in a little over a second. Computation including conditional expressions and/or comparison of values, for example, t test and median, could also be correctly completed in several tens of seconds to a few minutes. Discussion If medical records are simply encrypted, the risk of leaks exists because decryption is usually required during statistical analysis. Our system possesses high-level security because medical records remain in encrypted state even during statistical analysis. Also, our system can securely compute some basic statistics with conditional expressions using ‘R’ that works interactively while secure computation protocols generally require a significant amount of processing time. Conclusions We propose a secure statistical analysis system using ‘R’ for medical data that effectively integrates secret-sharing-based secure computation and original computation. PMID:24763677

Implementation and evaluation of an efficient secure computation system using 'R' for healthcare statistics.

PubMed

Chida, Koji; Morohashi, Gembu; Fuji, Hitoshi; Magata, Fumihiko; Fujimura, Akiko; Hamada, Koki; Ikarashi, Dai; Yamamoto, Ryuichi

2014-10-01

While the secondary use of medical data has gained attention, its adoption has been constrained due to protection of patient privacy. Making medical data secure by de-identification can be problematic, especially when the data concerns rare diseases. We require rigorous security management measures. Using secure computation, an approach from cryptography, our system can compute various statistics over encrypted medical records without decrypting them. An issue of secure computation is that the amount of processing time required is immense. We implemented a system that securely computes healthcare statistics from the statistical computing software 'R' by effectively combining secret-sharing-based secure computation with original computation. Testing confirmed that our system could correctly complete computation of average and unbiased variance of approximately 50,000 records of dummy insurance claim data in a little over a second. Computation including conditional expressions and/or comparison of values, for example, t test and median, could also be correctly completed in several tens of seconds to a few minutes. If medical records are simply encrypted, the risk of leaks exists because decryption is usually required during statistical analysis. Our system possesses high-level security because medical records remain in encrypted state even during statistical analysis. Also, our system can securely compute some basic statistics with conditional expressions using 'R' that works interactively while secure computation protocols generally require a significant amount of processing time. We propose a secure statistical analysis system using 'R' for medical data that effectively integrates secret-sharing-based secure computation and original computation. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://group.bmj.com/group/rights-licensing/permissions.

5 CFR 9701.101 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... establishment of a new human resources management system within the Department of Homeland Security (DHS), as...

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

PubMed Central

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-01

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

Situated Usability Testing for Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.

2011-03-02

While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused onmore » matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.« less

Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

PubMed

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-06

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

Implementing a High-Assurance Smart-Card OS

NASA Astrophysics Data System (ADS)

Karger, Paul A.; Toll, David C.; Palmer, Elaine R.; McIntosh, Suzanne K.; Weber, Samuel; Edwards, Jonathan W.

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

Finite-Time Performance of Local Search Algorithms: Theory and Application

DTIC Science & Technology

2010-06-10

security devices deployed at airport security checkpoints are used to detect prohibited items (e.g., guns, knives, explosives). Each security device...security devices are deployed, the practical issue of determining how to optimally use them can be difficult. For an airport security system design...checked baggage), explosive detection systems (designed to detect explosives in checked baggage), and detailed hand search by an airport security official

Information security requirements in patient-centred healthcare support systems.

PubMed

Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

2013-01-01

Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

Cyber security with radio frequency interferences mitigation study for satellite systems

NASA Astrophysics Data System (ADS)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

PubMed

Ghanti, Shaila; Naik, G M

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

PubMed Central

Ghanti, Shaila

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

NASA Electronic Library System (NELS): The system impact of security

NASA Technical Reports Server (NTRS)

Mcgregor, Terry L.

1993-01-01

This paper discusses security issues as they relate to the NASA Electronic Library System which is currently in use as the repository system for AdaNET System Version 3 (ASV3) being operated by MountainNET, Inc. NELS was originally designed to provide for public, development, and secure collections and objects. The secure feature for collections and objects was deferred in the initial system for implementation at a later date. The NELS system is now 9 months old and many lessons have been learned about the use and maintenance of library systems. MountainNET has 9 months of experience in operating the system and gathering feedback from the ASV3 user community. The user community has expressed an interest in seeing security features implemented in the current system. The time has come to take another look at the whole issue of security for the NELS system. Two requirements involving security have been put forth by MountainNET for the ASV3 system. The first is to incorporate at the collection level a security scheme to allow restricted access to collections. This should be invisible to end users and be controlled by librarians. The second is to allow inclusion of applications which can be executed only by a controlled group of users; for example, an application which can be executed by librarians only. The requirements provide a broad framework in which to work. These requirements raise more questions than answers. To explore the impact of these requirements a top down approach will be used.

Merging leadership and innovation to secure a large health system.

PubMed

Bellino, Joseph V; Shaw, Sharon

2014-01-01

In this article the security system executive for a 13-hospital system spells out how partnering with capable and motivated vendors and gaining the cooperation of other departments enabled him to convert disparate security systems with equipment from multiple manufacturers into a cost-effective centralized system.

77 FR 60401 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-03

... computer password protection.'' * * * * * System manager(s) and address: Delete entry and replace with...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to amend a system of records. SUMMARY: The National Security Agency (NSA) is proposing to amend a system of...

Green Secure Processors: Towards Power-Efficient Secure Processor Design

NASA Astrophysics Data System (ADS)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, Hsien-Hsin S

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniquesmore » and system software for achieving a robust, secure, and reliable computing system toward our goal.« less

Security credentials management system (SCMS) design and analysis for the connected vehicle system : draft.

DOT National Transportation Integrated Search

2013-12-27

This report presents an analysis by Booz Allen Hamilton (Booz Allen) of the technical design for the Security Credentials Management System (SCMS) intended to support communications security for the connected vehicle system. The SCMS technical design...

Security warning system monitors up to fifteen remote areas simultaneously

NASA Technical Reports Server (NTRS)

Fusco, R. C.

1966-01-01

Security warning system consisting of 15 television cameras is capable of monitoring several remote or unoccupied areas simultaneously. The system uses a commutator and decommutator, allowing time-multiplexed video transmission. This security system could be used in industrial and retail establishments.

5 CFR 9701.373 - Conversion of employees to the DHS pay system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... system. 9701.373 Section 9701.373 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Transitional Provisions...

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Assessment on security system of radioactive sources used in hospitals of Thailand

NASA Astrophysics Data System (ADS)

Jitbanjong, Petchara; Wongsawaeng, Doonyapong

2016-01-01

Unsecured radioactive sources have caused deaths and serious injuries in many parts of the world. In Thailand, there are 17 hospitals that use teletherapy with cobalt-60 radioactive sources. They need to be secured in order to prevent unauthorized removal, sabotage and terrorists from using such materials in a radiological weapon. The security system of radioactive sources in Thailand is regulated by the Office of Atoms for Peace in compliance with Global Threat Reduction Initiative (GTRI), U.S. DOE, which has started to be implemented since 2010. This study aims to perform an assessment on the security system of radioactive sources used in hospitals in Thailand and the results can be used as a recommended baseline data for development or improvement of hospitals on the security system of a radioactive source at a national regulatory level and policy level. Results from questionnaires reveal that in 11 out of 17 hospitals (64.70%), there were a few differences in conditions of hospitals using radioactive sources with installation of the security system and those without installation of the security system. Also, personals working with radioactive sources did not clearly understand the nuclear security law. Thus, government organizations should be encouraged to arrange trainings on nuclear security to increase the level of understanding. In the future, it is recommended that the responsible government organization issues a minimum requirement of nuclear security for every medical facility using radioactive sources.

Water security evaluation in Yellow River basin

NASA Astrophysics Data System (ADS)

Jiang, Guiqin; He, Liyuan; Jing, Juan

2018-03-01

Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

31 CFR 357.22 - Transfers.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy...-entry system, and TreasuryDirect ®. A security may also be transferred between accounts in Legacy... system. A transfer of a security from Legacy Treasury Direct to the commercial book-entry system is...

32 CFR 637.20 - Security surveillance systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 4 2010-07-01 2010-07-01 true Security surveillance systems. 637.20 Section 637... ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20 Security surveillance systems. Closed circuit video recording systems, to include those with an audio capability, may be...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 4 2014-10-01 2014-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 4 2013-10-01 2013-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 4 2012-10-01 2012-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone

NASA Astrophysics Data System (ADS)

Sihombing, P.; Siregar, Y. M.; Tarigan, J. T.; Jaya, I.; Turnip, A.

2018-03-01

Security system is one of the common problems to protect an environment such as personal house or a warehouse. There are numerous methods and technologies that can be used as part of a security system. In this paper, we present a security system that offers a better efficiency. The purpose of this study is to build a system that can monitor home security at any time in particular fire and theft. Through sensors, the system will be able to provide warning information of hazard conditions via LCD monitor, sound, and alarm. This information will be sent automatically to the home owner’s smartphone as well as to the corresponding to the security agency. Thus the prevention of theft and fire hazards can be immediately anticipated by the police and firefighters. The system will also notify the position of the coordinates of the location of the building (the house) by a link to the Google map in order to make it easier to get the location quickly.

System and method for key generation in security tokens

DOE Office of Scientific and Technical Information (OSTI.GOV)

Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

20 CFR 404.1903 - Negotiating totalization agreements.

Code of Federal Regulations, 2010 CFR

2010-04-01

... security system of general application in effect. The system shall be considered to be in effect if it is collecting social security taxes or paying social security benefits. ... Section 404.1903 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND...

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry

ERIC Educational Resources Information Center

Willey, Lorrie; White, Barbara Jo

2013-01-01

Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for…

Aviation security : vulnerabilities still exist in the aviation security system

DOT National Transportation Integrated Search

2000-04-06

The testimony today discusses the Federal Aviation Administration's (FAA) efforts to implement and improve security in two key areas: air traffic control computer systems and airport passenger screening checkpoints. Computer systems-and the informati...

76 FR 18445 - Financial Market Utilities

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-04

... IOSCO jointly issued a set of minimum standards for securities settlement systems (the ``Recommendations for Securities Settlement Systems''). In 2004, the CPSS and IOSCO jointly published recommendations...,'' and collectively with the Recommendations for Securities Settlement Systems, the ``CPSS-IOSCO...

A novel wireless local positioning system for airport (indoor) security

NASA Astrophysics Data System (ADS)

Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

2004-09-01

A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

76 FR 28795 - Privacy Act of 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-18

... 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary Database System of... Security/United States Coast Guard-024 Auxiliary Database (AUXDATA) System of Records.'' This system of... titled, ``DHS/USCG-024 Auxiliary Database (AUXDATA) System of Records.'' The AUXDATA system is the USCG's...

12 CFR 615.5560 - Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... OPERATIONS Farm Credit System Financial Assistance Corporation Securities § 615.5560 Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities. (a) The Farm Credit System Financial... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Book-entry Procedure for Farm Credit System...

75 FR 28253 - Privacy Act of 1974; Notice of new System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-20

... certified by the National Computer Security Association. RETENTION AND DISPOSAL: System records are retained... Agency suspects or has confirmed that the security or confidentiality of information in the system of... security or integrity of this system or other systems or programs (whether maintained by GSA or another...

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

2017 Joint Annual NDIA/AIA Industrial Security Committee Fall Conference

DTIC Science & Technology

2017-11-15

beyond credit data to offer the insights that government professionals need to make informed decisions and ensure citizen safety, manage compliance...business that provides information technology and professional services. We specialize in managing business processes and systems integration for both... Information Security System ISFD Industrial Security Facilities Database OBMS ODAA Business Management System STEPP Security, Training, Education and

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...

A systematic literature review on security and privacy of electronic health record systems: technical perspectives.

PubMed

Rezaeibagha, Fatemeh; Win, Khin Than; Susilo, Willy

Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.

76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-26

... Control Systems (Update to DO-230B): Agenda October 20, 2011 Welcome/Introductions/Administrative Remarks... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-16

... Control Systems (Update to DO-230B): Agenda September 15, 2011 Welcome/Introductions/Administrative... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

24 CFR 350.2 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Security) maintained in the Book-entry System, as set forth in Federal Reserve Bank Operating Circulars. (b...: Book-entry Ginnie Mae Security. A Ginnie Mae Security issued or maintained in the Book-entry System... Reserve Banks. Book-entry System. The automated book-entry system operated by the Federal Reserve Banks...

33 CFR 104.260 - Security systems and equipment maintenance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and inspected, tested, calibrated and maintained according to the manufacturer's recommendation. (b) The results...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Halbgewachs, Ronald D.; Chavez, Adrian R.

Process Control System (PCS) and Industrial Control System (ICS) security is critical to our national security. But there are a number of technological, economic, and educational impediments to PCS owners implementing effective security on their systems. Sandia National Laboratories has performed the research and development of the OPSAID (Open PCS Security Architecture for Interoperable Design), a project sponsored by the US Department of Energy Office of Electricity Delivery and Energy Reliability (DOE/OE), to address this issue. OPSAID is an open-source architecture for PCS/ICS security that provides a design basis for vendors to build add-on security devices for legacy systems, whilemore » providing a path forward for the development of inherently-secure PCS elements in the future. Using standardized hardware, a proof-of-concept prototype system was also developed. This report describes the improvements and capabilities that have been added to OPSAID since an initial report was released. Testing and validation of this architecture has been conducted in another project, Lemnos Interoperable Security Project, sponsored by DOE/OE and managed by the National Energy Technology Laboratory (NETL).« less

Blocking the chaperone kinome pathway: Mechanistic insights into a novel dual inhibition approach for supra-additive suppression of malignant tumors

DOE Office of Scientific and Technical Information (OSTI.GOV)

Grover, Abhinav; Shandilya, Ashutosh; Agrawal, Vibhuti

2011-01-07

Research highlights: {yields} Withaferin A and 17-DMAG synergistically inhibit the Hsp90-Cdc37 chaperone pair. {yields} Binding of WA to Cdc37 cleft suppresses its kinase binding activity. {yields} 17-DMAG binding to the association complex results in H-bonds with 60% clustering. {yields} The ligands' bound complex was found structurally and thermodynamically stable. -- Abstract: The chaperone Hsp90 is involved in regulating the stability and activation state of more than 200 'client' proteins and takes part in the cancer diseased states. The major clientele-protein kinases depend on Hsp90 for their proper folding and functioning. Cdc37, a kinase targeting co-chaperone of Hsp90, mediates the interactionsmore » between Hsp90 and protein kinases. Targeting of Cdc37 has the prospect of delivering predominantly kinase-selective molecular responses as compared to the current pharmacologic Hsp90 inhibitors. The present work reports a bio-computational study carried out with the aim of exploring the dual inhibition of Hsp90/Cdc37 chaperone/co-chaperone association complex by the naturally occurring drug candidates withaferin A and 17-DMAG along with their possible modes of action. Our molecular docking studies reveal that withaferin A in combination with 17-DMAG can act as potent chaperone system inhibitors. The structural and thermodynamic stability of the ligands' bound complex was also observed from molecular dynamics simulations in water. Our results suggest a novel tumor suppressive action mechanism of herbal ligands which can be looked forward for further clinical investigations for possible anticancer drug formulations.« less

Method for secure electronic voting system: face recognition based approach

NASA Astrophysics Data System (ADS)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

DOE DISS/ET pilot system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Strait, R.S.; Wagner, E.E.

1994-07-01

The US Department of Energy (DOE) Office of Safeguards and Security initiated the DOE Integrated Security System / Electronic Transfer (DISS/ET) for the purpose of reducing the time required to process security clearance requests. DISS/ET will be an integrated system using electronic commerce technologies for the collection and processing of personnel security clearance data, and its transfer between DOE local security clearance offices, DOE Operations Offices, and the Office of Personnel Management. The system will use electronic forms to collect clearance applicant data. The forms data will be combined with electronic fingerprint images and packaged in a secure encrypted electronicmore » mail envelope for transmission across the Internet. Information provided by the applicant will be authenticated using digital signatures. All processing will be done electronically.« less

Secure ADS-B authentication system and method

NASA Technical Reports Server (NTRS)

Viggiano, Marc J (Inventor); Valovage, Edward M (Inventor); Samuelson, Kenneth B (Inventor); Hall, Dana L (Inventor)

2010-01-01

A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

48 CFR 339.7101 - Policy.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7101 Policy. HHS is responsible for implementing an information security program to ensure that its information systems and... information contained in those systems. Each system's level of security shall protect the integrity...

5 CFR 9701.314 - DHS responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.314 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.314 DHS...

5 CFR 9701.405 - Performance management system requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... requirements. 9701.405 Section 9701.405 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.405 Performance...

Network systems security analysis

NASA Astrophysics Data System (ADS)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

17 CFR 242.302 - Recordkeeping requirements for alternative trading systems.

Code of Federal Regulations, 2011 CFR

2011-04-01

... alternative trading systems. 242.302 Section 242.302 Commodity and Securities Exchanges SECURITIES AND... SECURITY FUTURES Regulation Ats-Alternative Trading Systems § 242.302 Recordkeeping requirements for alternative trading systems. To comply with the condition set forth in paragraph (b)(8) of § 242.301, an...

49 CFR 659.23 - System security plan: contents.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 7 2014-10-01 2014-10-01 false System security plan: contents. 659.23 Section 659.23 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL TRANSIT ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the State Oversight Agency § 659.23 System security...

76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-01

... Control Systems (Update to DO-230B): Agenda July 15, 2011 Welcome/Introductions/Administrative Remarks... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to...

78 FR 58376 - Home System Group, Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-23

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Home System Group, Order of Suspension of Trading September 19, 2013. It appears to the Securities and Exchange Commission that there is a lack of current and accurate information concerning the securities of Home System Group because Home System Group...

13 CFR 102.33 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 13 Business Credit and Assistance 1 2010-01-01 2010-01-01 false Security of systems of records....33 Security of systems of records. (a) Each Program/Support Office Head or designee shall establish administrative and physical controls to prevent unauthorized access to its systems of records, to prevent...

76 FR 21768 - Privacy Act of 1974; Consolidation of System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-18

... inventory of record systems titled, Department of Homeland Security/Directorate of Science and Technology... the existing Department of Homeland Security system of records notice titled, Department of Homeland Security/ALL--002 Mailing and Other Lists System, November 25, 2008. DATES: Effective Date: May 18, 2011...

17 CFR 242.302 - Recordkeeping requirements for alternative trading systems.

Code of Federal Regulations, 2013 CFR

2013-04-01

... alternative trading systems. 242.302 Section 242.302 Commodity and Securities Exchanges SECURITIES AND... SECURITY FUTURES Regulation Ats-Alternative Trading Systems § 242.302 Recordkeeping requirements for alternative trading systems. To comply with the condition set forth in paragraph (b)(8) of § 242.301, an...

17 CFR 242.302 - Recordkeeping requirements for alternative trading systems.

Code of Federal Regulations, 2012 CFR

2012-04-01

... alternative trading systems. 242.302 Section 242.302 Commodity and Securities Exchanges SECURITIES AND... SECURITY FUTURES Regulation Ats-Alternative Trading Systems § 242.302 Recordkeeping requirements for alternative trading systems. To comply with the condition set forth in paragraph (b)(8) of § 242.301, an...

17 CFR 242.302 - Recordkeeping requirements for alternative trading systems.

Code of Federal Regulations, 2014 CFR

2014-04-01

... alternative trading systems. 242.302 Section 242.302 Commodity and Securities Exchanges SECURITIES AND... SECURITY FUTURES Regulation Ats-Alternative Trading Systems § 242.302 Recordkeeping requirements for alternative trading systems. To comply with the condition set forth in paragraph (b)(8) of § 242.301, an...

17 CFR 242.302 - Recordkeeping requirements for alternative trading systems.

Code of Federal Regulations, 2010 CFR

2010-04-01

... alternative trading systems. 242.302 Section 242.302 Commodity and Securities Exchanges SECURITIES AND... SECURITY FUTURES Regulation Ats-Alternative Trading Systems § 242.302 Recordkeeping requirements for alternative trading systems. To comply with the condition set forth in paragraph (b)(8) of § 242.301, an...

78 FR 77484 - Extension of Agency Information Collection Activity Under OMB Review: Pipeline System Operator...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-23

... Federal agency for pipeline security, it is important for TSA to have contact information for company... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY...

33 CFR 127.305 - Operations Manual.

Code of Federal Regulations, 2010 CFR

2010-07-01

... security personnel; (e) A description of the security systems for the marine transfer area for LNG; (f) The...) Transfer operations start-up and shutdown; (3) Security violations; and (4) The communications systems; and... Section 127.305 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED...

Aviation security : terrorist acts demonstrate urgent need to improve security at the nation's airports

DOT National Transportation Integrated Search

2001-09-20

A safe and secure civil aviation system is a critical component of the nation's overall security, physical infrastructure, and economic foundation. Billions of dollars and a myriad of programs and policies have been devoted to achieving such a system...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true IT security requirements... security requirements. These IT security requirements cover all NASA contracts in which IT plays a role in...-63, Electronic Authentication Guideline) access to NASA's computer systems, networks, or IT...

From Fault-Diagnosis and Performance Recovery of a Controlled System to Chaotic Secure Communication

NASA Astrophysics Data System (ADS)

Hsu, Wen-Teng; Tsai, Jason Sheng-Hong; Guo, Fang-Cheng; Guo, Shu-Mei; Shieh, Leang-San

Chaotic systems are often applied to encryption on secure communication, but they may not provide high-degree security. In order to improve the security of communication, chaotic systems may need to add other secure signals, but this may cause the system to diverge. In this paper, we redesign a communication scheme that could create secure communication with additional secure signals, and the proposed scheme could keep system convergence. First, we introduce the universal state-space adaptive observer-based fault diagnosis/estimator and the high-performance tracker for the sampled-data linear time-varying system with unanticipated decay factors in actuators/system states. Besides, robustness, convergence in the mean, and tracking ability are given in this paper. A residual generation scheme and a mechanism for auto-tuning switched gain is also presented, so that the introduced methodology is applicable for the fault detection and diagnosis (FDD) for actuator and state faults to yield a high tracking performance recovery. The evolutionary programming-based adaptive observer is then applied to the problem of secure communication. Whenever the tracker induces a large control input which might not conform to the input constraint of some physical systems, the proposed modified linear quadratic optimal tracker (LQT) can effectively restrict the control input within the specified constraint interval, under the acceptable tracking performance. The effectiveness of the proposed design methodology is illustrated through tracking control simulation examples.

Assessment on security system of radioactive sources used in hospitals of Thailand

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jitbanjong, Petchara, E-mail: petcharajit@gmail.com; Wongsawaeng, Doonyapong

Unsecured radioactive sources have caused deaths and serious injuries in many parts of the world. In Thailand, there are 17 hospitals that use teletherapy with cobalt-60 radioactive sources. They need to be secured in order to prevent unauthorized removal, sabotage and terrorists from using such materials in a radiological weapon. The security system of radioactive sources in Thailand is regulated by the Office of Atoms for Peace in compliance with Global Threat Reduction Initiative (GTRI), U.S. DOE, which has started to be implemented since 2010. This study aims to perform an assessment on the security system of radioactive sources usedmore » in hospitals in Thailand and the results can be used as a recommended baseline data for development or improvement of hospitals on the security system of a radioactive source at a national regulatory level and policy level. Results from questionnaires reveal that in 11 out of 17 hospitals (64.70%), there were a few differences in conditions of hospitals using radioactive sources with installation of the security system and those without installation of the security system. Also, personals working with radioactive sources did not clearly understand the nuclear security law. Thus, government organizations should be encouraged to arrange trainings on nuclear security to increase the level of understanding. In the future, it is recommended that the responsible government organization issues a minimum requirement of nuclear security for every medical facility using radioactive sources.« less

Information Security Management - Part Of The Integrated Management System

NASA Astrophysics Data System (ADS)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

Managing security risks for inter-organisational information systems: a multiagent collaborative model

NASA Astrophysics Data System (ADS)

Feng, Nan; Wu, Harris; Li, Minqiang; Wu, Desheng; Chen, Fuzan; Tian, Jin

2016-09-01

Information sharing across organisations is critical to effectively managing the security risks of inter-organisational information systems. Nevertheless, few previous studies on information systems security have focused on inter-organisational information sharing, and none have studied the sharing of inferred beliefs versus factual observations. In this article, a multiagent collaborative model (MACM) is proposed as a practical solution to assess the risk level of each allied organisation's information system and support proactive security treatment by sharing beliefs on event probabilities as well as factual observations. In MACM, for each allied organisation's information system, we design four types of agents: inspection agent, analysis agent, control agent, and communication agent. By sharing soft findings (beliefs) in addition to hard findings (factual observations) among the organisations, each organisation's analysis agent is capable of dynamically predicting its security risk level using a Bayesian network. A real-world implementation illustrates how our model can be used to manage security risks in distributed information systems and that sharing soft findings leads to lower expected loss from security risks.

Ad-Hoc Networks and the Mobile Application Security System (MASS)

DTIC Science & Technology

2006-01-01

solution to this problem that addresses critical aspects of security in ad-hoc mobile application networks. This approach involves preventing unauthorized...modification of a mobile application , both by other applications and by hosts, and ensuring that mobile code is authentic and authorized. These...capabilities constitute the Mobile Application Security System (MASS). The MASS applies effective, robust security to mobile application -based systems

Federal Security Laboratory Governance Panels: Observations and Recommendations

DTIC Science & Technology

2013-01-01

operates under a sole-source, cost-plus-fixed-fee contract administered by the U.S. Navy’s Naval Sea Systems Command. There are currently 14 UARCs, 13... system of research organizations that support science and technology for U.S. national security. Within this system , the Departments of Defense, Energy...and Homeland Security support about 80 laboratories that focus predominantly on national security matters. These laboratories have different

26 CFR 1.1081-7 - Sale of stock or securities received upon exchange by members of system group.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... Orders § 1.1081-7 Sale of stock or securities received upon exchange by members of system group. (a... which are members of the same system group consists of stock or securities issued by the corporation... 26 Internal Revenue 11 2010-04-01 2010-04-01 true Sale of stock or securities received upon...

System security in the space flight operations center

NASA Technical Reports Server (NTRS)

Wagner, David A.

1988-01-01

The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to risk assessment, security plan development, security implications of design requirements, automatic safeguards, and procedural safeguards.

20 CFR 404.1902 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-04-01

... administration of a social security system including responsibility for implementing an agreement; the Social... coordination between the social security systems of the countries party to the agreement. The term agreement... system including applicable laws and international social security agreements; the Commissioner of Social...

Using RFID to Enhance Security in Off-Site Data Storage

PubMed Central

Lopez-Carmona, Miguel A.; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R.

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system’s benefits in terms of efficiency and failure prevention. PMID:22163638

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

DOE Office of Scientific and Technical Information (OSTI.GOV)

McDonald, K; Curran, B

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusionmore » Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.« less

Approach to estimation of level of information security at enterprise based on genetic algorithm

NASA Astrophysics Data System (ADS)

V, Stepanov L.; V, Parinov A.; P, Korotkikh L.; S, Koltsov A.

2018-05-01

In the article, the way of formalization of different types of threats of information security and vulnerabilities of an information system of the enterprise and establishment is considered. In a type of complexity of ensuring information security of application of any new organized system, the concept and decisions in the sphere of information security are expedient. One of such approaches is the method of a genetic algorithm. For the enterprises of any fields of activity, the question of complex estimation of the level of security of information systems taking into account the quantitative and qualitative factors characterizing components of information security is relevant.

SPAN security policies and guidelines

NASA Technical Reports Server (NTRS)

Sisson, Patricia L.; Green, James L.

1989-01-01

A guide is provided to system security with emphasis on requirements and guidelines that are necessary to maintain an acceptable level of security on the network. To have security for the network, each node on the network must be secure. Therefore, each system manager, must strictly adhere to the requirements and must consider implementing the guidelines discussed. There are areas of vulnerability within the operating system that may not be addressed. However, when a requirement or guideline is discussed, implementation techniques are included. Information related to computer and data security is discussed to provide information on implementation options. The information is presented as it relates to a VAX computer environment.

Turning Access into a web-enabled secure information system for clinical trials.

PubMed

Dongquan Chen; Chen, Wei-Bang; Soong, Mayhue; Soong, Seng-Jaw; Orthner, Helmuth F

2009-08-01

Organizations that have limited resources need to conduct clinical studies in a cost-effective, but secure way. Clinical data residing in various individual databases need to be easily accessed and secured. Although widely available, digital certification, encryption, and secure web server, have not been implemented as widely, partly due to a lack of understanding of needs and concerns over issues such as cost and difficulty in implementation. The objective of this study was to test the possibility of centralizing various databases and to demonstrate ways of offering an alternative to a large-scale comprehensive and costly commercial product, especially for simple phase I and II trials, with reasonable convenience and security. We report a working procedure to transform and develop a standalone Access database into a secure Web-based secure information system. For data collection and reporting purposes, we centralized several individual databases; developed, and tested a web-based secure server using self-issued digital certificates. The system lacks audit trails. The cost of development and maintenance may hinder its wide application. The clinical trial databases scattered in various departments of an institution could be centralized into a web-enabled secure information system. The limitations such as the lack of a calendar and audit trail can be partially addressed with additional programming. The centralized Web system may provide an alternative to a comprehensive clinical trial management system.

Evaluation of a Cyber Security System for Hospital Network.

PubMed

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Prototype system of secure VOD

NASA Astrophysics Data System (ADS)

Minemura, Harumi; Yamaguchi, Tomohisa

1997-12-01

Secure digital contents delivery systems are to realize copyright protection and charging mechanism, and aim at secure delivery service of digital contents. Encrypted contents delivery and history (log) management are means to accomplish this purpose. Our final target is to realize a video-on-demand (VOD) system that can prevent illegal usage of video data and manage user history data to achieve a secure video delivery system on the Internet or Intranet. By now, mainly targeting client-server systems connected with enterprise LAN, we have implemented and evaluated a prototype system based on the investigation into the delivery method of encrypted video contents.

12 CFR 615.5450 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... AND OPERATIONS, AND FUNDING OPERATIONS Book-Entry Procedures for Farm Credit Securities § 615.5450... the claimant for another person to hold, transfer, or deal with the security. (b) Book-entry security means a Farm Credit security issued or maintained in the Book-entry System. (c) Book-entry System means...

17 CFR 242.301 - Requirements for alternative trading systems.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Requirements for alternative trading systems. 242.301 Section 242.301 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY...

17 CFR 242.301 - Requirements for alternative trading systems.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Requirements for alternative trading systems. 242.301 Section 242.301 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY...

17 CFR 242.301 - Requirements for alternative trading systems.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Requirements for alternative trading systems. 242.301 Section 242.301 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY...

17 CFR 242.301 - Requirements for alternative trading systems.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Requirements for alternative trading systems. 242.301 Section 242.301 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY...

Teaching RFID Information Systems Security

ERIC Educational Resources Information Center

Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

2014-01-01

The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

2015-11-01

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

Performance of an optical identification and interrogation system

NASA Astrophysics Data System (ADS)

Venugopalan, A.; Ghosh, A. K.; Verma, P.; Cheng, S.

2008-04-01

A free space optics based identification and interrogation system has been designed. The applications of the proposed system lie primarily in areas which require a secure means of mutual identification and information exchange between optical readers and tags. Conventional RFIDs raise issues regarding security threats, electromagnetic interference and health safety. The security of RF-ID chips is low due to the wide spatial spread of radio waves. Malicious nodes can read data being transmitted on the network, if they are in the receiving range. The proposed system provides an alternative which utilizes the narrow paraxial beams of lasers and an RSA-based authentication scheme. These provide enhanced security to communication between a tag and the base station or reader. The optical reader can also perform remote identification and the tag can be read from a far off distance, given line of sight. The free space optical identification and interrogation system can be used for inventory management, security systems at airports, port security, communication with high security systems, etc. to name a few. The proposed system was implemented with low-cost, off-the-shelf components and its performance in terms of throughput and bit error rate has been measured and analyzed. The range of operation with a bit-error-rate lower than 10-9 was measured to be about 4.5 m. The security of the system is based on the strengths of the RSA encryption scheme implemented using more than 1024 bits.

On determining specifications and selections of alternative technologies for airport checked-baggage security screening.

PubMed

Feng, Qianmei

2007-10-01

Federal law mandates that every checked bag at all commercial airports be screened by explosive detection systems (EDS), explosive trace detection systems (ETD), or alternative technologies. These technologies serve as critical components of airport security systems that strive to reduce security risks at both national and global levels. To improve the operational efficiency and airport security, emerging image-based technologies have been developed, such as dual-energy X-ray (DX), backscatter X-ray (BX), and multiview tomography (MVT). These technologies differ widely in purchasing cost, maintenance cost, operating cost, processing rate, and accuracy. Based on a mathematical framework that takes into account all these factors, this article investigates two critical issues for operating screening devices: setting specifications for continuous security responses by different technologies; and selecting technology or combination of technologies for efficient 100% baggage screening. For continuous security responses, specifications or thresholds are used for classifying threat items from nonthreat items. By investigating the setting of specifications on system security responses, this article assesses the risk and cost effectiveness of various technologies for both single-device and two-device systems. The findings provide the best selection of image-based technologies for both single-device and two-device systems. Our study suggests that two-device systems outperform single-device systems in terms of both cost effectiveness and accuracy. The model can be readily extended to evaluate risk and cost effectiveness of multiple-device systems for airport checked-baggage security screening.

Use of a "secure room" and a security guard in the management of the violent, aggressive or suicidal patient in a rural hospital: a 3-year audit.

PubMed

Brock, Gordon; Gurekas, Vydas; Gelinas, Anne-Fredrique; Rollin, Karina

2009-01-01

Little has been published on the management of psychiatric crises in rural areas, and little is known of the security needs or use of "secure rooms" in rural hospitals. We conducted a 3-year retrospective chart audit on the use of our secure room/security guard system at a rural hospital in a town of 3500, located 220 km from our psychiatric referral centre. Use of our secure room/security guard system occurred at the rate of 1.1 uses/1000 emergency department visits, with the most common indication being physician perception of risk of patient suicide or self-harm. Concern for staff safety was a factor in 10% of uses. Eighty percent of patients were treated locally, with most being released from the secure room after 2 days or less. Fourteen percent of patients required ultimate transfer to our psychiatric referral centre and 6% to a detoxification centre. The average annual cost of security was $16 259.61. A secure room can provide the opportunity for close observation of a potentially self-harming patient, additional security for staff and early warning if a patient flees the hospital. Most admissions were handled locally, obviating the need for transfer to distant psychiatric referral centres. Most patients who were admitted were already known as having a psychiatric illness and 80% of the patients required the use of the secure room/security guard system for less than a 2-night stay, suggesting that most rural mental health crises pass quickly. Most patients admitted to a rural hospital with a mental health crisis can be managed locally if an adequate secure room/security guard system is available.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

39 CFR 501.7 - Postage Evidencing System requirements.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Performance Criteria for Information-Based Indicia and Security Architecture for Open IBI Postage Evidencing Systems or Performance Criteria for Information-Based Indicia and Security Architecture for Closed IBI... Information-Based Indicia and Security Architecture for Open IBI Postage Evidencing Systems or Performance...

39 CFR 501.7 - Postage Evidencing System requirements.

Code of Federal Regulations, 2012 CFR

2012-07-01

... Performance Criteria for Information-Based Indicia and Security Architecture for Open IBI Postage Evidencing Systems or Performance Criteria for Information-Based Indicia and Security Architecture for Closed IBI... Information-Based Indicia and Security Architecture for Open IBI Postage Evidencing Systems or Performance...

5 CFR 9701.313 - Homeland Security Compensation Committee.

Code of Federal Regulations, 2010 CFR

2010-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.313... Undersecretary for Management. The Compensation Committee has 14 members, including 4 officials of labor...

76 FR 81359 - National Security Personnel System

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... contains regulatory documents #0;having general applicability and legal effect, most of which are keyed #0... Security Personnel System AGENCY: Department of Defense; Office of Personnel Management. ACTION: Final rule... concerning the National Security Personnel System (NSPS). Section 1113 of the National Defense Authorization...

Secure Server Login by Using Third Party and Chaotic System

NASA Astrophysics Data System (ADS)

Abdulatif, Firas A.; zuhiar, Maan

2018-05-01

Server is popular among all companies and it used by most of them but due to the security threat on the server make this companies are concerned when using it so that in this paper we will design a secure system based on one time password and third parity authentication (smart phone). The proposed system make security to the login process of server by using one time password to authenticate person how have permission to login and third parity device (smart phone) as other level of security.

Distributed intrusion detection system based on grid security model

NASA Astrophysics Data System (ADS)

Su, Jie; Liu, Yahui

2008-03-01

Grid computing has developed rapidly with the development of network technology and it can solve the problem of large-scale complex computing by sharing large-scale computing resource. In grid environment, we can realize a distributed and load balance intrusion detection system. This paper first discusses the security mechanism in grid computing and the function of PKI/CA in the grid security system, then gives the application of grid computing character in the distributed intrusion detection system (IDS) based on Artificial Immune System. Finally, it gives a distributed intrusion detection system based on grid security system that can reduce the processing delay and assure the detection rates.

Integrated secure solution for electronic healthcare records sharing

NASA Astrophysics Data System (ADS)

Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

2007-03-01

The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

Security Frameworks for Machine-to-Machine Devices and Networks

NASA Astrophysics Data System (ADS)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

Safe teleradiology: information assurance as project planning methodology.

PubMed

Collmann, Jeff; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2005-01-01

The Georgetown University Medical Center Department of Radiology used a tailored version of OCTAVE, a self-directed information security risk assessment method, to design a teleradiology system that complied with the regulation implementing the security provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The system addressed threats to and vulnerabilities in the privacy and security of protected health information. By using OCTAVE, Georgetown identified the teleradiology program's critical assets, described threats to the assurance of those assets, developed and ran vulnerability scans of a system pilot, evaluated the consequences of security breaches, and developed a risk management plan to mitigate threats to program assets, thereby implementing good information assurance practices. This case study illustrates the basic point that prospective, comprehensive planning to protect the privacy and security of an information system strategically benefits program management as well as system security.

The Use of Electronic Book Theft Detection Systems in Libraries.

ERIC Educational Resources Information Center

Witt, Thomas B.

1996-01-01

Although electronic book theft detection systems can be a deterrent to library material theft, no electronic system is foolproof, and a total security program is necessary to ensure collection security. Describes how book theft detection systems work, their effectiveness, and the problems inherent in technology. A total security program considers…

77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the seventeenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-24

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the nineteenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the eleventh meeting of RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-12

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty first meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-30

... Committee 224, Airport Security Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the thirteenth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-15

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twelfth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

Security Systems Commissioning: An Old Trick for Your New Dog

ERIC Educational Resources Information Center

Black, James R.

2009-01-01

Sophisticated, software-based security systems can provide powerful tools to support campus security. By nature, such systems are flexible, with many capabilities that can help manage the process of physical protection. However, the full potential of these systems can be overlooked because of unfamiliarity with the products, weaknesses in security…

75 FR 67363 - Notice of Public Information Collection(s) Being Reviewed by the Federal Communications...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-02

... proceeding were required to file system security statements under the Commission's rules. (Security systems..., including broadband Internet access and interconnected VoIP providers, must file updates to their systems... Commission's rules, the information in the CALEA security system filings and petitions will not be made...

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew A.

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew

2013-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

Security Management Strategies for Protecting Your Library's Network.

ERIC Educational Resources Information Center

Ives, David J.

1996-01-01

Presents security procedures for protecting a library's computer system from potential threats by patrons or personnel, and describes how security can be breached. A sidebar identifies four areas of concern in security management: the hardware, the operating system, the network, and the user interface. A selected bibliography of sources on…

76 FR 3098 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-19

...: National Security Agency/Central Security Service, Freedom of Information Act and Privacy Act Office, 9800..., Privacy Act and Mandatory Declassification Review Records. System Location: National Security Agency... Information Act; 5 U.S.C. 552a, The Privacy Act of 1974 (as amended); E.O. 13526, Classified National Security...

Examining the Relationship between Organization Systems and Information Security Awareness

ERIC Educational Resources Information Center

Tintamusik, Yanarong

2010-01-01

The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

Computer simulation of functioning of elements of security systems

NASA Astrophysics Data System (ADS)

Godovykh, A. V.; Stepanov, B. P.; Sheveleva, A. A.

2017-01-01

The article is devoted to issues of development of the informational complex for simulation of functioning of the security system elements. The complex is described from the point of view of main objectives, a design concept and an interrelation of main elements. The proposed conception of the computer simulation provides an opportunity to simulate processes of security system work for training security staff during normal and emergency operation.

Common object request broker architecture (CORBA)-based security services for the virtual radiology environment.

PubMed

Martinez, R; Cole, C; Rozenblit, J; Cook, J F; Chacko, A K

2000-05-01

The US Army Great Plains Regional Medical Command (GPRMC) has a requirement to conform to Department of Defense (DoD) and Army security policies for the Virtual Radiology Environment (VRE) Project. Within the DoD, security policy is defined as the set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information. Security policy in the DoD is described by the Trusted Computer System Evaluation Criteria (TCSEC), Army Regulation (AR) 380-19, Defense Information Infrastructure Common Operating Environment (DII COE), Military Health Services System Automated Information Systems Security Policy Manual, and National Computer Security Center-TG-005, "Trusted Network Interpretation." These documents were used to develop a security policy that defines information protection requirements that are made with respect to those laws, rules, and practices that are required to protect the information stored and processed in the VRE Project. The goal of the security policy is to provide for a C2-level of information protection while also satisfying the functional needs of the GPRMC's user community. This report summarizes the security policy for the VRE and defines the CORBA security services that satisfy the policy. In the VRE, the information to be protected is embedded into three major information components: (1) Patient information consists of Digital Imaging and Communications in Medicine (DICOM)-formatted fields. The patient information resides in the digital imaging network picture archiving and communication system (DIN-PACS) networks in the database archive systems and includes (a) patient demographics; (b) patient images from x-ray, computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound (US); and (c) prior patient images and related patient history. (2) Meta-Manager information to be protected consists of several data objects. This information is distributed to the Meta-Manager nodes and includes (a) radiologist schedules; (b) modality worklists; (c) routed case information; (d) DIN-PACS and Composite Health Care system (CHCS) messages, and Meta-Manager administrative and security information; and (e) patient case information. (3) Access control and communications security is required in the VRE to control who uses the VRE and Meta-Manager facilities and to secure the messages between VRE components. The CORBA Security Service Specification version 1.5 is designed to allow up to TCSEC's B2-level security for distributed objects. The CORBA Security Service Specification defines the functionality of several security features: identification and authentication, authorization and access control, security auditing, communication security, nonrepudiation, and security administration. This report describes the enhanced security features for the VRE and their implementation using commercial CORBA Security Service software products.

5 CFR 9701.526 - Continuation of existing laws, recognitions, agreements, and procedures.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations...

An exploratory risk perception study of attitudes toward homeland security systems.

PubMed

Sanquist, Thomas F; Mahy, Heidi; Morris, Frederic

2008-08-01

Understanding the issues surrounding public acceptance of homeland security systems is important for balancing security needs and potential civil liberties infringements. A psychometric survey was used in an exploratory study of attitudes regarding homeland security systems. Psychometric rating data were obtained from 182 respondents on psychological attributes associated with 12 distinct types of homeland security systems. An inverse relationship was observed for the overall rating attributes of acceptability and risk of civil liberties infringement. Principal components analysis (PCA) yielded a two-factor solution with the rating scale loading pattern suggesting factors of perceived effectiveness and perceived intrusiveness. These factors also showed an inverse relationship. The 12 different homeland security systems showed significantly different scores on the rating scales and PCA factors. Of the 12 systems studied, airport screening, canine detectors, and radiation monitoring at borders were found to be the most acceptable, while email monitoring, data mining, and global positioning satellite (GPS) tracking were found to be least acceptable. Students rated several systems as more effective than professionals, but the overall pattern of results for both types of subjects was similar. The data suggest that risk perception research and the psychometric paradigm are useful approaches for quantifying attitudes regarding homeland security systems and policies and can be used to anticipate potentially significant public acceptance issues.

Development of a telediagnosis endoscopy system over secure internet.

PubMed

Ohashi, K; Sakamoto, N; Watanabe, M; Mizushima, H; Tanaka, H

2008-01-01

We developed a new telediagnosis system to securely transmit high-quality endoscopic moving images over the Internet in real time. This system would enable collaboration between physicians seeking advice from endoscopists separated by long distances, to facilitate diagnosis. We adapted a new type of digital video streaming system (DVTS) to our teleendoscopic diagnosis system. To investigate its feasibility, we conducted a two-step experiment. A basic experiment was first conducted to transmit endoscopic video images between hospitals using a plain DVTS. After investigating the practical usability, we incorporated a secure and reliable communication function into the system, by equipping DVTS with "TCP2", a new security technology that establishes secure communication in the transport layer. The second experiment involved international transmission of teleendoscopic image between Hawaii and Japan using the improved system. In both the experiments, no serious transmission delay was observed to disturb physicians' communications and, after subjective evaluation by endoscopists, the diagnostic qualities of the images were found to be adequate. Moreover, the second experiment showed that "TCP2-equipped DVTS" successfully executed high-quality secure image transmission over a long distance network. We conclude that DVTS technology would be promising for teleendoscopic diagnosis. It was also shown that a high quality, secure teleendoscopic diagnosis system can be developed by equipping DVTS with TCP2.

The research of network database security technology based on web service

NASA Astrophysics Data System (ADS)

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

75 FR 57740 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-22

... Committee on Oversight and Government Reform, the Senate Committee on Homeland Security and Governmental... OSD Federal Register Liaison Officer, Department of Defense. K890.13 System Name: Security Container... Security Officer, Headquarters, Defense Information Systems Agency-Europe, APO AE 09131-4103. Headquarters...

5 CFR 9701.313 - Homeland Security Compensation Committee.

Code of Federal Regulations, 2011 CFR

2011-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.313... to provide options and/or recommendations for consideration by the Secretary or designee on strategic...

Quantum key distribution with an efficient countermeasure against correlated intensity fluctuations in optical pulses

NASA Astrophysics Data System (ADS)

Yoshino, Ken-ichiro; Fujiwara, Mikio; Nakata, Kensuke; Sumiya, Tatsuya; Sasaki, Toshihiko; Takeoka, Masahiro; Sasaki, Masahide; Tajima, Akio; Koashi, Masato; Tomita, Akihisa

2018-03-01

Quantum key distribution (QKD) allows two distant parties to share secret keys with the proven security even in the presence of an eavesdropper with unbounded computational power. Recently, GHz-clock decoy QKD systems have been realized by employing ultrafast optical communication devices. However, security loopholes of high-speed systems have not been fully explored yet. Here we point out a security loophole at the transmitter of the GHz-clock QKD, which is a common problem in high-speed QKD systems using practical band-width limited devices. We experimentally observe the inter-pulse intensity correlation and modulation pattern-dependent intensity deviation in a practical high-speed QKD system. Such correlation violates the assumption of most security theories. We also provide its countermeasure which does not require significant changes of hardware and can generate keys secure over 100 km fiber transmission. Our countermeasure is simple, effective and applicable to wide range of high-speed QKD systems, and thus paves the way to realize ultrafast and security-certified commercial QKD systems.

33 CFR 104.405 - Format of the Vessel Security Plan (VSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Communications; (9) Security systems and equipment maintenance; (10) Security measures for access control... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Format of the Vessel Security... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Plan (VSP) § 104.405 Format of the...

Sustainable Food Security Measurement: A Systemic Methodology

NASA Astrophysics Data System (ADS)

Findiastuti, W.; Singgih, M. L.; Anityasari, M.

2017-04-01

Sustainable food security measures how a region provides food for its people without endangered the environment. In Indonesia, it was legally measured in Food Security and Vulnerability (FSVA). However, regard to sustainable food security policy, the measurement has not encompassed the environmental aspect. This will lead to lack of environmental aspect information for adjusting the next strategy. This study aimed to assess Sustainable Food security by encompassing both food security and environment aspect using systemic eco-efficiency. Given existing indicator of cereal production level, total emission as environment indicator was generated by constructing Causal Loop Diagram (CLD). Then, a stock-flow diagram was used to develop systemic simulation model. This model was demonstrated for Indonesian five provinces. The result showed there was difference between food security order with and without environmental aspect assessment.

Immune Inspired Security Approach for Manets: a Case Study

NASA Astrophysics Data System (ADS)

Mohamed, Yasir Abdelgadir

2011-06-01

This paper extends the work that has earlier been established. Immune inspired approach for securing mobile ad hoc networks is specified there. Although it is clearly indicated there that the research scope is the wireless networks in general and hybrid mobile ad hoc networks in particular, we have seen that specifying the security system in one of the communications applications that need further security approach may help to understand how effectively the system can contribute to this vital and important networks sector. Security in this type of networks is important and controversial as it plays a key role in users' eagerness or reluctance for the services provided by these networks. In this paper, the immune inspired security system is specified to secure web services in converged networks.

A Security Architecture for Grid-enabling OGC Web Services

NASA Astrophysics Data System (ADS)

Angelini, Valerio; Petronzio, Luca

2010-05-01

In the proposed presentation we describe an architectural solution for enabling a secure access to Grids and possibly other large scale on-demand processing infrastructures through OGC (Open Geospatial Consortium) Web Services (OWS). This work has been carried out in the context of the security thread of the G-OWS Working Group. G-OWS (gLite enablement of OGC Web Services) is an international open initiative started in 2008 by the European CYCLOPS , GENESI-DR, and DORII Project Consortia in order to collect/coordinate experiences in the enablement of OWS's on top of the gLite Grid middleware. G-OWS investigates the problem of the development of Spatial Data and Information Infrastructures (SDI and SII) based on the Grid/Cloud capacity in order to enable Earth Science applications and tools. Concerning security issues, the integration of OWS compliant infrastructures and gLite Grids needs to address relevant challenges, due to their respective design principles. In fact OWS's are part of a Web based architecture that demands security aspects to other specifications, whereas the gLite middleware implements the Grid paradigm with a strong security model (the gLite Grid Security Infrastructure: GSI). In our work we propose a Security Architectural Framework allowing the seamless use of Grid-enabled OGC Web Services through the federation of existing security systems (mostly web based) with the gLite GSI. This is made possible mediating between different security realms, whose mutual trust is established in advance during the deployment of the system itself. Our architecture is composed of three different security tiers: the user's security system, a specific G-OWS security system, and the gLite Grid Security Infrastructure. Applying the separation-of-concerns principle, each of these tiers is responsible for controlling the access to a well-defined resource set, respectively: the user's organization resources, the geospatial resources and services, and the Grid resources. While the gLite middleware is tied to a consolidated security approach based on X.509 certificates, our system is able to support different kinds of user's security infrastructures. Our central component, the G-OWS Security Framework, is based on the OASIS WS-Trust specifications and on the OGC GeoRM architectural framework. This allows to satisfy advanced requirements such as the enforcement of specific geospatial policies and complex secure web service chained requests. The typical use case is represented by a scientist belonging to a given organization who issues a request to a G-OWS Grid-enabled Web Service. The system initially asks the user to authenticate to his/her organization's security system and, after verification of the user's security credentials, it translates the user's digital identity into a G-OWS identity. This identity is linked to a set of attributes describing the user's access rights to the G-OWS services and resources. Inside the G-OWS Security system, access restrictions are applied making use of the enhanced Geospatial capabilities specified by the OGC GeoXACML. If the required action needs to make use of the Grid environment the system checks if the user is entitled to access a Grid infrastructure. In that case his/her identity is translated to a temporary Grid security token using the Short Lived Credential Services (IGTF Standard). In our case, for the specific gLite Grid infrastructure, some information (VOMS Attributes) is plugged into the Grid Security Token to grant the access to the user's Virtual Organization Grid resources. The resulting token is used to submit the request to the Grid and also by the various gLite middleware elements to verify the user's grants. Basing on the presented framework, the G-OWS Security Working Group developed a prototype, enabling the execution of OGC Web Services on the EGEE Production Grid through the federation with a Shibboleth based security infrastructure. Future plans aim to integrate other Web authentication services such as OpenID, Kerberos and WS-Federation.

An Analysis of Federal Airport and Air Carrier Employee Access Control, Screening. and Training Regulations

DTIC Science & Technology

1998-03-01

traveling public, air carriers, and persons employed by or conducting business at public airports. 14. SUBJECT TERMS Airport Security , Federal...26 4. Sterile Area 28 5. Exclusive Area 28 E. SECURITY ALERT LEVELS 29 F. AIRPORT SECURITY TOOLS 30 1. Electronic Detection System 31 a... Security Coordinator ASP Airport Security Program BIS Biometrie Identification System CCTV Closed Circuit Television CJIS Criminal Justice Information

SHI(EL)DS: A Novel Hardware-Based Security Backplane to Enhance Security with Minimal Impact to System Operation

DTIC Science & Technology

2008-03-01

executables. The current roadblock to detecting Type I Malware consistantly is the practice of legitimate software , such as antivirus programs, using this... Software Security Systems . . 31 3.2.2 Advantages of Hardware . . . . . . . . . . . . . 32 3.2.3 Trustworthiness of Information . . . . . . . . . 33...Towards a Hardware Security Backplane . . . . . . . . . 42 IV. Review of State of the Art Computer Security Solutions . . . . . 46 4.1 Software

Design and implementation of modular home security system with short messaging system

NASA Astrophysics Data System (ADS)

Budijono, Santoso; Andrianto, Jeffri; Axis Novradin Noor, Muhammad

2014-03-01

Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile) mobile device using SMS (Short Messaging System) and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red) motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

Transit Security Procedures Guide

DOT National Transportation Integrated Search

1994-12-01

To protect passenger, employees, revenue, and property, transit systems are encouraged to take a proactive, prevention-oriented systems approach to transit security. This guide is a compilation of materials for planning and improving transit security...

5 CFR 9701.334 - Setting and adjusting locality and special rate supplements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Locality and...

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

PubMed

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

Concepts for a standard based cross-organisational information security management system in the context of a nationwide EHR.

PubMed

Mense, Alexander; Hoheiser-Pförtner, Franz; Schmid, Martin; Wahl, Harald

2013-01-01

Working with health related data necessitates appropriate levels of security and privacy. Information security, meaning ensuring confidentiality, integrity, and availability, is more organizational, than technical in nature. It includes many organizational and management measures, is based on well-defined security roles, processes, and documents, and needs permanent adaption of security policies, continuously monitoring, and measures assessment. This big challenge for any organization leads to implementation of an information security management system (ISMS). In the context of establishing a regional or national electronic health record for integrated care (ICEHR), the situation is worse. Changing the medical information exchange from on-demand peer-to-peer connections to health information networks requires all organizations participating in the EHR system to have consistent security levels and to follow the same security guidelines and rules. Also, the implementation must be monitored and audited, establishing cross-organizational information security management systems (ISMS) based on international standards. This paper evaluates requirements and defines basic concepts for an ISO 27000 series-based cross-organizational ISMS in the healthcare domain and especially for the implementation of the nationwide electronic health record in Austria (ELGA).

HOW TO SELECT THE PROPER SECURITY AND EQUIPMENT SURVEILLANCE SYSTEMS TO PROTECT YOUR FACILITIES.

ERIC Educational Resources Information Center

Honeywell, Inc., Minneapolis, Minn.

IN PRESENTING A SURVEY OF MODERN SECURITY SYSTEMS, THIS BOOKLET DISCUSSES THE REQUIREMENTS FOR SURVEILLANCE AND PROTECTION OF AREAS, PERIMETER, AND OBJECTS. A VARIETY OF EQUIPMENT IS DESCRIBED WITH DISCUSSION OF OPERATING PROCEDURES, COSTS, AND RECENT DEVELOPMENTS IN SECURITY SYSTEMS. (JT)

76 FR 72428 - Privacy Act of 1974; Department of Homeland Security/ALL-017 General Legal Records System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-23

... 1974; Department of Homeland Security/ALL--017 General Legal Records System of Records AGENCY: Privacy... of records notice titled, ``Department of Homeland Security/ ALL--017 General Legal Records System of Records.'' This system will assist attorneys in providing legal advice to the Department of Homeland...

Making Our Buildings Safer: Security Management and Equipment Issues.

ERIC Educational Resources Information Center

Clark, James H.

1997-01-01

Discusses three major components of library security: physical security of the environment; operating procedures for library staff, the public, and security personnel; and a contract security force (or campus security in academic institutions.) Topics include risk management; maintenance; appropriate technology, including security systems and…

33 CFR 104.305 - Vessel Security Assessment (VSA) requirements.

Code of Federal Regulations, 2013 CFR

2013-07-01

... security; (ii) Structural integrity; (iii) Personnel protection systems; (iv) Procedural policies; (v... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Vessel Security Assessment (VSA... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Assessment (VSA) § 104.305 Vessel...

33 CFR 104.305 - Vessel Security Assessment (VSA) requirements.

Code of Federal Regulations, 2011 CFR

2011-07-01

... security; (ii) Structural integrity; (iii) Personnel protection systems; (iv) Procedural policies; (v... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Vessel Security Assessment (VSA... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Assessment (VSA) § 104.305 Vessel...

33 CFR 104.305 - Vessel Security Assessment (VSA) requirements.

Code of Federal Regulations, 2014 CFR

2014-07-01

... security; (ii) Structural integrity; (iii) Personnel protection systems; (iv) Procedural policies; (v... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Vessel Security Assessment (VSA... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Assessment (VSA) § 104.305 Vessel...

33 CFR 104.305 - Vessel Security Assessment (VSA) requirements.

Code of Federal Regulations, 2012 CFR

2012-07-01

... security; (ii) Structural integrity; (iii) Personnel protection systems; (iv) Procedural policies; (v... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Vessel Security Assessment (VSA... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Assessment (VSA) § 104.305 Vessel...

33 CFR 104.305 - Vessel Security Assessment (VSA) requirements.

Code of Federal Regulations, 2010 CFR

2010-07-01

... security; (ii) Structural integrity; (iii) Personnel protection systems; (iv) Procedural policies; (v... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Vessel Security Assessment (VSA... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Assessment (VSA) § 104.305 Vessel...

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

NASA Astrophysics Data System (ADS)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

COVERING THE SEAMS IN U.S. NATIONAL SECURITY BY APPLYING NETWORK AND TEAM ATTRIBUTES

DTIC Science & Technology

2017-04-06

Today, one such weakness is the seams that exist in the system . Organizational criteria like geography , functions, and responsibilities often create...establishment by the National Security Act of 1947, the modern U.S. national security system has evolved as a result of legislation, presidential preference...and because of changes in the U.S. and international security environments. With each evolution, the system has found ways to function in dealing

National Security Personnel System (NSPS): An Analysis of Key Stakeholders’ Perceptions during DoD’s Implementation of NSPS

DTIC Science & Technology

2010-06-01

62 1. KPP 1: High Performing Workplace and Environment................65 a. Attribute 1. System...source for employee values and actions. The stereotypical value of the federal government employee, especially under the GS system, was job security...most directly met by this model is job security. This job security is often stereotyped by the saying; you cannot fire a government employee

Incorporating voltage security into the planning, operation and monitoring of restructured electric energy markets

NASA Astrophysics Data System (ADS)

Nair, Nirmal-Kumar

As open access market principles are applied to power systems, significant changes are happening in their planning, operation and control. In the emerging marketplace, systems are operating under higher loading conditions as markets focus greater attention to operating costs than stability and security margins. Since operating stability is a basic requirement for any power system, there is need for newer tools to ensure stability and security margins being strictly enforced in the competitive marketplace. This dissertation investigates issues associated with incorporating voltage security into the unbundled operating environment of electricity markets. It includes addressing voltage security in the monitoring, operational and planning horizons of restructured power system. This dissertation presents a new decomposition procedure to estimate voltage security usage by transactions. The procedure follows physical law and uses an index that can be monitored knowing the state of the system. The expression derived is based on composite market coordination models that have both PoolCo and OpCo transactions, in a shared stressed transmission grid. Our procedure is able to equitably distinguish the impacts of individual transactions on voltage stability, at load buses, in a simple and fast manner. This dissertation formulates a new voltage stability constrained optimal power flow (VSCOPF) using a simple voltage security index. In modern planning, composite power system reliability analysis that encompasses both adequacy and security issues is being developed. We have illustrated the applicability of our VSCOPF into composite reliability analysis. This dissertation also delves into the various applications of voltage security index. Increasingly, FACT devices are being used in restructured markets to mitigate a variety of operational problems. Their control effects on voltage security would be demonstrated using our VSCOPF procedure. Further, this dissertation investigates the application of steady state voltage stability index to detect potential dynamic voltage collapse. Finally, this dissertation examines developments in representation, standardization, communication and exchange of power system data. Power system data is the key input to all analytical engines for system operation, monitoring and control. Data exchange and dissemination could impact voltage security evaluation and therefore needs to be critically examined.

Security for IP Multimedia Services in the 3GPP Third Generation Mobile System.

ERIC Educational Resources Information Center

Horn, G.; Kroselberg, D.; Muller, K.

2003-01-01

Presents an overview of the security architecture of the IP multimedia core network subsystem (IMS) of the third generation mobile system, known in Europe as UMTS. Discusses IMS security requirements; IMS security architecture; authentication between IMS user and home network; integrity and confidentiality for IMS signalling; and future aspects of…

45 CFR 1159.15 - Who has the responsibility for maintaining adequate technical, physical, and security safeguards...

Code of Federal Regulations, 2010 CFR

2010-10-01

... disclosure or destruction of manual and automatic record systems. These security safeguards shall apply to... use of records contained in a system of records are adequately trained to protect the security and... adequate technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of...

17 CFR 240.17a-23 - Recordkeeping and reporting requirements relating to broker-dealer trading systems.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Recordkeeping and reporting requirements relating to broker-dealer trading systems. 240.17a-23 Section 240.17a-23 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE...

17 CFR 240.17a-23 - Recordkeeping and reporting requirements relating to broker-dealer trading systems.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Recordkeeping and reporting requirements relating to broker-dealer trading systems. 240.17a-23 Section 240.17a-23 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE...

17 CFR 240.17a-23 - Recordkeeping and reporting requirements relating to broker-dealer trading systems.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Recordkeeping and reporting requirements relating to broker-dealer trading systems. 240.17a-23 Section 240.17a-23 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE...

17 CFR 240.17a-23 - Recordkeeping and reporting requirements relating to broker-dealer trading systems.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Recordkeeping and reporting requirements relating to broker-dealer trading systems. 240.17a-23 Section 240.17a-23 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE...

Disaster at a University: A Case Study in Information Security

ERIC Educational Resources Information Center

Ayyagari, Ramakrishna; Tyks, Jonathan

2012-01-01

Security and disaster training is identified as a top Information Technology (IT) required skill that needs to be taught in Information Systems (IS) curriculums. Accordingly, information security and privacy have become core concepts in information system education. Providing IT security on a shoestring budget is always difficult and many small…

A novel and lightweight system to secure wireless medical sensor networks.

PubMed

He, Daojing; Chan, Sammy; Tang, Shaohua

2014-01-01

Wireless medical sensor networks (MSNs) are a key enabling technology in e-healthcare that allows the data of a patient's vital body parameters to be collected by the wearable or implantable biosensors. However, the security and privacy protection of the collected data is a major unsolved issue, with challenges coming from the stringent resource constraints of MSN devices, and the high demand for both security/privacy and practicality. In this paper, we propose a lightweight and secure system for MSNs. The system employs hash-chain based key updating mechanism and proxy-protected signature technique to achieve efficient secure transmission and fine-grained data access control. Furthermore, we extend the system to provide backward secrecy and privacy preservation. Our system only requires symmetric-key encryption/decryption and hash operations and is thus suitable for the low-power sensor nodes. This paper also reports the experimental results of the proposed system in a network of resource-limited motes and laptop PCs, which show its efficiency in practice. To the best of our knowledge, this is the first secure data transmission and access control system for MSNs until now.

Privacy and security in teleradiology.

PubMed

Ruotsalainen, Pekka

2010-01-01

Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

Quantum key distribution with hacking countermeasures and long term field trial.

PubMed

Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

2017-05-16

Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

UNIX security in a supercomputing environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1989-01-01

The author critiques some security mechanisms in most versions of the Unix operating system and suggests more effective tools that either have working prototypes or have been implemented, for example in secure Unix systems. Although no computer (not even a secure one) is impenetrable, breaking into systems with these alternate mechanisms will cost more, require more skill, and be more easily detected than penetrations of systems without these mechanisms. The mechanisms described fall into four classes (with considerable overlap). User authentication at the local host affirms the identity of the person using the computer. The principle of least privilege dictates that properly authenticated users should have rights precisely sufficient to perform their tasks, and system administration functions should be compartmentalized; to this end, access control lists or capabilities should either replace or augment the default Unix protection system, and mandatory access controls implementing multilevel security models and integrity mechanisms should be available. Since most users access supercomputing environments using networks, the third class of mechanisms augments authentication (where feasible). As no security is perfect, the fourth class of mechanism logs events that may indicate possible security violations; this will allow the reconstruction of a successful penetration (if discovered), or possibly the detection of an attempted penetration.

5 CFR 9701.512 - Conferring on procedures for the exercise of management rights.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.512...

5 CFR 9701.323 - Eligibility for pay increase associated with a rate range adjustment.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Setting and...

5 CFR 9701.335 - Eligibility for pay increase associated with a supplement adjustment.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Locality and...

Advantages and Disadvantages of the National Security Personnel System as Compared to the General Schedule Personnel System

DTIC Science & Technology

2005-12-01

NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA JOINT APPLIED PROJECT Advantages and Disadvantages of the National Security...Applied Project 4. TITLE AND SUBTITLE: Advantages and Disadvantages of the National Security Personnel System as Compared to the General...compare and contrast the advantages and disadvantages of the new personnel system (NSPS) versus the General Schedule (GS) personnel system currently

[How to establish the hospital information system security policies].

PubMed

Gong, Qing-Yue; Shi, Cheng

2008-03-01

It is important to establish the hospital information system security policies. While these security policies are being established, a comprehensive consideration should be given to the acceptable levels of users, IT supporters and hospital managers. We should have a formal policy designing process that is consistently followed by all security policies. Reasons for establishing the security policies and their coverage and applicable objects should be stated clearly. Besides, each policy should define user's responsibilities and penalties of violation. Every organization will need some key policies, such as of information sources usage, remote access, information protection, perimeter security, and baseline host/device security. Security managing procedures are the mechanisms to enforce the policies. An incident-handling procedure is the most important security managing procedure for all organizations.

3D Imaging with Structured Illumination for Advanced Security Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Birch, Gabriel Carisle; Dagel, Amber Lynn; Kast, Brian A.

2015-09-01

Three-dimensional (3D) information in a physical security system is a highly useful dis- criminator. The two-dimensional data from an imaging systems fails to provide target dis- tance and three-dimensional motion vector, which can be used to reduce nuisance alarm rates and increase system effectiveness. However, 3D imaging devices designed primarily for use in physical security systems are uncommon. This report discusses an architecture favorable to physical security systems; an inexpensive snapshot 3D imaging system utilizing a simple illumination system. The method of acquiring 3D data, tests to understand illumination de- sign, and software modifications possible to maximize information gathering capabilitymore » are discussed.« less

Foundational Security Principles for Medical Application Platforms* (Extended Abstract)

PubMed Central

Vasserman, Eugene Y.; Hatcliff, John

2014-01-01

We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals. PMID:25599096

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

Secure videoconferencing equipment switching system and method

DOEpatents

Hansen, Michael E [Livermore, CA

2009-01-13

A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

75 FR 79065 - Privacy Act of 1974, as Amended; Proposed System of Records and Routine Use Disclosures

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-17

... SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Proposed System of Records and Routine Use Disclosures AGENCY: Social Security Administration (SSA). ACTION: Proposed system of records... of Privacy and Disclosure, Office of the General Counsel, Social Security Administration, 3-A-6...

Superstorm Sandy: Implications For Designing A PostCyber Attack Power Restoration System

DTIC Science & Technology

2016-03-31

for such progress. Phillip Allison, “ Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems: Building Security into Your Industrial...TechSvcs/Multi-stateFleetResponseWorkshopReport-02-21-13.pdf. Allison, Phillip. “ Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

78 FR 15407 - Privacy Act of 1974, as Amended

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-11

... alteration of the system of records entitled Treasury/IRS 34.037, Audit Trail and Security Records. DATES... the Privacy Act system of records entitled Treasury/IRS34.037, Audit Trail and Security Records, to.... TREASURY/IRS 34.037 System name: Audit Trail and Security Records--Treasury/IRS 34.037...

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals. Job Profiles

DOE Office of Scientific and Technical Information (OSTI.GOV)

O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.

The Secure Power Systems Professional Phase III final report was released last year which an appendix of Job Profiles. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

28 CFR 16.74 - Exemption of National Security Division Systems-limited access.

Code of Federal Regulations, 2010 CFR

2010-07-01

... National Security Division Systems—limited access. (a) The following system of records is exempted from... 28 Judicial Administration 1 2010-07-01 2010-07-01 false Exemption of National Security Division Systems-limited access. 16.74 Section 16.74 Judicial Administration DEPARTMENT OF JUSTICE PRODUCTION OR...

Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

ERIC Educational Resources Information Center

Waguespack, Leslie J.

2014-01-01

With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

Proposal of Secure VoIP System Using Attribute Certificate

NASA Astrophysics Data System (ADS)

Kim, Jin-Mook; Jeong, Young-Ae; Hong, Seong-Sik

VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...; (9) Security systems and equipment maintenance; (10) Security measures for access control; (11... Facility Security Plan (FSP). 106.405 Section 106.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES...

Sandia National Laboratories proof-of-concept robotic security vehicle

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harrington, J.J.; Jones, D.P.; Klarer, P.R.

1989-01-01

Several years ago Sandia National Laboratories developed a prototype interior robot that could navigate autonomously inside a large complex building to air and test interior intrusion detection systems. Recently the Department of Energy Office of Safeguards and Security has supported the development of a vehicle that will perform limited security functions autonomously in a structured exterior environment. The goal of the first phase of this project was to demonstrate the feasibility of an exterior robotic vehicle for security applications by using converted interior robot technology, if applicable. An existing teleoperational test bed vehicle with remote driving controls was modified andmore » integrated with a newly developed command driving station and navigation system hardware and software to form the Robotic Security Vehicle (RSV) system. The RSV, also called the Sandia Mobile Autonomous Navigator (SANDMAN), has been successfully used to demonstrate that teleoperated security vehicles which can perform limited autonomous functions are viable and have the potential to decrease security manpower requirements and improve system capabilities. 2 refs., 3 figs.« less

Security issues of Internet-based biometric authentication systems: risks of Man-in-the-Middle and BioPhishing on the example of BioWebAuth

NASA Astrophysics Data System (ADS)

Zeitz, Christian; Scheidat, Tobias; Dittmann, Jana; Vielhauer, Claus; González Agulla, Elisardo; Otero Muras, Enrique; García Mateo, Carmen; Alba Castro, José L.

2008-02-01

Beside the optimization of biometric error rates the overall security system performance in respect to intentional security attacks plays an important role for biometric enabled authentication schemes. As traditionally most user authentication schemes are knowledge and/or possession based, firstly in this paper we present a methodology for a security analysis of Internet-based biometric authentication systems by enhancing known methodologies such as the CERT attack-taxonomy with a more detailed view on the OSI-Model. Secondly as proof of concept, the guidelines extracted from this methodology are strictly applied to an open source Internet-based biometric authentication system (BioWebAuth). As case studies, two exemplary attacks, based on the found security leaks, are investigated and the attack performance is presented to show that during the biometric authentication schemes beside biometric error performance tuning also security issues need to be addressed. Finally, some design recommendations are given in order to ensure a minimum security level.

Analysis on the University’s Network Security Level System in the Big Data Era

NASA Astrophysics Data System (ADS)

Li, Tianli

2017-12-01

The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

NASA Astrophysics Data System (ADS)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

The hack attack - Increasing computer system awareness of vulnerability threats

NASA Technical Reports Server (NTRS)

Quann, John; Belford, Peter

1987-01-01

The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).

5 CFR 9701.212 - Bands.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Structure § 9701.212 Bands. (a) For purposes of identifying...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.601 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.601 Purpose. This subpart contains regulations prescribing...

5 CFR 9701.211 - Occupational clusters.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.211 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Structure § 9701.211 Occupational clusters. For...

Safe teleradiology: information assurance as project planning methodology

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2003-05-01

This project demonstrates use of OCTAVE, an information security risk assessment method, as an approach to the safe design and planning of a teleradiology system. By adopting this approach to project planning, we intended to provide evidence that including information security as an intrinsic component of project planning improves information assurance and that using information assurance as a planning tool produces and improves the general system management plan. Several considerations justify this approach to planning a safe teleradiology system. First, because OCTAVE was designed as a method for retrospectively assessing and proposing enhancements for the security of existing information management systems, it should function well as a guide to prospectively designing and deploying a secure information system such as teleradiology. Second, because OCTAVE provides assessment and planning tools for use primarily by interdisciplinary teams from user organizations, not consultants, it should enhance the ability of such teams at the local level to plan safe information systems. Third, from the perspective of sociological theory, OCTAVE explicitly attempts to enhance organizational conditions identified as necessary to safely manage complex technologies. Approaching information system design from the perspective of information security risk management proactively integrates health information assurance into a project"s core. This contrasts with typical approaches that perceive "security" as a secondary attribute to be "added" after designing the system and with approaches that identify information assurance only with security devices and user training. The perspective of health information assurance embraces so many dimensions of a computerized health information system"s design that one may successfully deploy a method for retrospectively assessing information security risk as a prospective planning tool. From a sociological perspective, this approach enhances the general conditions as well as establishes specific policies and procedures for reliable performance of health information assurance.

77 FR 45721 - Consolidated Audit Trail

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-01

...The Securities and Exchange Commission (``Commission'') is adopting Rule 613 under the Securities Exchange Act of 1934 (``Exchange Act'' or ``Act'') to require national securities exchanges and national securities associations (``self-regulatory organizations'' or ``SROs'') to submit a national market system (``NMS'') plan to create, implement, and maintain a consolidated order tracking system, or consolidated audit trail, with respect to the trading of NMS securities, that would capture customer and order event information for orders in NMS securities, across all markets, from the time of order inception through routing, cancellation, modification, or execution.

Integrated assessment and scenarios simulation of urban water security system in the southwest of China with system dynamics analysis.

PubMed

Yin, Su; Dongjie, Guan; Weici, Su; Weijun, Gao

2017-11-01

The demand for global freshwater is growing, while global freshwater available for human use is limited within a certain time and space. Its security has significant impacts on both the socio-economic system and ecological system. Recently, studies have focused on the urban water security system (UWSS) in terms of either water quantity or water quality. In this study, water resources, water environment, and water disaster issues in the UWSS were combined to establish an evaluation index system with system dynamics (SD) and geographic information systems (GIS). The GIS method performs qualitative analysis from the perspective of the spatial dimension; meanwhile, the SD method performs quantitative calculation about related water security problems from the perspective of the temporal dimension. We established a UWSS model for Guizhou province, China to analyze influencing factors, main driving factors, and system variation law, by using the SD method. We simulated the water security system from 2005 to 2025 under four scenarios (Guiyang scenario, Zunyi scenario, Bijie scenario and combined scenario). The results demonstrate that: (1) the severity of water security in cities is ranked as follows: three cities are secure in Guizhou province, four cities are in basic security and two cities are in a situation of insecurity from the spatial dimension of GIS through water security synthesis; and (2) the major driving factors of UWSS in Guizhou province include agricultural irrigation water demand, soil and water losses area, a ratio increase to the standard of water quality, and investment in environmental protection. A combined scenario is the best solution for UWSS by 2025 in Guizhou province under the four scenarios from the temporal dimension of SD. The results of this study provide a useful suggestion for the management of freshwater for the cities of Guizhou province in southwest China.

Security Assistance: DOD’s Ongoing Reforms Address Some Challenges, but Additional Information Is Needed to Further Enhance Program Management

DTIC Science & Technology

2012-11-01

Abbreviations BPC building partner capacity DOD Department of Defense DSCA Defense Security Cooperation Agency EFTS Enhanced Freight Tracking System...SCOs are ready to receive a planned delivery. For both FMS and pseudo-FMS processes, DOD uses the Enhanced Freight Tracking System ( EFTS ), a secure...providing data for this system. The Security Assistance Management Manual recommends that SCOs use the EFTS to maintain awareness of incoming shipments

A study on an information security system of a regional collaborative medical platform.

PubMed

Zhao, Junping; Peng, Kun; Leng, Jinchang; Sun, Xiaowei; Zhang, Zhenjiang; Xue, Wanguo; Ren, Lianzhong

2010-01-01

The objective of this study was to share the experience of building an information security system for a regional collaborative medical platform (RCMP) and discuss the lessons learned from practical projects. Safety measures are analyzed from the perspective of system engineering. We present the essential requirements, critical architectures, and policies for system security of regional collaborative medical platforms.

DOE`s nation-wide system for access control can solve problems for the federal government

DOE Office of Scientific and Technical Information (OSTI.GOV)

Callahan, S.; Tomes, D.; Davis, G.

1996-07-01

The U.S. Department of Energy`s (DOE`s) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by manymore » different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location`s level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals.« less

Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2008-01-01

Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service maymore » be provided by an information technology system or process control system, etc.). (2) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the levels of verification and validation (i.e., certification) performed on components of the specification. The certification activity may produce higher levels of assurance across different components of the specification than others. Consequently, this paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs and the basic structural and mathematical underpinnings.« less

13 CFR 107.50 - Definition of terms.

Code of Federal Regulations, 2014 CFR

2014-01-01

..., electric transmission systems, storage systems, and cyber security. (2) Installation and/or inspection... distribution systems, electric transmission systems, or grid cyber security. (3) Auditing or consulting...

13 CFR 107.50 - Definition of terms.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., electric transmission systems, storage systems, and cyber security. (2) Installation and/or inspection... distribution systems, electric transmission systems, or grid cyber security. (3) Auditing or consulting...

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Developing a Security Metrics Scorecard for Healthcare Organizations.

PubMed

Elrefaey, Heba; Borycki, Elizabeth; Kushniruk, Andrea

2015-01-01

In healthcare, information security is a key aspect of protecting a patient's privacy and ensuring systems availability to support patient care. Security managers need to measure the performance of security systems and this can be achieved by using evidence-based metrics. In this paper, we describe the development of an evidence-based security metrics scorecard specific to healthcare organizations. Study participants were asked to comment on the usability and usefulness of a prototype of a security metrics scorecard that was developed based on current research in the area of general security metrics. Study findings revealed that scorecards need to be customized for the healthcare setting in order for the security information to be useful and usable in healthcare organizations. The study findings resulted in the development of a security metrics scorecard that matches the healthcare security experts' information requirements.

28 CFR 700.25 - Use and collection of social security numbers.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 28 Judicial Administration 2 2011-07-01 2011-07-01 false Use and collection of social security... to Individual Records Under the Privacy Act of 1974 § 700.25 Use and collection of social security numbers. (a) Each system manager of a system of records that utilizes Social Security numbers as a method...

CMMI(Registered) for Services, Version 1.3

DTIC Science & Technology

2010-11-01

ISO 2008b] ISO /IEC 27001 :2005 Information technology – Security techniques – Information Security Management Systems – Requirements [ ISO /IEC 2005...Commission. ISO /IEC 27001 Information Technology – Security Techniques – Information Security Management Systems – Requirements, 2005. http...CMM or International Organization for Standardization ( ISO ) 9001, you will immediately recognize many similarities in their structure and content

28 CFR 700.25 - Use and collection of social security numbers.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 28 Judicial Administration 2 2012-07-01 2012-07-01 false Use and collection of social security... to Individual Records Under the Privacy Act of 1974 § 700.25 Use and collection of social security numbers. (a) Each system manager of a system of records that utilizes Social Security numbers as a method...

28 CFR 700.25 - Use and collection of social security numbers.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 28 Judicial Administration 2 2014-07-01 2014-07-01 false Use and collection of social security... to Individual Records Under the Privacy Act of 1974 § 700.25 Use and collection of social security numbers. (a) Each system manager of a system of records that utilizes Social Security numbers as a method...

28 CFR 700.25 - Use and collection of social security numbers.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 28 Judicial Administration 2 2013-07-01 2013-07-01 false Use and collection of social security... to Individual Records Under the Privacy Act of 1974 § 700.25 Use and collection of social security numbers. (a) Each system manager of a system of records that utilizes Social Security numbers as a method...

28 CFR 700.25 - Use and collection of social security numbers.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 28 Judicial Administration 2 2010-07-01 2010-07-01 false Use and collection of social security... to Individual Records Under the Privacy Act of 1974 § 700.25 Use and collection of social security numbers. (a) Each system manager of a system of records that utilizes Social Security numbers as a method...

A Review of the Security of Insulin Pump Infusion Systems

PubMed Central

Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

2011-01-01

Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. PMID:22226278

A review of the security of insulin pump infusion systems.

PubMed

Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

2011-11-01

Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. © 2011 Diabetes Technology Society.

Indirection and computer security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Berg, Michael J.

2011-09-01

The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyzemore » common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.« less

A secured e-tendering modeling using misuse case approach

NASA Astrophysics Data System (ADS)

Mohd, Haslina; Robie, Muhammad Afdhal Muhammad; Baharom, Fauziah; Darus, Norida Muhd; Saip, Mohamed Ali; Yasin, Azman

2016-08-01

Major risk factors relating to electronic transactions may lead to destructive impacts on trust and transparency in the process of tendering. Currently, electronic tendering (e-tendering) systems still remain uncertain in issues relating to legal and security compliance and most importantly it has an unclear security framework. Particularly, the available systems are lacking in addressing integrity, confidentiality, authentication, and non-repudiation in e-tendering requirements. Thus, one of the challenges in developing an e-tendering system is to ensure the system requirements include the function for secured and trusted environment. Therefore, this paper aims to model a secured e-tendering system using misuse case approach. The modeling process begins with identifying the e-tendering process, which is based on the Australian Standard Code of Tendering (AS 4120-1994). It is followed by identifying security threats and their countermeasure. Then, the e-tendering was modelled using misuse case approach. The model can contribute to e-tendering developers and also to other researchers or experts in the e-tendering domain.

Flexible session management in a distributed environment

NASA Astrophysics Data System (ADS)

Miller, Zach; Bradley, Dan; Tannenbaum, Todd; Sfiligoi, Igor

2010-04-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

A mapping of information security in health Information Systems in Latin America and Brazil.

PubMed

Pereira, Samáris Ramiro; Fernandes, João Carlos Lopes; Labrada, Luis; Bandiera-Paiva, Paulo

2013-01-01

In health, Information Systems are patient records, hospital administration or other, have advantages such as cost, availability and integration. However, for these benefits to be fully met, it is necessary to guarantee the security of information maintained and provided by the systems. The lack of security can lead to serious consequences such as lawsuits and induction to medical errors. The management of information security is complex and is used in various fields of knowledge. Often, it is left in the background for not being the ultimate goal of a computer system, causing huge financial losses to corporations. This paper by systematic review methodologies, presented a mapping in the literature, in order to identify the most relevant aspects that are addressed by security researchers of health information, as to the development of computerized systems. They conclude through the results, some important aspects, for which the managers of computerized health systems should remain alert.

Protection of data carriers using secure optical codes

NASA Astrophysics Data System (ADS)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

Privacy and Security: A Bibliography.

ERIC Educational Resources Information Center

Computer and Business Equipment Manufacturers Association, Washington, DC.

Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

5 CFR 9701.527 - Savings provision.

Code of Federal Regulations, 2011 CFR

2011-01-01

....527 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.527 Savings provision. This subpart does not...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.609 - Proposal notice.

Code of Federal Regulations, 2010 CFR

2010-01-01

....609 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions Requirements for Furlough of 30 Days Or Less, Suspension...

5 CFR 9701.612 - Departmental record.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.612 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions Requirements for Furlough of 30 Days Or Less, Suspension...

20 CFR 228.2 - Tier I and tier II annuity components.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Social Security Act if all of the employee's earnings after 1936 under both the railroad retirement system and the social security system had been creditable under the Social Security Act. (b) Tier II...

5 CFR 9701.523 - Official time.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.523 Official time. (a) Any employee representing an...

5 CFR 9701.527 - Savings provision.

Code of Federal Regulations, 2010 CFR

2010-01-01

....527 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.527 Savings provision. This subpart does not...

5 CFR 9701.301 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration General § 9701.301 Purpose. (a) This subpart contains...

5 CFR 9701.401 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.401 Purpose. (a) This subpart provides for the establishment...

5 CFR 9701.603 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.603 Definitions. In this subpart: Adverse action means a...

5 CFR 9701.604 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.604 Coverage. (a) Actions covered. This subpart covers...

5 CFR 9701.107 - Program evaluation.

Code of Federal Regulations, 2010 CFR

2010-01-01

....107 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.107 Program evaluation. (a) DHS will establish...

5 CFR 9701.410 - DHS responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.410 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.410 DHS responsibilities. In carrying out its...

5 CFR 9701.507 - Employee rights.

Code of Federal Regulations, 2010 CFR

2010-01-01

....507 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.507 Employee rights. Each employee has the...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

U.S. Patent Pending, Information Security Analysis Using Game Theory and Simulation, U.S. Patent Application No.: 14/097,840

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G

Vulnerability in security of an information system is quantitatively predicted. The information system may receive malicious actions against its security and may receive corrective actions for restoring the security. A game oriented agent based model is constructed in a simulator application. The game ABM model represents security activity in the information system. The game ABM model has two opposing participants including an attacker and a defender, probabilistic game rules and allowable game states. A specified number of simulations are run and a probabilistic number of the plurality of allowable game states are reached in each simulation run. The probability ofmore » reaching a specified game state is unknown prior to running each simulation. Data generated during the game states is collected to determine a probability of one or more aspects of security in the information system.« less

Security Policy and Infrastructure in the Context of a Multi-Centeric Information System Dedicated to Autism Spectrum Disorder.

PubMed

Ben Said, Mohamed; Robel, Laurence; Golse, Bernard; Jais, Jean Philippe

2017-01-01

Autism spectrum disorders (ASD) are complex neuro-developmental disorders affecting children in their early age. The diagnosis of ASD relies on multidisciplinary investigations, in psychiatry, neurology, genetics, electrophysiology, neuro-imagery, audiology and ophthalmology. In order to support clinicians, researchers and public health decision makers, we designed an information system dedicated to ASD, called TEDIS. TEDIS was designed to manage systematic, exhaustive and continuous multi-centric patient data collection via secured Internet connections. In this paper, we present the security policy and security infrastructure we developed to protect ASD' patients' clinical data and patients' privacy. We tested our system on 359 ASD patient records in a local secured intranet environment and showed that the security system is functional, with a consistent, transparent and safe encrypting-decrypting behavior. It is ready for deployment in the nine ASD expert assessment centers in the Ile de France district.

6 CFR 5.32 - Contracts for the operation of record systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Contracts for the operation of record systems. 5.32 Section 5.32 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.32 Contracts for the operation of record systems. Under 5...

Information security management system planning for CBRN facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.

The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

75 FR 29548 - Privacy Act of 1974; Notice of New System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... maintained behind a firewall certified by the National Computer Security Association. RETENTION AND DISPOSAL... agencies, entities when (1) the Agency suspects or has confirmed that the security or confidentiality of..., identity theft or fraud, or harm to the security or integrity or this system or other systems or programs...

76 FR 20986 - Privacy Act of 1974; Notice of New System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-14

... but are not limited to: name, social security number, addresses, phone numbers, e- mail address, birth... persons when (1) the Agency suspects or has confirmed that the security or confidentiality of information... or fraud, or harm to the security or integrity of this system or other systems or programs (whether...

Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

ERIC Educational Resources Information Center

Foltz, C. Bryan; Renwick, Janet S.

2011-01-01

The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

Company's Data Security - Case Study

NASA Astrophysics Data System (ADS)

Stera, Piotr

This paper describes a computer network and data security problems in an existing company. Two main issues were pointed out: data loss protection and uncontrolled data copying. Security system was designed and implemented. The system consists of many dedicated programs. This system protect from data loss and detected unauthorized file copying from company's server by a dishonest employee.

Information Systems Security Job Advertisement Analysis: Skills Review and Implications for Information Systems Curriculum

ERIC Educational Resources Information Center

Brooks, Nita G.; Greer, Timothy H.; Morris, Steven A.

2018-01-01

The authors' focus was the assessment of skill requirements for information systems security positions to understand expectations for security jobs and to highlight issues relevant to curriculum management. The analysis of 798 job advertisements involved the exploration of domain-related and soft skills as well as degree and certification…

77 FR 13574 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-07

... electronic storage media. Retrievability: Individual's name and last four of Social Security Number (SSN... commuting to and from work. Categories of records in the system: Name, last four of Social Security Number... contain the full name of the individual and last four of Social Security Number (SSN). The system manager...

National Computer Security Conference Proceedings (11th): A Postscript: Computer Security--Into the Future, 17-20 October 1988

DTIC Science & Technology

1988-10-20

The LOCK project , from its very beginnings as an implementation study for the Provably Secure Operating System in 1979...to the security field, can study to gain insight into the evaluation process. The project has developed an innovative format for the DTLS and FTLS...management tern becomes available, the Al Secure DBMS will be system (DBMS) that is currently being developed un- ported to it . der the Advanced

Comparative Assessment of Physical and Social Determinants of Water Quantity and Water Quality Concerns

NASA Astrophysics Data System (ADS)

Gunda, T.; Hornberger, G. M.

2017-12-01

Concerns over water resources have evolved over time, from physical availability to economic access and recently, to a more comprehensive study of "water security," which is inherently interdisciplinary because a secure water system is influenced by and affects both physical and social components. The concept of water security carries connotations of both an adequate supply of water as well as water that meets certain quality standards. Although the term "water security" has many interpretations in the literature, the research field has not yet developed a synthetic analysis of water security as both a quantity (availability) and quality (contamination) issue. Using qualitative comparative and multi-regression analyses, we evaluate the primary physical and social factors influencing U.S. states' water security from a quantity perspective and from a quality perspective. Water system characteristics are collated from academic and government sources and include access/use, governance, and sociodemographic, and ecosystem metrics. Our analysis indicates differences in variables driving availability and contamination concerns; for example, climate is a more significant determinant in water quantity-based security analyses than in water quality-based security analyses. We will also discuss coevolution of system traits and the merits of constructing a robust water security index based on the relative importance of metrics from our analyses. These insights will improve understanding of the complex interactions between quantity and quality aspects and thus, overall security of water systems.

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor development kid and Embedded Linux operation system.