Science.gov

Sample records for complete security framework

  1. A Security Framework for Online Distance Learning and Training.

    ERIC Educational Resources Information Center

    Furnell, S. M.; Onions, P. D.; Bleimann, U.; Gojny, U.; Knahl, M.; Roder, H. F.; Sanders, P. W.

    1998-01-01

    Presents a generic reference model for online distance learning and discusses security issues for each stage (enrollment, study, completion, termination, suspension). Discusses a security framework (authentication and accountability, access control, intrusion detection, network communications, nonrepudiation, learning resources provider…

  2. Framework for Flexible Security in Group Communications

    NASA Technical Reports Server (NTRS)

    McDaniel, Patrick; Prakash, Atul

    2006-01-01

    The Antigone software system defines a framework for the flexible definition and implementation of security policies in group communication systems. Antigone does not dictate the available security policies, but provides high-level mechanisms for implementing them. A central element of the Antigone architecture is a suite of such mechanisms comprising micro-protocols that provide the basic services needed by secure groups.

  3. A general framework for complete positivity

    NASA Astrophysics Data System (ADS)

    Dominy, Jason M.; Shabani, Alireza; Lidar, Daniel A.

    2016-01-01

    Complete positivity of quantum dynamics is often viewed as a litmus test for physicality; yet, it is well known that correlated initial states need not give rise to completely positive evolutions. This observation spurred numerous investigations over the past two decades attempting to identify necessary and sufficient conditions for complete positivity. Here, we describe a complete and consistent mathematical framework for the discussion and analysis of complete positivity for correlated initial states of open quantum systems. This formalism is built upon a few simple axioms and is sufficiently general to contain all prior methodologies going back to Pechakas (Phys Rev Lett 73:1060-1062, 1994). The key observation is that initial system-bath states with the same reduced state on the system must evolve under all admissible unitary operators to system-bath states with the same reduced state on the system, in order to ensure that the induced dynamical maps on the system are well defined. Once this consistency condition is imposed, related concepts such as the assignment map and the dynamical maps are uniquely defined. In general, the dynamical maps may not be applied to arbitrary system states, but only to those in an appropriately defined physical domain. We show that the constrained nature of the problem gives rise to not one but three inequivalent types of complete positivity. Using this framework, we elucidate the limitations of recent attempts to provide conditions for complete positivity using quantum discord and the quantum data processing inequality. In particular, we correct the claim made by two of us (Shabani and Lidar in Phys Rev Lett 102:100402-100404, 2009) that vanishing discord is necessary for complete positivity, and explain that it is valid only for a particular class of initial states. The problem remains open, and may require fresh perspectives and new mathematical tools. The formalism presented herein may be one step in that direction.

  4. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  5. The Regulatory Framework for Privacy and Security

    NASA Astrophysics Data System (ADS)

    Hiller, Janine S.

    The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

  6. Reinforcement of a mandibular complete denture with internal metal framework.

    PubMed

    Balch, J Heath; Smith, Pamela D; Marin, Mark A; Cagna, David R

    2013-03-01

    Metal framework reinforcement is used in complete dentures to improve the fracture resistance, dimensional stability, accuracy, weight, and retention of a definitive prosthesis. A novel technique for suspending a metal framework within the denture base of mandibular complete dentures is described.

  7. A security framework for nationwide health information exchange based on telehealth strategy.

    PubMed

    Zaidan, B B; Haiqi, Ahmed; Zaidan, A A; Abdulnabi, Mohamed; Kiah, M L Mat; Muzamel, Hussaen

    2015-05-01

    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.

  8. A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

    NASA Astrophysics Data System (ADS)

    Hassan, Ahmed A.; Bahgat, Waleed M.

    2010-01-01

    Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

  9. Sensor based framework for secure multimedia communication in VANET.

    PubMed

    Rahim, Aneel; Khan, Zeeshan Shafi; Bin Muhaya, Fahad T; Sher, Muhammad; Kim, Tai-Hoon

    2010-01-01

    Secure multimedia communication enhances the safety of passengers by providing visual pictures of accidents and danger situations. In this paper we proposed a framework for secure multimedia communication in Vehicular Ad-Hoc Networks (VANETs). Our proposed framework is mainly divided into four components: redundant information, priority assignment, malicious data verification and malicious node verification. The proposed scheme jhas been validated with the help of the NS-2 network simulator and the Evalvid tool. PMID:22163462

  10. Security Frameworks for Machine-to-Machine Devices and Networks

    NASA Astrophysics Data System (ADS)

    Demblewski, Michael

    Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

  11. Photon Temporal Modes: A Complete Framework for Quantum Information Science

    NASA Astrophysics Data System (ADS)

    Brecht, B.; Reddy, Dileep V.; Silberhorn, C.; Raymer, M. G.

    2015-10-01

    Field-orthogonal temporal modes of photonic quantum states provide a new framework for quantum information science (QIS). They intrinsically span a high-dimensional Hilbert space and lend themselves to integration into existing single-mode fiber communication networks. We show that the three main requirements to construct a valid framework for QIS—the controlled generation of resource states, the targeted and highly efficient manipulation of temporal modes, and their efficient detection—can be fulfilled with current technology. We suggest implementations of diverse QIS applications based on this complete set of building blocks.

  12. a Unified Blending Framework for Panorama Completion via Graph Cuts

    NASA Astrophysics Data System (ADS)

    Chen, Kai; Yao, Jian; Xia, Menghan; Gui, Xinyuan; Lu, Xiaohu; Li, Li

    2016-06-01

    In this paper, we propose a unified framework for efficiently completing streetview and indoor 360° panoramas due to the lack of bottom areas caused by the occlusion of the acquisition platform. To greatly reduce the severe distortion at the bottom of the panorama, we first reproject it onto the ground perspective plane containing the whole occluded region to be completed. Then, we formulate the image completion problem in an improved graph cuts optimization framework based on the statistics of similar patches by strengthening the boundary constraints. To further eliminate image luminance differences and color deviations and conceal geometrical parallax among the optimally selected patches for completion, we creatively apply a multi-bland image blending algorithm for perfect image mosaicking from the completed patches and the originally reprojected image. Finally, we back-project the completed and blended ground perspective image into the cylindrical-projection panorama followed by a simple feathering to further reduce artifacts in the panorama. Experimental results on some representative non-panoramic images and streetview and indoor panoramas demonstrate the efficiency and robustness of the proposed method even in some challenging cases.

  13. A Secure Information Framework with APRQ Properties

    NASA Astrophysics Data System (ADS)

    Rupa, Ch.

    2016-08-01

    Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.

  14. Incorporating Risk and Indicators into a Water Security Framework

    NASA Astrophysics Data System (ADS)

    Allen, D. M.; Bakker, K.; Simpson, M. W.; Norman, E.; Dunn, G.

    2010-12-01

    The concept of water security has received growing attention over the past five years in academic debates and policy circles, particularly with respect to cumulative impacts assessment and watershed management. We propose an integrative definition for water security; one that considers both stressors and impacts (or effects) on hydrological systems. We present a water security assessment framework that considers status and risk indicators for both water quality and quantity as measures of impacts. This assessment framework also integrates the social sciences with natural science, engineering, and public health, providing opportunities to address environmental challenges, including the relationship between water and land use dynamics, the integration of aquatic ecosystem and human health concerns, and the alignment of governance with water management imperatives. We argue that this framework has the potential to advance water science, the contributing disciplines, and water policy and management.

  15. Cyber Security Research Frameworks For Coevolutionary Network Defense

    SciTech Connect

    Rush, George D.; Tauritz, Daniel Remy

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  16. A flexible framework for secure and efficient program obfuscation.

    SciTech Connect

    Solis, John Hector

    2013-03-01

    In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a secure program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.

  17. 17 CFR 300.307 - Completion with cash or securities of customer.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... securities of customer. 300.307 Section 300.307 Commodity and Securities Exchanges SECURITIES AND EXCHANGE... customer. The trustee may, if authorized by the court, complete an open contractual commitment of the... completed with customer name securities of the customer of the debtor for whose account the commitment...

  18. NINJA: a noninvasive framework for internal computer security hardening

    NASA Astrophysics Data System (ADS)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  19. A conceptual security framework for personal health records (PHRs).

    PubMed

    Poulymenopoulou, Mikaela; Papakonstantinou, Despina; Malamateniou, Flora; Prentza, Andriana; Vassilacopoulos, George

    2013-01-01

    Electronic personal health record (PHR) is a citizen-centric information tool that allows citizens to control their personal information. However, an ideal PHR should also allow citizens to connect with their formal and informal caregivers (e.g. a family member, a caregiver) and together manage citizen health and social information. This introduces specific challenges in terms of security since multiple parties make entries and require access to PHR data. Since citizens are typically non-security and non-domain experts is considered impossible to control all this information. To this end, this paper presents a conceptual security framework for the employment of an attribute-based PHR access control policy that is continually updated according to providers' local security policies and individual professionals and citizen sharing preferences.

  20. A Trust Based Clustering Framework for Securing Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Chatterjee, Pushpita; Sengupta, Indranil; Ghosh, S. K.

    In this paper we present a distributed self-organizing trust based clustering framework for securing ad hoc networks. The mobile nodes are vulnerable to security attacks, so ensuring the security of the network is essential. To enhance security, it is important to evaluate the trustworthiness of nodes without depending on central authorities. In our proposal the evidence of trustworthiness is captured in an efficient manner and from broader perspectives including direct interactions with neighbors, observing interactions of neighbors and through recommendations. Our prediction scheme uses a trust evaluation algorithm at each node to calculate the direct trust rating normalized as a fuzzy value between zero and one. The evidence theory of Dempster-Shafer [9], [10] is used in order to combine the evidences collected by a clusterhead itself and the recommendations from other neighbor nodes. Moreover, in our scheme we do not restrict to a single gateway node for inter cluster routing.

  1. Installing hydrolytic activity into a completely de novo protein framework

    NASA Astrophysics Data System (ADS)

    Burton, Antony J.; Thomson, Andrew R.; Dawson, William M.; Brady, R. Leo; Woolfson, Derek N.

    2016-09-01

    The design of enzyme-like catalysts tests our understanding of sequence-to-structure/function relationships in proteins. Here we install hydrolytic activity predictably into a completely de novo and thermostable α-helical barrel, which comprises seven helices arranged around an accessible channel. We show that the lumen of the barrel accepts 21 mutations to functional polar residues. The resulting variant, which has cysteine-histidine-glutamic acid triads on each helix, hydrolyses p-nitrophenyl acetate with catalytic efficiencies that match the most-efficient redesigned hydrolases based on natural protein scaffolds. This is the first report of a functional catalytic triad engineered into a de novo protein framework. The flexibility of our system also allows the facile incorporation of unnatural side chains to improve activity and probe the catalytic mechanism. Such a predictable and robust construction of truly de novo biocatalysts holds promise for applications in chemical and biochemical synthesis.

  2. Installing hydrolytic activity into a completely de novo protein framework

    NASA Astrophysics Data System (ADS)

    Burton, Antony J.; Thomson, Andrew R.; Dawson, William M.; Brady, R. Leo; Woolfson, Derek N.

    2016-09-01

    The design of enzyme-like catalysts tests our understanding of sequence-to-structure/function relationships in proteins. Here we install hydrolytic activity predictably into a completely de novo and thermostable α-helical barrel, which comprises seven helices arranged around an accessible channel. We show that the lumen of the barrel accepts 21 mutations to functional polar residues. The resulting variant, which has cysteine–histidine–glutamic acid triads on each helix, hydrolyses p-nitrophenyl acetate with catalytic efficiencies that match the most-efficient redesigned hydrolases based on natural protein scaffolds. This is the first report of a functional catalytic triad engineered into a de novo protein framework. The flexibility of our system also allows the facile incorporation of unnatural side chains to improve activity and probe the catalytic mechanism. Such a predictable and robust construction of truly de novo biocatalysts holds promise for applications in chemical and biochemical synthesis.

  3. Installing hydrolytic activity into a completely de novo protein framework.

    PubMed

    Burton, Antony J; Thomson, Andrew R; Dawson, William M; Brady, R Leo; Woolfson, Derek N

    2016-09-01

    The design of enzyme-like catalysts tests our understanding of sequence-to-structure/function relationships in proteins. Here we install hydrolytic activity predictably into a completely de novo and thermostable α-helical barrel, which comprises seven helices arranged around an accessible channel. We show that the lumen of the barrel accepts 21 mutations to functional polar residues. The resulting variant, which has cysteine-histidine-glutamic acid triads on each helix, hydrolyses p-nitrophenyl acetate with catalytic efficiencies that match the most-efficient redesigned hydrolases based on natural protein scaffolds. This is the first report of a functional catalytic triad engineered into a de novo protein framework. The flexibility of our system also allows the facile incorporation of unnatural side chains to improve activity and probe the catalytic mechanism. Such a predictable and robust construction of truly de novo biocatalysts holds promise for applications in chemical and biochemical synthesis. PMID:27554410

  4. An integrated security framework for GOSS power grid analytics platform

    SciTech Connect

    Gibson, Tara D.; Ciraci, Selim; Sharma, Poorva; Allwardt, Craig H.; Rice, Mark J.; Akyol, Bora A.

    2014-06-23

    In power grid operations, security is an essential component for any middleware platform. Security protects data against unwanted access as well as cyber attacks. GridOpticsTM Software System (GOSS) is an open source power grid analytics platform that facilitates ease of access between applications and data sources and promotes development of advanced analytical applications. GOSS contains an API that abstracts many of the difficulties in connecting to various heterogeneous data sources. A number of applications and data sources have already been implemented to demonstrate functionality and ease of use. A security framework has been implemented which leverages widely accepted, robust JavaTM security tools in a way such that they can be interchanged as needed. This framework supports the complex fine-grained, access control rules identified for the diverse data sources already in GOSS. Performance and reliability are also important considerations in any power grid architecture. An evaluation is done to determine the overhead cost caused by security within GOSS and ensure minimal impact to performance.

  5. Income distribution patterns from a complete social security database

    NASA Astrophysics Data System (ADS)

    Derzsy, N.; Néda, Z.; Santos, M. A.

    2012-11-01

    We analyze the income distribution of employees for 9 consecutive years (2001-2009) using a complete social security database for an economically important district of Romania. The database contains detailed information on more than half million taxpayers, including their monthly salaries from all employers where they worked. Besides studying the characteristic distribution functions in the high and low/medium income limits, the database allows us a detailed dynamical study by following the time-evolution of the taxpayers income. To our knowledge, this is the first extensive study of this kind (a previous Japanese taxpayers survey was limited to two years). In the high income limit we prove once again the validity of Pareto’s law, obtaining a perfect scaling on four orders of magnitude in the rank for all the studied years. The obtained Pareto exponents are quite stable with values around α≈2.5, in spite of the fact that during this period the economy developed rapidly and also a financial-economic crisis hit Romania in 2007-2008. For the low and medium income category we confirmed the exponential-type income distribution. Following the income of employees in time, we have found that the top limit of the income distribution is a highly dynamical region with strong fluctuations in the rank. In this region, the observed dynamics is consistent with a multiplicative random growth hypothesis. Contrarily with previous results obtained for the Japanese employees, we find that the logarithmic growth-rate is not independent of the income.

  6. Towards secure virtual directories : a risk analysis framework.

    SciTech Connect

    Claycomb, William R.

    2010-07-01

    Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to virtual directory services, including steps for detection and prevention. We also describe various categories of attack risks, and discuss what is necessary to launch an attack on virtual directories. Finally, we present a framework to use in analyzing risks to individual enterprise computing virtual directory instances. We show how to apply this framework to an example implementation, and discuss the benefits of doing so.

  7. A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications

    NASA Astrophysics Data System (ADS)

    Badan, Stephen; Probst, Julien; Jaton, Markus; Vionnet, Damien; Wagen, Jean-Frédéric; Litzistorf, Gérald

    Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.

  8. Security framework for networked storage system based on artificial immune system

    NASA Astrophysics Data System (ADS)

    Huang, Jianzhong; Xie, Changsheng; Zhang, Chengfeng; Zhan, Ling

    2007-11-01

    This paper proposed a theoretical framework for the networked storage system addressing the storage security. The immune system is an adaptive learning system, which can recognize, classify and eliminate 'non-self' such as foreign pathogens. Thus, we introduced the artificial immune technique to the storage security research, and proposed a full theoretical framework for storage security system. Under this framework, it is possible to carry out the quantitative evaluation for the storage security system using modeling language of artificial immune system (AIS), and the evaluation can offer security consideration for the deployment of networked storage system. Meanwhile, it is potential to obtain the active defense technique suitable for networked storage system via exploring the principle of AIS and achieve a highly secure storage system with immune characteristic.

  9. A threat intelligence framework for access control security in the oil industry

    NASA Astrophysics Data System (ADS)

    Alaskandrani, Faisal T.

    The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

  10. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect

    Robert P. Evans

    2005-09-01

    in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry

  11. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    PubMed

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

  12. Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

    PubMed

    Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

    2014-10-01

    One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time. PMID:25199651

  13. A Framework for the Governance of Information Security

    ERIC Educational Resources Information Center

    Edwards, Charles K.

    2013-01-01

    Information security is a complex issue, which is very critical for success of modern businesses. It can be implemented with the help of well-tested global standards and best practices. However, it has been studied that the human aspects of information security compliance pose significant challenge to its practitioners. There has been significant…

  14. Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

    SciTech Connect

    Badwan, Faris M.; Demuth, Scott F

    2015-01-06

    Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is a fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the

  15. Towards a Relation Extraction Framework for Cyber-Security Concepts

    SciTech Connect

    Jones, Corinne L; Bridges, Robert A; Huffer, Kelly M; Goodall, John R

    2015-01-01

    In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised NLP and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.

  16. Framework for securing personal health data in clinical decision support systems.

    PubMed

    Sandell, Protik

    2007-01-01

    If appropriate security mechanisms aren't in place, individuals and groups can get unauthorized access to personal health data residing in clinical decision support systems (CDSS). These concerns are well founded; there has been a dramatic increase in reports of security incidents. The paper provides a framework for securing personal health data in CDSS. The framework breaks down CDSS into data gathering, data management and data delivery functions. It then provides the vulnerabilities that can occur in clinical decision support activities and the measures that need to be taken to protect the data. The framework is applied to protect the confidentiality, integrity and availability of personal health data in a decision support system. Using the framework, project managers and architects can assess the potential risk of unauthorized data access in their decision support system. Moreover they can design systems and procedures to effectively secure personal health data.

  17. Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

    PubMed Central

    Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

    2015-01-01

    Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical

  18. A Cluster-Based Framework for the Security of Medical Sensor Environments

    NASA Astrophysics Data System (ADS)

    Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

    The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

  19. Towards a Bio-inspired Security Framework for Mission-Critical Wireless Sensor Networks

    NASA Astrophysics Data System (ADS)

    Ren, Wei; Song, Jun; Ma, Zhao; Huang, Shiyong

    Mission-critical wireless sensor networks (WSNs) have been found in numerous promising applications in civil and military fields. However, the functionality of WSNs extensively relies on its security capability for detecting and defending sophisticated adversaries, such as Sybil, worm hole and mobile adversaries. In this paper, we propose a bio-inspired security framework to provide intelligence-enabled security mechanisms. This scheme is composed of a middleware, multiple agents and mobile agents. The agents monitor the network packets, host activities, make decisions and launch corresponding responses. Middleware performs an infrastructure for the communication between various agents and corresponding mobility. Certain cognitive models and intelligent algorithms such as Layered Reference Model of Brain and Self-Organizing Neural Network with Competitive Learning are explored in the context of sensor networks that have resource constraints. The security framework and implementation are also described in details.

  20. Towards A Network-of-Networks Framework for Cyber Security

    SciTech Connect

    Halappanavar, Mahantesh; Choudhury, Sutanay; Hogan, Emilie A.; Hui, Peter SY; Johnson, John R.; Ray, Indrajit; Holder, Lawrence B.

    2013-06-07

    Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this paper we build towards a three-layer NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We then discuss the potential benefits of graph-theoretic analysis enabled from such a model. Our goal is to provide a novel and powerful tool for modeling and analyzing problems in cyber security.

  1. A Framework for Understanding and Applying Ethical Principles in Network and Security Research

    NASA Astrophysics Data System (ADS)

    Kenneally, Erin; Bailey, Michael; Maughan, Douglas

    Current information and communications technology poses a variety of ethical challenges for researchers. In this paper, we present an intellectual framework for understanding and applying ethical principles in networking and security research rooted in the guidance suggested by an ongoing Department of Homeland Security working group on ethics. By providing this prototype ethical impact assessment, we seek to encourage community feedback on the working group's nascent efforts and spur researchers to concretely evaluate the ethical impact of their work.

  2. A compressive sensing based secure watermark detection and privacy preserving storage framework.

    PubMed

    Qia Wang; Wenjun Zeng; Jun Tian

    2014-03-01

    Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service, such as the cloud. In this paper, we identify a cloud computing application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We then propose a compressive sensing (CS)-based framework using secure multiparty computation (MPC) protocols to address such a requirement. In our framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a CS domain to protect the privacy. During CS transformation, the privacy of the CS matrix and the watermark pattern is protected by the MPC protocols under the semi-honest security model. We derive the expected watermark detection performance in the CS domain, given the target image, watermark pattern, and the size of the CS matrix (but without the CS matrix itself). The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the CS domain is feasible. Our framework can also be extended to other collaborative secure signal processing and data-mining applications in the cloud.

  3. K-12 access to internet: Securing the legal framework

    NASA Astrophysics Data System (ADS)

    Blauassociate, Andrew

    1993-09-01

    While many people in government, education, and industry have lauded the potential educational value of Internet access for students in grades K-12, there is as yet no legal or regulatory framework within which this new medium is being offered to students. The Communications Policy Forum, a nonpartisan project of the Electronic Frontier Foundation, recently convened a roundtable to discuss some of the legal issues that arise when K-12 schools provide Internet access to their students. Approximately 15 people, representing carriers who provide connections to the Internet, schools or school systems who are connected to the Internet, and legal experts with expertise in this and related areas, met to discuss questions of legal liability as this new medium enters an educational setting for minors. The following attempts to capture the major issues, suggestions, and directions for further collaborative efforts raised during the course of that discussion. In brief, the group identified statutory language aimed at other types of electronic communication that may offer some guidance; was briefed on a host of state laws that could be used to prosecute providers of certain materials found on the Internet; and concluded that there is no case law that clearly applies to this setting. The discussion revealed an interest in anticipating issues and developing responses before problems arose, and the need for shared approaches to allow carriers to move forward in serving and expanding this field. Members of the group offered to pursue these issues jointly and agreed upon a handful of concrete steps for further exploration and discussion.

  4. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

    PubMed

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  5. An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

    PubMed Central

    Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

    2015-01-01

    Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

  6. Framework for Deploying a Virtualized Computing Environment for Collaborative and Secure Data Analytics

    PubMed Central

    Meyer, Adrian; Green, Laura; Faulk, Ciearro; Galla, Stephen; Meyer, Anne-Marie

    2016-01-01

    Introduction: Large amounts of health data generated by a wide range of health care applications across a variety of systems have the potential to offer valuable insight into populations and health care systems, but robust and secure computing and analytic systems are required to leverage this information. Framework: We discuss our experiences deploying a Secure Data Analysis Platform (SeDAP), and provide a framework to plan, build and deploy a virtual desktop infrastructure (VDI) to enable innovation, collaboration and operate within academic funding structures. It outlines 6 core components: Security, Ease of Access, Performance, Cost, Tools, and Training. Conclusion: A platform like SeDAP is not simply successful through technical excellence and performance. It’s adoption is dependent on a collaborative environment where researchers and users plan and evaluate the requirements of all aspects. PMID:27683665

  7. Framework for Deploying a Virtualized Computing Environment for Collaborative and Secure Data Analytics

    PubMed Central

    Meyer, Adrian; Green, Laura; Faulk, Ciearro; Galla, Stephen; Meyer, Anne-Marie

    2016-01-01

    Introduction: Large amounts of health data generated by a wide range of health care applications across a variety of systems have the potential to offer valuable insight into populations and health care systems, but robust and secure computing and analytic systems are required to leverage this information. Framework: We discuss our experiences deploying a Secure Data Analysis Platform (SeDAP), and provide a framework to plan, build and deploy a virtual desktop infrastructure (VDI) to enable innovation, collaboration and operate within academic funding structures. It outlines 6 core components: Security, Ease of Access, Performance, Cost, Tools, and Training. Conclusion: A platform like SeDAP is not simply successful through technical excellence and performance. It’s adoption is dependent on a collaborative environment where researchers and users plan and evaluate the requirements of all aspects.

  8. SecourHealth: a delay-tolerant security framework for mobile health data collection.

    PubMed

    Simplicio, Marcos A; Iwaya, Leonardo H; Barros, Bruno M; Carvalho, Tereza C M B; Näslund, Mats

    2015-03-01

    Security is one of the most imperative requirements for the success of systems that deal with highly sensitive data, such as medical information. However, many existing mobile health solutions focused on collecting patients' data at their homes that do not include security among their main requirements. Aiming to tackle this issue, this paper presents SecourHealth, a lightweight security framework focused on highly sensitive data collection applications. SecourHealth provides many security services for both stored and in-transit data, displaying interesting features such as tolerance to lack of connectivity (a common issue when promoting health in remote locations) and the ability to protect data even if the device is lost/stolen or shared by different data collection agents. Together with the system's description and analysis, we also show how SecourHealth can be integrated into a real data collection solution currently deployed in the city of Sao Paulo, Brazil.

  9. Policy Framework for Addressing Personal Security Issues Concerning Women and Girls. National Strategy on Community Safety and Crime Prevention.

    ERIC Educational Resources Information Center

    National Crime Prevention Centre, Ottawa (Ontario).

    This document presents a policy framework for improving the personal security of women and girls. The document includes: (1) "Introduction"; (2) "Policy Background" (the concept of personal security, the societal context of women's personal security, consequences of violence for women and girls, long-term policy concern, and building an integrated…

  10. Attachment Based Treatments for Adolescents: The Secure Cycle as a Framework for Assessment, Treatment and Evaluation

    PubMed Central

    Kobak, Roger; Zajac, Kristyn; Herres, Joanna; KrauthamerEwing, E. Stephanie

    2016-01-01

    The emergence of ABTs for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: 1) the child or adult’s IWM of the caregiver; 2) emotionally attuned communication; and 3) the caregiver’s IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main’s contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components. PMID:25744572

  11. Integrated Framework for Information Security in Mobile Banking Service Based on Smart Phone

    NASA Astrophysics Data System (ADS)

    Shin, Yong-Nyuo; Chun, Myung Geun

    Since Apple launched the iPhone service in November 2009 in Korea, smartphone banking users are increasing dramatically, forcing lenders to develop new products to deal with such demand. The bank of korea took the lead in jointing together to create a mobile banking application that each bank can adapt for its own use. In providing smartphone services, it is of critical importance to take the proper security measures, because these services, while offering excellent mobility and convenience, can be easily exposed to various infringement threats. This paper proposes a security framework that should be taken into account by the joint smartphone-based mobile banking development project. The purpose of this paper lies in recognizing the value of smartphones as well as the security threats that are exposed when smartphones are introduced, and provides countermeasures against those threats, so that an integrated information security framework for reliable smartphone-based mobile financial services can be prepared, by explicitly presenting the difference between personal computers and smartphones from the perspective of security.

  12. Food security in a perfect storm: using the ecosystem services framework to increase understanding

    PubMed Central

    Poppy, G. M.; Chiotha, S.; Eigenbrod, F.; Harvey, C. A.; Honzák, M.; Hudson, M. D.; Jarvis, A.; Madise, N. J.; Schreckenberg, K.; Shackleton, C. M.; Villa, F.; Dawson, T. P.

    2014-01-01

    Achieving food security in a ‘perfect storm’ scenario is a grand challenge for society. Climate change and an expanding global population act in concert to make global food security even more complex and demanding. As achieving food security and the millennium development goal (MDG) to eradicate hunger influences the attainment of other MDGs, it is imperative that we offer solutions which are complementary and do not oppose one another. Sustainable intensification of agriculture has been proposed as a way to address hunger while also minimizing further environmental impact. However, the desire to raise productivity and yields has historically led to a degraded environment, reduced biodiversity and a reduction in ecosystem services (ES), with the greatest impacts affecting the poor. This paper proposes that the ES framework coupled with a policy response framework, for example Driver-Pressure-State-Impact-Response (DPSIR), can allow food security to be delivered alongside healthy ecosystems, which provide many other valuable services to humankind. Too often, agro-ecosystems have been considered as separate from other natural ecosystems and insufficient attention has been paid to the way in which services can flow to and from the agro-ecosystem to surrounding ecosystems. Highlighting recent research in a large multi-disciplinary project (ASSETS), we illustrate the ES approach to food security using a case study from the Zomba district of Malawi. PMID:24535394

  13. Attachment based treatments for adolescents: the secure cycle as a framework for assessment, treatment and evaluation.

    PubMed

    Kobak, Roger; Zajac, Kristyn; Herres, Joanna; Krauthamer Ewing, E Stephanie

    2015-01-01

    The emergence of attachment-based treatments (ABTs) for adolescents highlights the need to more clearly define and evaluate these treatments in the context of other attachment based treatments for young children and adults. We propose a general framework for defining and evaluating ABTs that describes the cyclical processes that are required to maintain a secure attachment bond. This secure cycle incorporates three components: (1) the child or adult's IWM of the caregiver; (2) emotionally attuned communication; and (3) the caregiver's IWM of the child or adult. We briefly review Bowlby, Ainsworth, and Main's contributions to defining the components of the secure cycle and discuss how this framework can be adapted for understanding the process of change in ABTs. For clinicians working with adolescents, our model can be used to identify how deviations from the secure cycle (attachment injuries, empathic failures and mistuned communication) contribute to family distress and psychopathology. The secure cycle also provides a way of describing the ABT elements that have been used to revise IWMs or improve emotionally attuned communication. For researchers, our model provides a guide for conceptualizing and measuring change in attachment constructs and how change in one component of the interpersonal cycle should generalize to other components. PMID:25744572

  14. Food security in a perfect storm: using the ecosystem services framework to increase understanding.

    PubMed

    Poppy, G M; Chiotha, S; Eigenbrod, F; Harvey, C A; Honzák, M; Hudson, M D; Jarvis, A; Madise, N J; Schreckenberg, K; Shackleton, C M; Villa, F; Dawson, T P

    2014-04-01

    Achieving food security in a 'perfect storm' scenario is a grand challenge for society. Climate change and an expanding global population act in concert to make global food security even more complex and demanding. As achieving food security and the millennium development goal (MDG) to eradicate hunger influences the attainment of other MDGs, it is imperative that we offer solutions which are complementary and do not oppose one another. Sustainable intensification of agriculture has been proposed as a way to address hunger while also minimizing further environmental impact. However, the desire to raise productivity and yields has historically led to a degraded environment, reduced biodiversity and a reduction in ecosystem services (ES), with the greatest impacts affecting the poor. This paper proposes that the ES framework coupled with a policy response framework, for example Driver-Pressure-State-Impact-Response (DPSIR), can allow food security to be delivered alongside healthy ecosystems, which provide many other valuable services to humankind. Too often, agro-ecosystems have been considered as separate from other natural ecosystems and insufficient attention has been paid to the way in which services can flow to and from the agro-ecosystem to surrounding ecosystems. Highlighting recent research in a large multi-disciplinary project (ASSETS), we illustrate the ES approach to food security using a case study from the Zomba district of Malawi.

  15. A healthcare-driven framework for facilitating the secure sharing of data across organisational boundaries.

    PubMed

    Simpson, Andrew; Power, David; Russell, Douglas; Slaymaker, Mark; Kouadri Mostefaoui, Ghita; Ma, Xiaoqi; Wilson, Graeme

    2008-01-01

    We report upon the development of sif (for service-oriented interoperability framework), a platform that has been developed to support the secure aggregation of medical data from disparate sources. By taking a data-agnostic approach to data access and transfer, sif provides a generic interface to data sources, which allows the current version to expose data from any relational database and any file system in a secure fashion. Application developers may then access and utilise such data via a simple API. sif is being developed within the GIMI (Generic Infrastructure for Medical Informatics) project; as such, we discuss its various applications within that context.

  16. A study of IEEE 802.15.4 security framework for wireless body area networks.

    PubMed

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

  17. A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

    PubMed Central

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

  18. A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

    PubMed

    Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

    2014-08-01

    This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers.

  19. A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

    PubMed

    Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

    2014-08-01

    This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers. PMID:24708041

  20. SparRec: An effective matrix completion framework of missing data imputation for GWAS

    PubMed Central

    Jiang, Bo; Ma, Shiqian; Causey, Jason; Qiao, Linbo; Hardin, Matthew Price; Bitts, Ian; Johnson, Daniel; Zhang, Shuzhong; Huang, Xiuzhen

    2016-01-01

    Genome-wide association studies present computational challenges for missing data imputation, while the advances of genotype technologies are generating datasets of large sample sizes with sample sets genotyped on multiple SNP chips. We present a new framework SparRec (Sparse Recovery) for imputation, with the following properties: (1) The optimization models of SparRec, based on low-rank and low number of co-clusters of matrices, are different from current statistics methods. While our low-rank matrix completion (LRMC) model is similar to Mendel-Impute, our matrix co-clustering factorization (MCCF) model is completely new. (2) SparRec, as other matrix completion methods, is flexible to be applied to missing data imputation for large meta-analysis with different cohorts genotyped on different sets of SNPs, even when there is no reference panel. This kind of meta-analysis is very challenging for current statistics based methods. (3) SparRec has consistent performance and achieves high recovery accuracy even when the missing data rate is as high as 90%. Compared with Mendel-Impute, our low-rank based method achieves similar accuracy and efficiency, while the co-clustering based method has advantages in running time. The testing results show that SparRec has significant advantages and competitive performance over other state-of-the-art existing statistics methods including Beagle and fastPhase. PMID:27762341

  1. One Health in food safety and security education: A curricular framework.

    PubMed

    Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

    2016-02-01

    The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts.

  2. One Health in food safety and security education: A curricular framework.

    PubMed

    Angelos, J; Arens, A; Johnson, H; Cadriel, J; Osburn, B

    2016-02-01

    The challenges of producing and distributing the food necessary to feed an anticipated 9 billion people in developed and developing societies by 2050 without destroying Earth's finite soil and water resources present extremely complex problems that lack simple solutions. The ability of modern societies to adequately address these and other food-related problems will require an educated workforce trained not only in traditional food safety, security, and public health, but also in other areas including food production, sustainable practices, and ecosystem health. To help address the need for such an educated workforce, a curricular framework was developed to assist those tasked with designing education and training for future food systems workers. One sentence summary: A curricular framework for education and training in food safety and security was developed that incorporates One Health concepts. PMID:26851591

  3. Generic framework for the secure Yuen 2000 quantum-encryption protocol employing the wire-tap channel approach

    SciTech Connect

    Mihaljevic, Miodrag J.

    2007-05-15

    It is shown that the security, against known-plaintext attacks, of the Yuen 2000 (Y00) quantum-encryption protocol can be considered via the wire-tap channel model assuming that the heterodyne measurement yields the sample for security evaluation. Employing the results reported on the wire-tap channel, a generic framework is proposed for developing secure Y00 instantiations. The proposed framework employs a dedicated encoding which together with inherent quantum noise at the attacker's side provides Y00 security.

  4. A motion detection-based framework for improving image quality of CCTV security systems.

    PubMed

    Chiu, Shih-Hsuan; Lu, Chuan-Pin; Wen, Che-Yen

    2006-09-01

    Closed-circuit television (CCTV) security systems have been widely used in banks, convenience stores, and other facilities. They are useful to deter crime and depict criminal activity. However, CCTV cameras that provide an overview of a monitored region can be useful for criminal investigation but sometimes can also be used for object identification (e.g., vehicle numbers, persons, etc.). In this paper, we propose a framework for improving the image quality of CCTV security systems. This framework is based upon motion detection technology. There are two cameras in the framework: one camera (camera A) is fixed focus with a zoom lens for moving-object detection, and the other one (camera B) is variable focus with an auto-zoom lens to capture higher resolution images of the objects of interest. When camera A detects a moving object in the monitored area, camera B, driven by an auto-zoom focus control algorithm, will take a higher resolution image of the object of interest. Experimental results show that the proposed framework can improve the likelihood that images obtained from stationary unattended CCTV cameras are sufficient to enable law enforcement officials to identify suspects and other objects of interest.

  5. Framework for Integrating Safety, Operations, Security, and Safeguards in the Design and Operation of Nuclear Facilities

    SciTech Connect

    Darby, John L.; Horak, Karl Emanuel; LaChance, Jeffrey L.; Tolk, Keith Michael; Whitehead, Donnie Wayne

    2007-10-01

    The US is currently on the brink of a nuclear renaissance that will result in near-term construction of new nuclear power plants. In addition, the Department of Energy’s (DOE) ambitious new Global Nuclear Energy Partnership (GNEP) program includes facilities for reprocessing spent nuclear fuel and reactors for transmuting safeguards material. The use of nuclear power and material has inherent safety, security, and safeguards (SSS) concerns that can impact the operation of the facilities. Recent concern over terrorist attacks and nuclear proliferation led to an increased emphasis on security and safeguard issues as well as the more traditional safety emphasis. To meet both domestic and international requirements, nuclear facilities include specific SSS measures that are identified and evaluated through the use of detailed analysis techniques. In the past, these individual assessments have not been integrated, which led to inefficient and costly design and operational requirements. This report provides a framework for a new paradigm where safety, operations, security, and safeguards (SOSS) are integrated into the design and operation of a new facility to decrease cost and increase effectiveness. Although the focus of this framework is on new nuclear facilities, most of the concepts could be applied to any new, high-risk facility.

  6. A secure and easy-to-implement web-based communication framework for caregiving robot teams

    NASA Astrophysics Data System (ADS)

    Tuna, G.; Daş, R.; Tuna, A.; Örenbaş, H.; Baykara, M.; Gülez, K.

    2016-03-01

    In recent years, robots have started to become more commonplace in our lives, from factory floors to museums, festivals and shows. They have started to change how we work and play. With an increase in the population of the elderly, they have also been started to be used for caregiving services, and hence many countries have been investing in the robot development. The advancements in robotics and wireless communications has led to the emergence of autonomous caregiving robot teams which cooperate to accomplish a set of tasks assigned by human operators. Although wireless communications and devices are flexible and convenient, they are vulnerable to many risks compared to traditional wired networks. Since robots with wireless communication capability transmit all data types, including sensory, coordination, and control, through radio frequencies, they are open to intruders and attackers unless protected and their openness may lead to many security issues such as data theft, passive listening, and service interruption. In this paper, a secure web-based communication framework is proposed to address potential security threats due to wireless communication in robot-robot and human-robot interaction. The proposed framework is simple and practical, and can be used by caregiving robot teams in the exchange of sensory data as well as coordination and control data.

  7. A Constraint and Attribute Based Security Framework for Dynamic Role Assignment in Collaborative Environments

    NASA Astrophysics Data System (ADS)

    Cruz, Isabel F.; Gjomemo, Rigel; Lin, Benjamin; Orsini, Mirko

    We investigate a security framework for collaborative applications that relies on the role-based access control (RBAC) model. In our framework, roles are pre-defined and organized in a hierarchy (partial order). However, we assume that users are not previously identified, therefore the actions that they can perform are dynamically determined based on their own attribute values and on the attribute values associated with the resources. Those values can vary over time (e.g., the user’s location or whether the resource is open for visiting) thus enabling or disabling a user’s ability to perform an action on a particular resource. In our framework, constraint values form partial orders and determine the association of actions with the resources and of users with roles. We have implemented our framework by exploring the capabilities of semantic web technologies, and in particular of OWL 1.1, to model both our framework and the domain of interest and to perform several types of reasoning. In addition, we have implemented a user interface whose purpose is twofold: (1) to offer a visual explanation of the underlying reasoning by displaying roles and their associations with users (e.g., as the user’s locations vary); and (2) to enable monitoring of users that are involved in a collaborative application. Our interface uses the Google Maps API and is particularly suited to collaborative applications where the users’ geospatial locations are of interest.

  8. InfoSec-MobCop - Framework for Theft Detection and Data Security on Mobile Computing Devices

    NASA Astrophysics Data System (ADS)

    Gupta, Anand; Gupta, Deepank; Gupta, Nidhi

    People steal mobile devices with the intention of making money either by selling the mobile or by taking the sensitive information stored inside it. Mobile thefts are rising even with existing deterrents in place. This is because; they are ineffective, as they generate unnecessary alerts and might require expensive hardware equipments. In this paper a novel framework termed as InfoSec-MobCop is proposed which secures a mobile user’s data and discovers theft by detecting any anomaly in the user behavior. The anomaly of the user is computed by extracting and monitoring user specific details (typing pattern and usage history). The result of any intrusion attempt by a masquerader is intimated to the service provider through an SMS. Effectiveness of the used approach is discussed using FAR and FRR graphs. The experimental system uses both real users and simulated studies to quantify the effectiveness of the InfoSec-MobCop (Information Security Mobile Cop).

  9. Sustainable Food Security in the Mountains of Pakistan: Towards a Policy Framework.

    PubMed

    Rasul, Golam; Hussain, Abid

    2015-01-01

    The nature and causes of food and livelihood security in mountain areas are quite different to those in the plains. Rapid socioeconomic and environmental changes added to the topographical constraints have exacerbated the problem of food insecurity in the Hindu Kush-Himalayan (HKH) region. In Pakistan, food insecurity is significantly higher in the mountain areas than in the plains as a result of a range of biophysical and socioeconomic factors. The potential of mountain niche products such as fruit, nuts, and livestock has remained underutilized. Moreover, the opportunities offered by globalization, market integration, remittances, and non-farm income have not been fully tapped. This paper analyzes the opportunities and challenges of food security in Pakistan's mountain areas, and outlines a framework for addressing the specific issues in terms of four different types of area differentiated by agro-ecological potential and access to markets, information, and institutional services.

  10. Comprehensive security framework for the communication and storage of medical images

    NASA Astrophysics Data System (ADS)

    Slik, David; Montour, Mike; Altman, Tym

    2003-05-01

    Confidentiality, integrity verification and access control of medical imagery and associated metadata is critical for the successful deployment of integrated healthcare networks that extend beyond the department level. As medical imagery continues to become widely accessed across multiple administrative domains and geographically distributed locations, image data should be able to travel and be stored on untrusted infrastructure, including public networks and server equipment operated by external entities. Given these challenges associated with protecting large-scale distributed networks, measures must be taken to protect patient identifiable information while guarding against tampering, denial of service attacks, and providing robust audit mechanisms. The proposed framework outlines a series of security practices for the protection of medical images, incorporating Transport Layer Security (TLS), public and secret key cryptography, certificate management and a token based trusted computing base. It outlines measures that can be utilized to protect information stored within databases, online and nearline storage, and during transport over trusted and untrusted networks. In addition, it provides a framework for ensuring end-to-end integrity of image data from acquisition to viewing, and presents a potential solution to the challenges associated with access control across multiple administrative domains and institution user bases.

  11. Agile enterprise development framework utilizing services principles for building pervasive security

    NASA Astrophysics Data System (ADS)

    Farroha, Deborah; Farroha, Bassam

    2011-06-01

    We are in an environment of continuously changing mission requirements and therefore our Information Systems must adapt to accomplish new tasks, quicker, in a more proficient manner. Agility is the only way we will be able to keep up with this change. But there are subtleties that must be considered as we adopt various agile methods: secure, protect, control and authenticate are all elements needed to posture our Information Technology systems to counteract the real and perceived threats in today's environment. Many systems have been tasked to ingest process and analyze different data sets than they were originally designed for and they have to interact with multiple new systems that were unaccounted for at design time. Leveraging the tenets of security, we have devised a new framework that takes agility into a new realm where the product will built to work in a service-based environment but is developed using agile processes. Even though these two criteria promise to hone the development effort, they actually contradict each other in philosophy where Services require stable interfaces, while Agile focuses on being flexible and tolerate changes up to much later stages of development. This framework is focused on enabling a successful product development that capitalizes on both philosophies.

  12. A Secure Multicast Framework in Large and High-Mobility Network Groups

    NASA Astrophysics Data System (ADS)

    Lee, Jung-San; Chang, Chin-Chen

    With the widespread use of Internet applications such as Teleconference, Pay-TV, Collaborate tasks, and Message services, how to construct and distribute the group session key to all group members securely is becoming and more important. Instead of adopting the point-to-point packet delivery, these emerging applications are based upon the mechanism of multicast communication, which allows the group member to communicate with multi-party efficiently. There are two main issues in the mechanism of multicast communication: Key Distribution and Scalability. The first issue is how to distribute the group session key to all group members securely. The second one is how to maintain the high performance in large network groups. Group members in conventional multicast systems have to keep numerous secret keys in databases, which makes it very inconvenient for them. Furthermore, in case that a member joins or leaves the communication group, many involved participants have to change their own secret keys to preserve the forward secrecy and the backward secrecy. We consequently propose a novel version for providing secure multicast communication in large network groups. Our proposed framework not only preserves the forward secrecy and the backward secrecy but also possesses better performance than existing alternatives. Specifically, simulation results demonstrate that our scheme is suitable for high-mobility environments.

  13. Towards global phosphorus security: a systems framework for phosphorus recovery and reuse options.

    PubMed

    Cordell, D; Rosemarin, A; Schröder, J J; Smit, A L

    2011-08-01

    Human intervention in the global phosphorus cycle has mobilised nearly half a billion tonnes of the element from phosphate rock into the hydrosphere over the past half century. The resultant water pollution concerns have been the main driver for sustainable phosphorus use (including phosphorus recovery). However the emerging global challenge of phosphorus scarcity with serious implications for future food security, means phosphorus will also need to be recovered for productive reuse as a fertilizer in food production to replace increasingly scarce and more expensive phosphate rock. Through an integrated and systems framework, this paper examines the full spectrum of sustainable phosphorus recovery and reuse options (from small-scale low-cost to large-scale high-tech), facilitates integrated decision-making and identifies future opportunities and challenges for achieving global phosphorus security. Case studies are provided rather than focusing on a specific technology or process. There is no single solution to achieving a phosphorus-secure future: in addition to increasing phosphorus use efficiency, phosphorus will need to be recovered and reused from all current waste streams throughout the food production and consumption system (from human and animal excreta to food and crop wastes). There is a need for new sustainable policies, partnerships and strategic frameworks to develop renewable phosphorus fertilizer systems for farmers. Further research is also required to determine the most sustainable means in a given context for recovering phosphorus from waste streams and converting the final products into effective fertilizers, accounting for life cycle costs, resource and energy consumption, availability, farmer accessibility and pollution.

  14. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    NASA Technical Reports Server (NTRS)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  15. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    NASA Astrophysics Data System (ADS)

    Mohammadi, Hadi

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to create and design a Security and Critical Patch Management Process (SCPMP) framework based on Systems Engineering (SE) principles. This framework will assist Information Technology Department Staff (ITDS) to reduce IT operating time and costs and mitigate the risk of security and vulnerability attacks. Further, this study evaluates implementation of the SCPMP in the networked computing systems of an academic environment in order to: 1. Meet patch management requirements by applying SE principles. 2. Reduce the cost of IT operations and PVM cycles. 3. Improve the current PVM methodologies to prevent networked computing systems from becoming the targets of security vulnerability attacks. 4. Embed a Maintenance Optimization Tool (MOT) in the proposed framework. The MOT allows IT managers to make the most practicable choice of methods for deploying and installing released patches and vulnerability remediation. In recent years, there has been a variety of frameworks for security practices in every networked computing system to protect computer workstations from becoming compromised or vulnerable to security attacks, which can expose important information and critical data. I have developed a new mechanism for implementing PVM for maximizing security-vulnerability maintenance, protecting OS and software packages, and minimizing SCPMP cost. To increase computing system security in any diverse environment, particularly in academia, one must apply SCPMP. I propose an optimal maintenance policy that will allow ITDS to measure and estimate the variation of PVM cycles based on their department's requirements. My results demonstrate that

  16. Integration of the advanced transparency framework to advanced nuclear systems : enhancing Safety, Operations, Security and Safeguards (SOSS).

    SciTech Connect

    Mendez, Carmen Margarita; Rochau, Gary Eugene; Cleary, Virginia D.

    2008-08-01

    The advent of the nuclear renaissance gives rise to a concern for the effective design of nuclear fuel cycle systems that are safe, secure, nonproliferating and cost-effective. We propose to integrate the monitoring of the four major factors of nuclear facilities by focusing on the interactions between Safeguards, Operations, Security, and Safety (SOSS). We proposed to develop a framework that monitors process information continuously and can demonstrate the ability to enhance safety, operations, security, and safeguards by measuring and reducing relevant SOSS risks, thus ensuring the safe and legitimate use of the nuclear fuel cycle facility. A real-time comparison between expected and observed operations provides the foundation for the calculation of SOSS risk. The automation of new nuclear facilities requiring minimal manual operation provides an opportunity to utilize the abundance of process information for monitoring SOSS risk. A framework that monitors process information continuously can lead to greater transparency of nuclear fuel cycle activities and can demonstrate the ability to enhance the safety, operations, security and safeguards associated with the functioning of the nuclear fuel cycle facility. Sandia National Laboratories (SNL) has developed a risk algorithm for safeguards and is in the process of demonstrating the ability to monitor operational signals in real-time though a cooperative research project with the Japan Atomic Energy Agency (JAEA). The risk algorithms for safety, operations and security are under development. The next stage of this work will be to integrate the four algorithms into a single framework.

  17. A blue/green water-based accounting framework for assessment of water security

    NASA Astrophysics Data System (ADS)

    Rodrigues, Dulce B. B.; Gupta, Hoshin V.; Mendiondo, Eduardo M.

    2014-09-01

    A comprehensive assessment of water security can incorporate several water-related concepts, while accounting for Blue and Green Water (BW and GW) types defined in accordance with the hydrological processes involved. Here we demonstrate how a quantitative analysis of provision probability and use of BW and GW can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 km2) within the Cantareira Water Supply System in Brazil. To provide a more comprehensive basis for decision making, we analyze the BW and GW-Footprint components against probabilistic levels (50th and 30th percentile) of freshwater availability for human activities, during a 23 year period. Several contrasting situations of BW provision are distinguished, using different hydrological-based methodologies for specifying monthly Environmental Flow Requirements (EFRs), and the risk of natural EFR violation is evaluated by use of a freshwater provision index. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin. Taking into account conservation targets for the basin, it appears that the more restrictive EFR methods are more appropriate than the method currently employed at the study basin. The blue/green water-based accounting framework developed here provides a useful integration of hydrologic, ecosystem and human needs information on a monthly basis, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise.

  18. A Blue/Green Water-based Accounting Framework for Assessment of Water Security

    NASA Astrophysics Data System (ADS)

    Rodrigues, D. B.; Gupta, H. V.; Mendiondo, E. M.

    2013-12-01

    A comprehensive assessment of water security can incorporate several water-related concepts, including provisioning and support for freshwater ecosystem services, water footprint, water scarcity, and water vulnerability, while accounting for Blue and Green Water (BW and GW) flows defined in accordance with the hydrological processes involved. Here, we demonstrate how a quantitative analysis of provisioning and demand (in terms of water footprint) for BW and GW ecosystem services can be conducted, so as to provide indicators of water scarcity and vulnerability at the basin level. To illustrate the approach, we use the Soil and Water Assessment Tool (SWAT) to model the hydrology of an agricultural basin (291 sq.km) within the Cantareira water supply system in Brazil. To provide a more comprehensive basis for decision-making, we compute the BW provision using three different hydrological-based methods for specifying monthly Environmental Flow Requirements (EFRs) for 23 year-period. The current BW-Footprint was defined using surface water rights for reference year 2012. Then we analyzed the BW- and GW-Footprints against long-term series of monthly values of freshwater availability. Our results reveal clear spatial and temporal patterns of water scarcity and vulnerability levels within the basin, and help to distinguish between human and natural reasons (drought) for conditions of insecurity. The Blue/Green water-based accounting framework developed here can be benchmarked at a range of spatial scales, thereby improving our understanding of how and where water-related threats to human and aquatic ecosystem security can arise. Future investigation will be necessary to better understand the intra-annual variability of blue water demand and to evaluate the impacts of uncertainties associated with a) the water rights database, b) the effects of climate change projections on blue and green freshwater provision.

  19. Completing the link between exposure science and toxicology for improved environmental health decision making: The aggregate exposure pathway framework

    DOE PAGESBeta

    Teeguarden, Justin G.; Tan, Yu -Mei; Edwards, Stephen W.; Leonard, Jeremy A.; Anderson, Kim A.; Corley, Richard A.; Kile, Molly L.; Simonich, Staci M.; Stone, David; Tanguay, Robert L.; et al

    2016-01-13

    Here, driven by major scientific advances in analytical methods, biomonitoring, computation, and a newly articulated vision for a greater impact in public health, the field of exposure science is undergoing a rapid transition from a field of observation to a field of prediction. Deployment of an organizational and predictive framework for exposure science analogous to the “systems approaches” used in the biological sciences is a necessary step in this evolution. Here we propose the aggregate exposure pathway (AEP) concept as the natural and complementary companion in the exposure sciences to the adverse outcome pathway (AOP) concept in the toxicological sciences.more » Aggregate exposure pathways offer an intuitive framework to organize exposure data within individual units of prediction common to the field, setting the stage for exposure forecasting. Looking farther ahead, we envision direct linkages between aggregate exposure pathways and adverse outcome pathways, completing the source to outcome continuum for more meaningful integration of exposure assessment and hazard identification. Together, the two frameworks form and inform a decision-making framework with the flexibility for risk-based, hazard-based, or exposure-based decision making.« less

  20. The Chain-Link Fence Model: A Framework for Creating Security Procedures

    ERIC Educational Resources Information Center

    Houghton, Robert F.

    2013-01-01

    A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

  1. Completing the Link between Exposure Science and Toxicology for Improved Environmental Health Decision Making: The Aggregate Exposure Pathway Framework

    PubMed Central

    Teeguarden, Justin. G.; Tan, Yu-Mei; Edwards, Stephen W.; Leonard, Jeremy A.; Anderson, Kim A.; Corley, Richard A.; Harding, Anna K; Kile, Molly L.; Simonich, Staci M; Stone, David; Tanguay, Robert L.; Waters, Katrina M.; Harper, Stacey L.; Williams, David E.

    2016-01-01

    Synopsis Driven by major scientific advances in analytical methods, biomonitoring, computational tools, and a newly articulated vision for a greater impact in public health, the field of exposure science is undergoing a rapid transition from a field of observation to a field of prediction. Deployment of an organizational and predictive framework for exposure science analogous to the “systems approaches” used in the biological sciences is a necessary step in this evolution. Here we propose the Aggregate Exposure Pathway (AEP) concept as the natural and complementary companion in the exposure sciences to the Adverse Outcome Pathway (AOP) concept in the toxicological sciences. Aggregate exposure pathways offer an intuitive framework to organize exposure data within individual units of prediction common to the field, setting the stage for exposure forecasting. Looking farther ahead, we envision direct linkages between aggregate exposure pathways and adverse outcome pathways, completing the source to outcome continuum for more efficient integration of exposure assessment and hazard identification. Together, the two pathways form and inform a decision-making framework with the flexibility for risk-based, hazard-based, or exposure-based decision making. PMID:26759916

  2. The Perceptions of U.S.-Based IT Security Professionals about the Effectiveness of IT Security Frameworks: A Quantitative Study

    ERIC Educational Resources Information Center

    Warfield, Douglas L.

    2011-01-01

    The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

  3. State Regulatory Authority (SRA) Coordination of Safety, Security, and Safeguards of Nuclear Facilities: A Framework for Analysis

    SciTech Connect

    Mladineo, Stephen V.; Frazar, Sarah L.; Kurzrok, Andrew J.; Martikka, Elina; Hack, Tapani; Wiander, Timo

    2013-05-30

    This paper will explore the development of a framework for conducting an assessment of safety-security-safeguards integration within a State. The goal is to examine State regulatory structures to identify conflicts and gaps that hinder management of the three disciplines at nuclear facilities. Such an analysis could be performed by a State Regulatory Authority (SRA) to provide a self-assessment or as part of technical cooperation with either a newcomer State, or to a State with a fully developed SRA.

  4. A framework for the analysis of the security of supply of utilising carbon dioxide as a chemical feedstock.

    PubMed

    Fraga, Eric S; Ng, Melvin

    2015-01-01

    Recent developments in catalysts have enhanced the potential for the utilisation of carbon dioxide as a chemical feedstock. Using the appropriate energy efficient catalyst enables a range of chemical pathways leading to desirable products. In doing so, CO2 provides an economically and environmentally beneficial source of C1 feedstock, while improving the issues relating to security of supply that are associated with fossil-based feedstocks. However, the dependence on catalysts brings other supply chains into consideration, supply chains that may also have security of supply issues. The choice of chemical pathways for specific products will therefore entail an assessment not only of economic factors but also the security of supply issues for the catalysts. This is a multi-criteria decision making problem. In this paper, we present a modified 4A framework based on the framework suggested by the Asian Pacific Energy Research centre for macro-economic applications. The 4A methodology is named after the criteria used to compare alternatives: availability, acceptability, applicability and affordability. We have adapted this framework for the consideration of alternative chemical reaction processes using a micro-economic outlook. Data from a number of sources were collected and used to quantify each of the 4A criteria. A graphical representation of the assessments is used to support the decision maker in comparing alternatives. The framework not only allows for the comparison of processes but also highlights current limitations in the CCU processes. The framework presented can be used by a variety of stakeholders, including regulators, investors, and process industries, with the aim of identifying promising routes within a broader multi-criteria decision making process. PMID:26534861

  5. An Autonomic Framework for Integrating Security and Quality of Service Support in Databases

    ERIC Educational Resources Information Center

    Alomari, Firas

    2013-01-01

    The back-end databases of multi-tiered applications are a major data security concern for enterprises. The abundance of these systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Therefore, providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical…

  6. Complexity Studies and Security in the Complex World: An Epistemological Framework of Analysis

    NASA Astrophysics Data System (ADS)

    Mesjasz, Czeslaw

    The impact of systems thinking can be found in numerous security-oriented research, beginning from the early works on international system: Pitrim Sorokin, Quincy Wright, first models of military conflict and war: Frederick Lanchester, Lewis F. Richardson, national and military security (origins of RAND Corporation), through development of game theory-based conflict studies, International Relations, classical security studies of Morton A. Kaplan, Karl W. Deutsch [Mesjasz 1988], and ending with contemporary ideas of broadened concepts of security proposed by the Copenhagen School [Buzan et al 1998]. At present it may be even stated that the new military and non-military threats to contemporary complex society, such as low-intensity conflicts, regional conflicts, terrorism, environmental disturbances, etc. cannot be embraced without ideas taken from modern complex systems studies.

  7. The secret to health information technology's success within the diabetes patient population: a comprehensive privacy and security framework.

    PubMed

    Pandya, Sheel M

    2010-05-01

    Congress made an unprecedented investment in health information technology (IT) when it passed the American Recovery and Reinvestment Act in February 2009. Health IT provides enormous opportunities to improve health care quality, reduce costs, and engage patients in their own care. But the potential payoff for use of health IT for diabetes care is magnified given the prevalence, cost, and complexity of the disease. However, without proper privacy and security protections in place, diabetes patient data are at risk of misuse, and patient trust in the system is undermined. We need a comprehensive privacy and security framework that articulates clear parameters for access, use, and disclosure of diabetes patient data for all entities storing and exchanging electronic data.

  8. A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

    PubMed

    Andrijcic, Eva; Horowitz, Barry

    2006-08-01

    The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented.

  9. A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

    PubMed

    Andrijcic, Eva; Horowitz, Barry

    2006-08-01

    The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented. PMID:16948685

  10. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  11. Security Framework for Pervasive Healthcare Architectures Utilizing MPEG-21 IPMP Components

    PubMed Central

    Fragopoulos, Anastasios; Gialelis, John; Serpanos, Dimitrios

    2009-01-01

    Nowadays in modern and ubiquitous computing environments, it is imperative more than ever the necessity for deployment of pervasive healthcare architectures into which the patient is the central point surrounded by different types of embedded and small computing devices, which measure sensitive physical indications, interacting with hospitals databases, allowing thus urgent medical response in occurrences of critical situations. Such environments must be developed satisfying the basic security requirements for real-time secure data communication, and protection of sensitive medical data and measurements, data integrity and confidentiality, and protection of the monitored patient's privacy. In this work, we argue that the MPEG-21 Intellectual Property Management and Protection (IPMP) components can be used in order to achieve protection of transmitted medical information and enhance patient's privacy, since there is selective and controlled access to medical data that sent toward the hospital's servers. PMID:19132095

  12. Securing the Place of Educating for Sustainable Development within Existing Curriculum Frameworks: A Reflective Analysis

    ERIC Educational Resources Information Center

    Metz, Don; McMillan, Barbara; Maxwell, Mona; Tetrault, Amanda

    2010-01-01

    Educating for sustainable development (ESD) is generally found within existing disciplinary frameworks. In this paper, our intent is to compare the views and practices of environmental educators who pursue ESD from a perspective different from what is occurring in our own constituency. We collected data on curriculum, teaching perspectives and…

  13. Digital data acquisition for a CAD/CAM-fabricated titanium framework and zirconium oxide restorations for an implant-supported fixed complete dental prosthesis.

    PubMed

    Lin, Wei-Shao; Metz, Michael J; Pollini, Adrien; Ntounis, Athanasios; Morton, Dean

    2014-12-01

    This dental technique report describes a digital workflow with digital data acquisition at the implant level, computer-aided design and computer-aided manufacturing fabricated, tissue-colored, anodized titanium framework, individually luted zirconium oxide restorations, and autopolymerizing injection-molded acrylic resin to fabricate an implant-supported, metal-ceramic-resin fixed complete dental prosthesis in an edentulous mandible. The 1-step computer-aided design and computer-aided manufacturing fabrication of titanium framework and zirconium oxide restorations can provide a cost-effective alternative to the conventional metal-resin fixed complete dental prosthesis.

  14. Digital data acquisition for a CAD/CAM-fabricated titanium framework and zirconium oxide restorations for an implant-supported fixed complete dental prosthesis.

    PubMed

    Lin, Wei-Shao; Metz, Michael J; Pollini, Adrien; Ntounis, Athanasios; Morton, Dean

    2014-12-01

    This dental technique report describes a digital workflow with digital data acquisition at the implant level, computer-aided design and computer-aided manufacturing fabricated, tissue-colored, anodized titanium framework, individually luted zirconium oxide restorations, and autopolymerizing injection-molded acrylic resin to fabricate an implant-supported, metal-ceramic-resin fixed complete dental prosthesis in an edentulous mandible. The 1-step computer-aided design and computer-aided manufacturing fabrication of titanium framework and zirconium oxide restorations can provide a cost-effective alternative to the conventional metal-resin fixed complete dental prosthesis. PMID:25258258

  15. Java-based framework for the secure distribution of electronic medical records.

    PubMed

    Goh, A

    1999-01-01

    In this paper, we present a Java-based framework for the processing, storage and delivery of Electronic Medical Records (EMR). The choice of Java as a developmental and operational environment ensures operability over a wide-range of client-side platforms, with our on-going work emphasising migration towards Extensible Markup Language (XML) capable Web browser clients. Telemedicine in support of womb-to-tomb healthcare as articulated by the Multimedia Supercorridor (MSC) Telemedicine initiative--which motivated this project--will require high-volume data exchange over an insecure public-access Wide Area Network (WAN), thereby requiring a hybrid cryptosystem with both symmetric and asymmetric components. Our prototype framework features a pre-transaction authentication and key negotiation sequence which can be readily modified for client-side environments ranging from Web browsers without local storage capability to workstations with serial connectivity to a tamper-proof device, and also for point-to-multipoint transaction processes.

  16. A framework for fast and secure packaging identification on mobile phones

    NASA Astrophysics Data System (ADS)

    Diephuis, Maurits; Voloshynovskiy, Svyatoslav; Holotyak, Taras; Stendardo, Nabil; Keel, Bruno

    2014-02-01

    In this paper, we address the problem of fast and secure packaging identification on mobile phones. It is a well known fact that consumer goods are counterfeited on a massive scale in certain regions of the world, illustrating how existing counter measures fall short or don't exist at all, as can be seen in the local absence of laws pertaining to brand protection. This paper introduces a technological tool that allows the consumer to quickly identify a product or package with a mobile device using a physical non-cloneable features in the form of a surface micro- structure image. This natural occurring identifier allows a producer or brand owner to track and trace all its products and gives the consumer a powerful tool to confirm the authenticity of an offered product.

  17. A knowledge-based framework for image enhancement in aviation security.

    PubMed

    Singh, Maneesha; Singh, Sameer; Partridge, Derek

    2004-12-01

    The main aim of this paper is to present a knowledge-based framework for automatically selecting the best image enhancement algorithm from several available on a per image basis in the context of X-ray images of airport luggage. The approach detailed involves a system that learns to map image features that represent its viewability to one or more chosen enhancement algorithms. Viewability measures have been developed to provide an automatic check on the quality of the enhanced image, i.e., is it really enhanced? The choice is based on ground-truth information generated by human X-ray screening experts. Such a system, for a new image, predicts the best-suited enhancement algorithm. Our research details the various characteristics of the knowledge-based system and shows extensive results on real images.

  18. A false sense of security? The U.S. Food and Drug Administration's framework for evaluating new supplement ingredients.

    PubMed

    Cohen, Pieter A

    2012-03-01

    The evidence sufficient to establish the expectation of safety for new ingredients in dietary supplements is an area of considerable controversy. Recently, the U.S. Food and Drug Administration (FDA) proposed a sound scientific framework for evaluating the safety of new ingredients. The level of evidence the FDA requires (i.e., in vitro, animal or human testing) hinges on three key factors: (1) documented history of use; (2) the dose and formulation of the new ingredient compared with the historically used ingredient; and (3) the supplement's recommended use (i.e., daily or as needed). Despite its strengths, the framework requires four key modifications to ensure the expectation of safety: (1) historical use should rarely, if ever, be sufficient to replace experimental data; (2) entirely novel ingredients should undergo, at a minimum, a 90-day human testing; (3) manufacturers should be required to submit to the FDA all available data regarding new ingredients, both favorable and unfavorable; and (4) before assuming that consumers follow instructions on supplement labels, this assumption should be empirically confirmed. In the absence of significant modifications, the FDA's guidance may have the effect of providing a false sense of security to consumers seeking safe dietary supplements.

  19. An Examination of an Information Security Framework Implementation Based on Agile Values to Achieve Health Insurance Portability and Accountability Act Security Rule Compliance in an Academic Medical Center: The Thomas Jefferson University Case Study

    ERIC Educational Resources Information Center

    Reis, David W.

    2012-01-01

    Agile project management is most often examined in relation to software development, while information security frameworks are often examined with respect to certain risk management capabilities rather than in terms of successful implementation approaches. This dissertation extended the study of both Agile project management and information…

  20. Need for a gender-sensitive human security framework: results of a quantitative study of human security and sexual violence in Djohong District, Cameroon

    PubMed Central

    2014-01-01

    Background Human security shifts traditional concepts of security from interstate conflict and the absence of war to the security of the individual. Broad definitions of human security include livelihoods and food security, health, psychosocial well-being, enjoyment of civil and political rights and freedom from oppression, and personal safety, in addition to absence of conflict. Methods In March 2010, we undertook a population-based health and livelihood study of female refugees from conflict-affected Central African Republic living in Djohong District, Cameroon and their female counterparts within the Cameroonian host community. Embedded within the survey instrument were indicators of human security derived from the Leaning-Arie model that defined three domains of psychosocial stability suggesting individuals and communities are most stable when their core attachments to home, community and the future are intact. Results While the female refugee human security outcomes describe a population successfully assimilated and thriving in their new environments based on these three domains, the ability of human security indicators to predict the presence or absence of lifetime and six-month sexual violence was inadequate. Using receiver operating characteristic (ROC) analysis, the study demonstrates that common human security indicators do not uncover either lifetime or recent prevalence of sexual violence. Conclusions These data suggest that current gender-blind approaches of describing human security are missing serious threats to the safety of one half of the population and that efforts to develop robust human security indicators should include those that specifically measure violence against women. PMID:24829613

  1. Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

    NASA Astrophysics Data System (ADS)

    Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

    2016-03-01

    Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

  2. Core Structure Elements Architectures to Facilitate Construction and Secure Interconnection of Mobile Services Frameworks and Advanced IAM Systems

    NASA Astrophysics Data System (ADS)

    Karantjias, Athanasios; Polemi, Nineta

    The impressing penetration rates of electronic and mobile networks provide the unique opportunity to organizations to provide advanced e/m-services, accelerating their entrance in the digital society, and strengthening their fundamental structure. Service Oriented Architectures (SOAs) is an acknowledged promising technology to overcome the complexity inherent to the communication among multiple e-business actors across organizational domains. Nevertheless, the need for more privacy-aware transactions raises specific challenges that SOAs need to address, including the problems of managing identities and ensuring privacy in the e/m-environment. This article presents a targeted, user-centric scalable and federated Identity Management System (IAM), calledSecIdAM, and a mobile framework for building privacy-aware, interoperable, and secure mobile applications with respect to the way that the trust relationship among the involved entities, users and SOAs, is established. Finally, it analyzes a user-transparent m-process for obtaining an authentication and authorization token, issued from the SecIdAM as integrated in the IST European programme SWEB for the public sector.

  3. Mobile Security: A Systems Engineering Framework for Implementing Bring Your Own Device (BYOD) Security through the Combination of Policy Management and Technology

    ERIC Educational Resources Information Center

    Zahadat, Nima

    2016-01-01

    With the rapid increase of smartphones and tablets, security concerns have also been on the rise. Traditionally, Information Technology (IT) departments set up devices, apply security, and monitor them. Such approaches do not apply to today's mobile devices due to a phenomenon called Bring Your Own Device or BYOD. Employees find it desirable to…

  4. Complete Transmetalation in a Metal-Organic Framework by Metal Ion Metathesis in a Single Crystal for Selective Sensing of Phosphate Ions in Aqueous Media.

    PubMed

    Asha, K S; Bhattacharjee, Rameswar; Mandal, Sukhendu

    2016-09-12

    A complete transmetalation has been achieved on a barium metal-organic framework (MOF), leading to the isolation of a new Tb-MOF in a single-crystal (SC) to single-crystal (SC) fashion. It leads to the transformation of an anionic framework with cations in the pore to one that is neutral. The mechanistic studies proposed a core-shell metal exchange through dissociation of metal-ligand bonds. This Tb-MOF exhibits enhanced photoluminescence and acts as a selective sensor for phosphate anion in aqueous medium. Thus, this work not only provides a method to functionalize a MOF that can have potential application in sensing but also elucidates the formation mechanism of the resulting MOF.

  5. Complete Transmetalation in a Metal-Organic Framework by Metal Ion Metathesis in a Single Crystal for Selective Sensing of Phosphate Ions in Aqueous Media.

    PubMed

    Asha, K S; Bhattacharjee, Rameswar; Mandal, Sukhendu

    2016-09-12

    A complete transmetalation has been achieved on a barium metal-organic framework (MOF), leading to the isolation of a new Tb-MOF in a single-crystal (SC) to single-crystal (SC) fashion. It leads to the transformation of an anionic framework with cations in the pore to one that is neutral. The mechanistic studies proposed a core-shell metal exchange through dissociation of metal-ligand bonds. This Tb-MOF exhibits enhanced photoluminescence and acts as a selective sensor for phosphate anion in aqueous medium. Thus, this work not only provides a method to functionalize a MOF that can have potential application in sensing but also elucidates the formation mechanism of the resulting MOF. PMID:27516367

  6. Moving towards a complete molecular framework of the Nematoda: a focus on the Enoplida and early-branching clades

    PubMed Central

    2010-01-01

    Background The subclass Enoplia (Phylum Nematoda) is purported to be the earliest branching clade amongst all nematode taxa, yet the deep phylogeny of this important lineage remains elusive. Free-living marine species within the order Enoplida play prominent roles in marine ecosystems, but previous molecular phylogenies have provided only the briefest evolutionary insights; this study aimed to firmly resolve internal relationships within the hyper-diverse but poorly understood Enoplida. In addition, we revisited the molecular framework of the Nematoda using a rigorous phylogenetic approach in order to investigate patterns of early splits amongst the oldest lineages (Dorylaimia and Enoplia). Results Morphological identifications, nuclear gene sequences (18S and 28S rRNA), and mitochondrial gene sequences (cox1) were obtained from marine Enoplid specimens representing 37 genera. The 18S gene was used to resolve deep splits within the Enoplia and evaluate the branching order of major clades in the nematode tree; multiple phylogenetic methods and rigorous empirical tests were carried out to assess tree topologies under different parameters and combinations of taxa. Significantly increased taxon sampling within the Enoplida resulted in a well-supported, robust phylogenetic topology of this group, although the placement of certain clades was not fully resolved. Our analysis could not unequivocally confirm the earliest splits in the nematode tree, and outgroup choice significantly affected the observed branching order of the Dorylaimia and Enoplia. Both 28S and cox1 were too variable to infer deep phylogeny, but provided additional insight at lower taxonomic levels. Conclusions Analysis of internal relationships reveals that the Enoplia is split into two main clades, with groups consisting of terrestrial (Triplonchida) and primarily marine fauna (Enoplida). Five independent lineages were recovered within the Enoplida, containing a mixture of marine and terrestrial species

  7. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    ERIC Educational Resources Information Center

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  8. A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

    ERIC Educational Resources Information Center

    Mohammadi, Hadi

    2014-01-01

    Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

  9. [Evaluation of public policies for food security and hunger control in Brazil, 1995-2002: 1--Methodological framework].

    PubMed

    dos Santos, Sandra Maria Chaves; Santos, Leonor Maria Pacheco

    2007-05-01

    The authors describe the adaptation and application of a multidimensional methodology based on structure-process-outcome for evaluating food security and hunger control programs. According to the proposal, study of the structure dimension analyzes the programs' material and discursive instruments; the process dimension focuses on the activities and interventions; and the outcome dimension includes coverage, targeting, and social control, and also potentially the effects of the interventions on the beneficiaries' food security and nutrition. The methodology was used to evaluate programs implemented in Brazil from 1995 to 2002. A case study was also done including 45 municipalities in the State of Bahia, involving documental research, interviews with key informants, and a household survey including 1,750 low-income families in the rural area and 760 in the capital city. The results are expected to contribute to the discussion on facilitating factors and obstacles at the local level for the implementation of such programs, and to methodological development in the field of food security, nutrition, and hunger control policies.

  10. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... and documented? 664.210 Section 664.210 Employees' Benefits EMPLOYMENT AND TRAINING ADMINISTRATION... secure and hold employment” criterion in § 664.200(c)(6) defined and documented? Definitions and... educational program, or to secure and hold employment” criterion of § 664.200(c)(6) may be established at...

  11. Security for grids

    SciTech Connect

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  12. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... and documented? 664.210 Section 664.210 Employees' Benefits EMPLOYMENT AND TRAINING ADMINISTRATION, DEPARTMENT OF LABOR YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth... secure and hold employment” criterion in § 664.200(c)(6) defined and documented? Definitions...

  13. Universal framework for unmanned system penetration testing

    NASA Astrophysics Data System (ADS)

    Kobezak, Philip; Abbot-McCune, Sam; Tront, Joseph; Marchany, Randy; Wicks, Alfred

    2013-05-01

    Multiple industries, from defense to medical, are increasing their use of unmanned systems. Today, many of these systems are rapidly designed, tested, and deployed without adequate security testing. To aid the quick turnaround, commercially available subsystems and embedded components are often used. These components may introduce security vulnerabilities particularly if the designers do not fully understand their functionality and limitations. There is a need for thorough testing of unmanned systems for security vulnerabilities, which includes all subsystems. Using a penetration testing framework would help find these vulnerabilities across different unmanned systems applications. The framework should encompass all of the commonly implemented subsystems including, but not limited to, wireless networks, CAN buses, passive and active sensors, positioning receivers, and data storage devices. Potential attacks and vulnerabilities can be identified by looking at the unique characteristics of these subsystems. The framework will clearly outline the attack vectors as they relate to each subsystem. If any vulnerabilities exist, a mitigation plan can be developed prior to the completion of the design phase. Additionally, if the vulnerabilities are known in advance of deployment, monitoring can be added to the design to alert operators of any attempted or successful attacks. This proposed framework will help evaluate security risks quickly and consistently to ensure new unmanned systems are ready for deployment. Verifying that a new unmanned system has passed a comprehensive security evaluation will ensure greater confidence in its operational effectiveness.

  14. Development of a Childhood Attachment and Relational Trauma Screen (CARTS): a relational-socioecological framework for surveying attachment security and childhood trauma history

    PubMed Central

    Frewen, Paul A.; Evans, Barrie; Goodman, Jason; Halliday, Aaron; Boylan, James; Moran, Greg; Reiss, Jeffrey; Schore, Allan; Lanius, Ruth A.

    2013-01-01

    Background Current psychometric measures of childhood trauma history generally fail to assess the relational-socioecological context within which childhood maltreatment occurs, including the relationship of abusers to abused persons, the emotional availability of caregivers, and the respondent's own thoughts, feelings, and actions in response to maltreatment. Objective To evaluate a computerized approach to measuring the relational-socioecological context within which childhood maltreatment occurs. Method The psychometric properties of a Childhood Attachment and Relational Trauma Screen (CARTS) were evaluated as a retrospective survey of childhood maltreatment history designed to be appropriate for completion by adults. Participants were undergraduates (n=222), an internet sample (n=123), and psychiatric outpatients (n=30). Results The internal reliability, convergent, and concurrent validity of the CARTS were supported across samples. Paired differences in means and correlations between rated item-descriptiveness to self, mothers, and fathers also accorded with findings of prior attachment and maltreatment research, illustrating the utility of assessing the occurrence and effects of maltreatment within a relational-socioecological framework. Conclusions Results preliminarily support a new survey methodology for assessing childhood maltreatment within a relational-socioecological framework. Further psychometric evaluation of the CARTS is warranted. PMID:23580403

  15. Use of the Iowa Model of Research in Practice as a Curriculum Framework for Doctor of Nursing Practice (DNP) Project Completion.

    PubMed

    Lloyd, Susan T; D'Errico, Ellen; Bristol, Shirley T

    2016-01-01

    Doctoral education requires academic motivation and persistence on the part of nursing students; commitment to the process is essential and should be linked to programmatic structure. Programmatic issues in doctor of nursing practice (DNP) programs may be barriers to completion of the final project and lead to attrition. A large, private health care university developed an infrastructure for the DNP curriculum and final project utilizing the Iowa Model of Research in Practice. The purpose was to ensure competency fulfillment, retention and timely completion, and implementation of evidence-based practice and translation science utilizing a leadership approach. The program has experienced a high completion rate to date. PMID:27164780

  16. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  17. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  18. 20 CFR 664.210 - How is the “requires additional assistance to complete an educational program, or to secure and...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ..., DEPARTMENT OF LABOR (CONTINUED) YOUTH ACTIVITIES UNDER TITLE I OF THE WORKFORCE INVESTMENT ACT Eligibility for Youth Services § 664.210 How is the “requires additional assistance to complete an...

  19. Secure Sensor Platform

    SciTech Connect

    Troy Ross, Barry Schoeneman

    2010-08-25

    The Secure Sensor Platform (SSP) software provides a framework of functionality to support the development of low-power autonomous sensors for nuclear safeguards. This framework provides four primary functional blocks of capabilities required to implement autonomous sensors. The capabilities are: communications, security, power management, and cryptography. Utilizing this framework establishes a common set of functional capabilities for seamless interoperability of any sensor based upon the SSP concept.

  20. Draft secure medical database standard.

    PubMed

    Pangalos, George

    2002-01-01

    Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

  1. Flexible, secure agent development framework

    DOEpatents

    Goldsmith; Steven Y.

    2009-04-07

    While an agent generator is generating an intelligent agent, it can also evaluate the data processing platform on which it is executing, in order to assess a risk factor associated with operation of the agent generator on the data processing platform. The agent generator can retrieve from a location external to the data processing platform an open site that is configurable by the user, and load the open site into an agent substrate, thereby creating a development agent with code development capabilities. While an intelligent agent is executing a functional program on a data processing platform, it can also evaluate the data processing platform to assess a risk factor associated with performing the data processing function on the data processing platform.

  2. Molecular g-tensors from analytical response theory and quasi-degenerate perturbation theory in the framework of complete active space self-consistent field method

    NASA Astrophysics Data System (ADS)

    Nguyen Lan, Tran; Chalupský, Jakub; Yanai, Takeshi

    2015-07-01

    The molecular g-tensor is an important spectroscopic parameter provided by electron para magnetic resonance (EPR) measurement and often needs to be interpreted using computational methods. Here, we present two new implementations based on the first-order and second-order perturbation theories to calculate the g-tensors within the complete-active space self-consistent field (CASSCF) wave function model. In the first-order method, the quasi-degenerate perturbation theory (QDPT) is employed for constructing relativistic CASSCF states perturbed with the spin-orbit coupling operator, which is described effectively in one-electron form with the flexible nuclear screening spin-orbit approximation introduced recently by us. The second-order method is a newly reported approach built upon the linear response theory which accounts for the perturbation with respect to external magnetic field. It is implemented with the coupled-perturbed CASSCF (CP-CASSCF) approach, which provides an equivalent of untruncated sum-over-states expansion. The comparison of the performances between the first-order and second-order methods is shown for various molecules containing light to heavy elements, highlighting their relative strength and weakness. The formulations of QDPT and CP-CASSCF approaches as well as the derivation of the second-order Douglas-Kroll-Hess picture change of Zeeman operators are given in detail.

  3. The Complete Set of Genes Encoding Major Intrinsic Proteins in Arabidopsis Provides a Framework for a New Nomenclature for Major Intrinsic Proteins in Plants1

    PubMed Central

    Johanson, Urban; Karlsson, Maria; Johansson, Ingela; Gustavsson, Sofia; Sjövall, Sara; Fraysse, Laure; Weig, Alfons R.; Kjellbom, Per

    2001-01-01

    Major intrinsic proteins (MIPs) facilitate the passive transport of small polar molecules across membranes. MIPs constitute a very old family of proteins and different forms have been found in all kinds of living organisms, including bacteria, fungi, animals, and plants. In the genomic sequence of Arabidopsis, we have identified 35 different MIP-encoding genes. Based on sequence similarity, these 35 proteins are divided into four different subfamilies: plasma membrane intrinsic proteins, tonoplast intrinsic proteins, NOD26-like intrinsic proteins also called NOD26-like MIPs, and the recently discovered small basic intrinsic proteins. In Arabidopsis, there are 13 plasma membrane intrinsic proteins, 10 tonoplast intrinsic proteins, nine NOD26-like intrinsic proteins, and three small basic intrinsic proteins. The gene structure in general is conserved within each subfamily, although there is a tendency to lose introns. Based on phylogenetic comparisons of maize (Zea mays) and Arabidopsis MIPs (AtMIPs), it is argued that the general intron patterns in the subfamilies were formed before the split of monocotyledons and dicotyledons. Although the gene structure is unique for each subfamily, there is a common pattern in how transmembrane helices are encoded on the exons in three of the subfamilies. The nomenclature for plant MIPs varies widely between different species but also between subfamilies in the same species. Based on the phylogeny of all AtMIPs, a new and more consistent nomenclature is proposed. The complete set of AtMIPs, together with the new nomenclature, will facilitate the isolation, classification, and labeling of plant MIPs from other species. PMID:11500536

  4. Secure Transportation Management

    SciTech Connect

    Gibbs, P. W.

    2014-10-15

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  5. Data security.

    PubMed

    2016-09-01

    A government-commissioned review of data security across health and care has led to the proposal of new standards for security and options for a consent/opt-out model. Standards include that all staff complete appropriate annual data security training and pass a mandatory test provided through the revised Information Governance Toolkit, that personal confidential data is only accessible to staff who need it for their current role, and that access is removed as soon as it is no longer required. The consent/opt-out model is outlined under 8 statements, and includes certain circumstances where it will not apply, for example, where there is an overriding public interest, or mandatory legal requirement.

  6. Data security.

    PubMed

    2016-09-01

    A government-commissioned review of data security across health and care has led to the proposal of new standards for security and options for a consent/opt-out model. Standards include that all staff complete appropriate annual data security training and pass a mandatory test provided through the revised Information Governance Toolkit, that personal confidential data is only accessible to staff who need it for their current role, and that access is removed as soon as it is no longer required. The consent/opt-out model is outlined under 8 statements, and includes certain circumstances where it will not apply, for example, where there is an overriding public interest, or mandatory legal requirement. PMID:27581899

  7. Framework solutions for complete collaborative environments

    NASA Astrophysics Data System (ADS)

    Saunders, Vance M.; Maddox, Derek

    2000-06-01

    Collaboration of experts from different domains within an enterprise has always posed logistical and knowledge management challenges to managers and members of the collaboration. Scheduling meetings, arranging travel, getting data and information into the right hands at the right time all require time, money and energy that could be better spent on product development. Advances in information technology have made it easier to communicate to solve, or at least mitigate, some of these problems using e-mail, audio conferencing, and database management software, but a great detail of human intervention is still required to make these collaborations operate smoothly. Over the past ten years enterprises have come to require more than just total asset visibility and human communication capabilities. To design and field products better, faster and cheaper more human creativity and energy must be focused on the products and less on the operation of the collaboration. The collaborative environment solutions of the future must not only provide the communication and knowledge management that exist today, but also provide seamless access to resources and information, product and process modeling and the advanced decision support that results from the availability of necessary resources and information.

  8. Alternative security

    SciTech Connect

    Weston, B.H. )

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview.

  9. Space-time framework of internal measurement

    NASA Astrophysics Data System (ADS)

    Matsuno, Koichiro

    1998-07-01

    Measurement internal to material bodies is ubiquitous. The internal observer has its own local space-time framework that enables the observer to distinguish, even to a slightest degree, those material bodies fallen into that framework. Internal measurement proceeding among the internal observers come to negotiate a construction of more encompassing local framework of space and time. The construction takes place through friction among the internal observers. Emergent phenomena are related to an occurrence of enlarging the local space-time framework through the frictional negotiation among the material participants serving as the internal observers. Unless such a negotiation is obtained, the internal observers would have to move around in the local space-time frameworks of their own that are mutually incommensurable. Enhancement of material organization as demonstrated in biological evolutionary processes manifests an inexhaustible negotiation for enlarging the local space-time framework available to the internal observers. In contrast, Newtonian space-time framework, that remains absolute and all encompassing, is an asymptote at which no further emergent phenomena could be expected. It is thus ironical to expect something to emerge within the framework of Newtonian absolute space and time. Instead of being a complex and organized configuration of interaction to appear within the global space-time framework, emergent phenomena are a consequence of negotiation among the local space-time frameworks available to internal measurement. Most indicative of the negotiation of local space-time frameworks is emergence of a conscious self grounding upon the reflexive nature of perceptions, that is, a self-consciousness in short, that certainly goes beyond the Kantian transcendental subject. Accordingly, a synthetic discourse on securing consciousness upon the ground of self-consciousness can be developed, though linguistic exposition of consciousness upon self

  10. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  11. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  12. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  13. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  14. 17 CFR 300.302 - Mechanics of closeout or completion.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout...

  15. ITIL{sup ®} and information security

    SciTech Connect

    Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

    2015-03-10

    This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

  16. Quality Attribute Techniques Framework

    NASA Astrophysics Data System (ADS)

    Chiam, Yin Kia; Zhu, Liming; Staples, Mark

    The quality of software is achieved during its development. Development teams use various techniques to investigate, evaluate and control potential quality problems in their systems. These “Quality Attribute Techniques” target specific product qualities such as safety or security. This paper proposes a framework to capture important characteristics of these techniques. The framework is intended to support process tailoring, by facilitating the selection of techniques for inclusion into process models that target specific product qualities. We use risk management as a theory to accommodate techniques for many product qualities and lifecycle phases. Safety techniques have motivated the framework, and safety and performance techniques have been used to evaluate the framework. The evaluation demonstrates the ability of quality risk management to cover the development lifecycle and to accommodate two different product qualities. We identify advantages and limitations of the framework, and discuss future research on the framework.

  17. Security Evolution.

    ERIC Educational Resources Information Center

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  18. Collection Security.

    ERIC Educational Resources Information Center

    Boss, Richard W.

    1984-01-01

    Presents a systematic approach to the problem of security of library collections and facilities from theft and vandalism. Highlights include responses to losses, defining security needs, typical weaknesses of facilities, policies and procedures that weaken a library's security, conducting a security audit, cost of security, cost-effectiveness, and…

  19. Framework for a Risk-Informed Groundwater Compliance Strategy for Corrective Action Unit 98: Frenchman Flat, Nevada National Security Site, Nye County, Nevada, Revision 1

    SciTech Connect

    Marutzky, Sam

    2010-09-01

    Note: This document was prepared before the NTS was renamed the Nevada National Security Site (August 23, 2010); thus, all references to the site herein remain NTS. Corrective Action Unit (CAU) 98, Frenchman Flat, at the Nevada Test Site (NTS) was the location of ten underground nuclear tests between 1965 and 1971. As a result, radionuclides were released in the subsurface in the vicinity of the test cavities. Corrective Action Unit 98 and other CAUs at the NTS and offsite locations are being investigated. The Frenchman Flat CAU is one of five Underground Test Area (UGTA) CAUs at the NTS that are being evaluated as potential sources of local or regional impact to groundwater resources. For UGTA sites, including Frenchman Flat, contamination in and around the test cavities will not be remediated because it is technologically infeasible due to the depth of the test cavities (150 to 2,000 feet [ft] below ground surface) and the volume of contaminated groundwater at widely dispersed locations on the NTS. Instead, the compliance strategy for these sites is to model contaminant flow and transport, estimate the maximum spatial extent and volume of contaminated groundwater (over a period of 1,000 years), maintain institutional controls, and restrict access to potentially contaminated groundwater at areas where contaminants could migrate beyond the NTS boundaries.

  20. FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption

    PubMed Central

    2015-01-01

    Background The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. Methods We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. Results The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Conclusions Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics. PMID:26733391

  1. Complete prewetting

    NASA Astrophysics Data System (ADS)

    Yatsyshin, P.; Parry, A. O.; Kalliadasis, S.

    2016-07-01

    We study continuous interfacial transitions, analagous to two-dimensional complete wetting, associated with the first-order prewetting line, which can occur on steps, patterned walls, grooves and wedges, and which are sensitive to both the range of the intermolecular forces and interfacial fluctuation effects. These transitions compete with wetting, filling and condensation producing very rich phase diagrams even for relatively simple prototypical geometries. Using microscopic classical density functional theory to model systems with realistic Lennard-Jones fluid–fluid and fluid–substrate intermolecular potentials, we compute mean-field fluid density profiles, adsorption isotherms and phase diagrams for a variety of confining geometries.

  2. The SERENITY Runtime Framework

    NASA Astrophysics Data System (ADS)

    Crespo, Beatriz Gallego-Nicasio; Piñuela, Ana; Soria-Rodriguez, Pedro; Serrano, Daniel; Maña, Antonio

    The SERENITY Runtime Framework (SRF) provides support for applications at runtime, by managing S&D Solutions and monitoring the systems’ context. The main functionality of the SRF, amongst others, is to provide S&D Solutions, by means of Executable Components, in response to applications security requirements. Runtime environment is defined in SRF through the S&D Library and Context Manager components. S&D Library is a local S&D Artefact repository, and stores S&D Classes, S&D Patterns and S&D Implementations. The Context Manager component is in charge of storing and management of the information used by the SRF to select the most appropriate S&D Pattern for a given scenario. The management of the execution of the Executable Component, as running realizations of the S&D Patterns, including instantiation, de-activation and control, as well as providing communication and monitoring mechanisms, besides the recovery and reconfiguration aspects, complete the list of tasks performed by the SRF.

  3. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 6 Domestic Security 1 2013-01-01 2013-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  4. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  5. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  6. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 6 Domestic Security 1 2012-01-01 2012-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  7. 6 CFR 27.340 - Completion of adjudication proceedings.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Completion of adjudication proceedings. 27.340 Section 27.340 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Orders and Adjudications § 27.340 Completion of adjudication...

  8. Can relativistic bit commitment lead to secure quantum oblivious transfer?

    NASA Astrophysics Data System (ADS)

    He, Guang Ping

    2015-05-01

    While unconditionally secure bit commitment (BC) is considered impossible within the quantum framework, it can be obtained under relativistic or experimental constraints. Here we study whether such BC can lead to secure quantum oblivious transfer (QOT). The answer is not completely negative. In one hand, we provide a detailed cheating strategy, showing that the "honest-but-curious adversaries" in some of the existing no-go proofs on QOT still apply even if secure BC is used, enabling the receiver to increase the average reliability of the decoded value of the transferred bit. On the other hand, it is also found that some other no-go proofs claiming that a dishonest receiver can always decode all transferred bits simultaneously with reliability 100% become invalid in this scenario, because their models of cryptographic protocols are too ideal to cover such a BC-based QOT.

  9. 46 CFR 64.45 - Securing devices.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 46 Shipping 2 2010-10-01 2010-10-01 false Securing devices. 64.45 Section 64.45 Shipping COAST... HANDLING SYSTEMS Standards for an MPT § 64.45 Securing devices. An MPT or its framework must have sufficient number of positive action securing devices, including hooks, lugs, or padeyes, to attach the...

  10. 46 CFR 64.45 - Securing devices.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 46 Shipping 2 2012-10-01 2012-10-01 false Securing devices. 64.45 Section 64.45 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.45 Securing devices. An MPT or its framework must...

  11. 46 CFR 64.45 - Securing devices.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 46 Shipping 2 2013-10-01 2013-10-01 false Securing devices. 64.45 Section 64.45 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.45 Securing devices. An MPT or its framework must...

  12. Security Locks

    ERIC Educational Resources Information Center

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions affected--perhaps the…

  13. Formal Verification of Security Policy Implementations in Enterprise Networks

    NASA Astrophysics Data System (ADS)

    Bera, P.; Ghosh, S. K.; Dasgupta, Pallab

    In enterprise networks, the management of security policies and their configurations becoming increasingly difficult due to complex security constraints of the organizations. In such networks, the overall organizational security policy (global policy) is defined as a collection of rules for providing service accesses between various network zones. Often, the specification of the global policy is incomplete; where all possible service access paths may not be covered explicitly by the "permit" and "deny" rules. This policy is implemented in a distributed manner through appropriate sets of access control rules (ACL rules) in the network interfaces. However, the implementation must be complete i.e., all service access paths across the network must be implemented as "permit" and "deny" ACL rules. In that case, the unspecified access paths in a given policy must be implemented as either "permit" or "deny" rules; hence there may exist multiple ACL implementations corresponding to that policy. Formally verifying that the ACL rules distributed across the network interfaces guarantees proper enforcement of the global security policy is an important requirement and a major technical challenge. The complexity of the problem is compounded by the fact that some combination of network services may lead to inconsistent hidden access paths in the network. The ACL implementations ignoring these hidden access paths may result in violation of one or more policy rules implicitly. This paper presents a formal verification framework for analyzing security policy implementations in enterprise networks. It stems from boolean modeling of the network topology, network services and security policy where the unspecified access paths are modeled as "don't-care" rules. The framework formally models the hidden access rules and incorporates them in the distributed ACL implementations for extracting a security implementation model, and finally formulates a QSAT (satisfiability of quantified boolean

  14. Examining the Relationship between Organization Systems and Information Security Awareness

    ERIC Educational Resources Information Center

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  15. Development of a security-by-design handbook.

    SciTech Connect

    Olson, David L.; Snell, Mark Kamerer; Iida, Toru; Ochiai, Kazuya; Tanuma, Koji

    2010-06-01

    There is an increasing awareness that efficient and effective nuclear facility design is best achieved when requirements from the 3S disciplines Safety, Safeguards, and Security - are balanced and intrinsic to the facility design. This can be achieved when policy, processes, methods, and technologies are understood and applied in these areas during all phases of the design process. For the purposes of this paper, Security-by-design will be defined as the system level incorporation of the physical protection system (PPS) into a new or retrofitted nuclear power plant (NPP) or nuclear facility (NF) resulting in intrinsic security. Security-by-design can also be viewed as a framework to achieve robust and durable security systems. This paper reports on work performed to date to create a Security-by-Design Handbook, under a bilateral agreement between the United States and Japan, specifically, a review of physical protection principles and best practices, and a decommissioning to better understand where these principles and practices can be applied. This paper describes physical protection principles and best practices to achieve security-by- design that were gathered from International, Japanese, and U.S. sources. Principles are included for achieving security early in the design process where security requirements are typically less costly and easier to incorporate. The paper then describes a generic design process that covers the entire facility lifecycle from scoping and planning of the project to decommissioning and decontamination. Early design process phases, such as conceptual design, offer opportunities to add security features intrinsic to the facility design itself. Later phases, including design engineering and construction, are important for properly integrating security features into a coherent design and for planning for and assuring the proper performance of the security system during the operation and decommissioning of the facility. The paper also

  16. The Common Ground Preparedness Framework: A Comprehensive Description of Public Health Emergency Preparedness

    PubMed Central

    Theadore, Fred; Jellison, James B.

    2012-01-01

    Currently, public health emergency preparedness (PHEP) is not well defined. Discussions about public health preparedness often make little progress, for lack of a shared understanding of the topic. We present a concise yet comprehensive framework describing PHEP activities. The framework, which was refined for 3 years by state and local health departments, uses terms easily recognized by the public health workforce within an information flow consistent with the National Incident Management System. To assess the framework's completeness, strengths, and weaknesses, we compare it to 4 other frameworks: the RAND Corporation's PREPARE Pandemic Influenza Quality Improvement Toolkit, the National Response Framework's Public Health and Medical Services Functional Areas, the National Health Security Strategy Capabilities List, and the Centers for Disease Control and Prevention's PHEP Capabilities. PMID:22397343

  17. Information risk and security modeling

    NASA Astrophysics Data System (ADS)

    Zivic, Predrag

    2005-03-01

    This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

  18. Security of medical multimedia.

    PubMed

    Tzelepi, S; Pangalos, G; Nikolacopoulou, G

    2002-09-01

    The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

  19. Energy and National Security

    ERIC Educational Resources Information Center

    Abelson, Philip H.

    1973-01-01

    Discussed in this editorial is the need for a broad and detailed government policy on energy use. Oil companies can not be given complete responsibility to demonstrate usage of different energy sources. The government should construct plants because energy is connected with national security. (PS)

  20. IBRD Operational Decision Framework

    SciTech Connect

    Greenwalt, R; Hibbard, W; Raber, E; Carlsen, T; Folks, K; MacQueen, D; Mancieri, S; Bunt, T; Richards, J; Hirabayashi-Dethier, J

    2010-11-12

    completion of the Operational Decision Framework, another joint LLNL/SNL working group conducted a day-long review. Identified modifications were made to the document, resulting in the included product.

  1. School Security and Crisis Preparedness: Make It Your Business.

    ERIC Educational Resources Information Center

    Trump, Kenneth S.

    1999-01-01

    The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related staffing.…

  2. Conceptual privacy framework for health information on wearable device.

    PubMed

    Safavi, Seyedmostafa; Shukur, Zarina

    2014-01-01

    Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup. PMID:25478915

  3. Conceptual Privacy Framework for Health Information on Wearable Device

    PubMed Central

    Safavi, Seyedmostafa; Shukur, Zarina

    2014-01-01

    Wearable health tech provides doctors with the ability to remotely supervise their patients' wellness. It also makes it much easier to authorize someone else to take appropriate actions to ensure the person's wellness than ever before. Information Technology may soon change the way medicine is practiced, improving the performance, while reducing the price of healthcare. We analyzed the secrecy demands of wearable devices, including Smartphone, smart watch and their computing techniques, that can soon change the way healthcare is provided. However, before this is adopted in practice, all devices must be equipped with sufficient privacy capabilities related to healthcare service. In this paper, we formulated a new improved conceptual framework for wearable healthcare systems. This framework consists of ten principles and nine checklists, capable of providing complete privacy protection package to wearable device owners. We constructed this framework based on the analysis of existing mobile technology, the results of which are combined with the existing security standards. The approach also incorporates the market share percentage level of every app and its respective OS. This framework is evaluated based on the stringent CIA and HIPAA principles for information security. This evaluation is followed by testing the capability to revoke rights of subjects to access objects and ability to determine the set of available permissions for a particular subject for all models Finally, as the last step, we examine the complexity of the required initial setup. PMID:25478915

  4. Secure Data Network System (SDNS) network, transport, and message security protocols

    NASA Astrophysics Data System (ADS)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  5. Social Security.

    ERIC Educational Resources Information Center

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  6. Physical Security

    SciTech Connect

    2008-01-01

    The future of physical security at government facilities and national laboratories is rapidly progressing beyond the cliché of gates, guns and guards, and is quickly being replaced by radars, sensors and cameras. Learn more about INL's security research at http://www.facebook.com/idahonationallaboratory.

  7. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 3 2011-10-01 2011-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  8. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 3 2010-10-01 2010-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  9. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 3 2012-10-01 2012-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  10. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 3 2014-10-01 2014-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  11. 49 CFR 193.2709 - Security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 3 2013-10-01 2013-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the...

  12. Secure Objectives for School Security

    ERIC Educational Resources Information Center

    Dalton-Noblitt, April

    2012-01-01

    In a study conducted among more than 980 American four-year and two-year colleges and universities, including institutions such as the University of Michigan, MIT, UCLA and Columbia, security staff and other administrators identified the five leading goals for their security systems: (1) Preventing unauthorized people from entering their…

  13. Secure PVM

    SciTech Connect

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  14. Capturing security requirements for software systems

    PubMed Central

    El-Hadary, Hassan; El-Kassas, Sherif

    2014-01-01

    Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

  15. Capturing security requirements for software systems.

    PubMed

    El-Hadary, Hassan; El-Kassas, Sherif

    2014-07-01

    Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

  16. Practical School Security: Basic Guidelines for Safe and Secure Schools.

    ERIC Educational Resources Information Center

    Trump, Kenneth S.

    This book is written primarily for elementary and secondary school administrators and teachers, but college faculty involved in providing teacher or administrator education would also benefit from the practical approach to issues of school security. Chapters 1 through 3 establish a framework for dealing with the myths and realities of school…

  17. A Security Architecture for Health Information Networks

    PubMed Central

    Kailar, Rajashekar

    2007-01-01

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

  18. A security architecture for health information networks.

    PubMed

    Kailar, Rajashekar; Muralidhar, Vinod

    2007-10-11

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

  19. Secure portal.

    SciTech Connect

    Nelson, Cynthia Lee

    2007-09-01

    There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allow special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal

  20. Secure Information Sharing

    2005-09-09

    We are develoing a peer-to-peer system to support secure, location independent information sharing in the scientific community. Once complete, this system will allow seamless and secure sharing of information between multiple collaborators. The owners of information will be able to control how the information is stored, managed. ano shared. In addition, users will have faster access to information updates within a collaboration. Groups collaborating on scientific experiments have a need to share information and data.more » This information and data is often represented in the form of files and database entries. In a typical scientific collaboration, there are many different locations where data would naturally be stored. This makes It difficult for collaborators to find and access the information they need. Our goal is to create a lightweight file-sharing system that makes it’easy for collaborators to find and use the data they need. This system must be easy-to-use, easy-to-administer, and secure. Our information-sharing tool uses group communication, in particular the InterGroup protocols, to reliably deliver each query to all of the current participants in a scalable manner, without having to discover all of their identities. We will use the Secure Group Layer (SGL) and Akenti to provide security to the participants of our environment, SGL will provide confldentiality, integrity, authenticity, and authorization enforcement for the InterGroup protocols and Akenti will provide access control to other resources.« less

  1. Combining the Complete Active Space Self-Consistent Field Method and the Full Configuration Interaction Quantum Monte Carlo within a Super-CI Framework, with Application to Challenging Metal-Porphyrins.

    PubMed

    Li Manni, Giovanni; Smart, Simon D; Alavi, Ali

    2016-03-01

    A novel stochastic Complete Active Space Self-Consistent Field (CASSCF) method has been developed and implemented in the Molcas software package. A two-step procedure is used, in which the CAS configuration interaction secular equations are solved stochastically with the Full Configuration Interaction Quantum Monte Carlo (FCIQMC) approach, while orbital rotations are performed using an approximated form of the Super-CI method. This new method does not suffer from the strong combinatorial limitations of standard MCSCF implementations using direct schemes and can handle active spaces well in excess of those accessible to traditional CASSCF approaches. The density matrix formulation of the Super-CI method makes this step independent of the size of the CI expansion, depending exclusively on one- and two-body density matrices with indices restricted to the relatively small number of active orbitals. No sigma vectors need to be stored in memory for the FCIQMC eigensolver--a substantial gain in comparison to implementations using the Davidson method, which require three or more vectors of the size of the CI expansion. Further, no orbital Hessian is computed, circumventing limitations on basis set expansions. Like the parent FCIQMC method, the present technique is scalable on massively parallel architectures. We present in this report the method and its application to the free-base porphyrin, Mg(II) porphyrin, and Fe(II) porphyrin. In the present study, active spaces up to 32 electrons and 29 orbitals in orbital expansions containing up to 916 contracted functions are treated with modest computational resources. Results are quite promising even without accounting for the correlation outside the active space. The systems here presented clearly demonstrate that large CASSCF calculations are possible via FCIQMC-CASSCF without limitations on basis set size.

  2. Security in the Schools.

    ERIC Educational Resources Information Center

    Nelson, Jesse

    1997-01-01

    Discusses the benefits of school library security, software security, and computer security systems. Describes specific products for each type of security system. A sidebar lists names and addresses of security manufacturers and distributors. (AEF)

  3. The European TrustHealth project experiences with implementing a security infrastructure.

    PubMed

    Blobel, B

    2000-11-01

    Accepting the shared care paradigm, communication and co-operation required between health care establishments must be provided in a trustworthy way. The solution for establishing such trustworthy environment has to be based on a common policy framework, on services, and mechanisms, which have been standardised. In Europe, the legal framework, other policy issues, and the services and mechanisms needed have been developed within projects launched by the European Commission, by the European standards body CEN as well as by temporarily established groups. Within the European TrustHealth projects. a security infrastructure for trustworthy health telematics applications has been specified, implemented, and evaluated. It is based on Health Professional Cards and Trusted Third Party services. Experiences regarding organisational and technological implications of the specification, implementation, maintenance, and evaluation of such a security infrastructure are described on the basis of the ONOCONET example. For the complete software lifecycle, the UML methodology has been deployed. PMID:11154971

  4. 49 CFR 1540.209 - Fees for security threat assessment.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under this...

  5. 49 CFR 1540.209 - Fees for security threat assessment.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Fees for security threat assessment. 1540.209...: GENERAL RULES Security Threat Assessments § 1540.209 Fees for security threat assessment. This section describes the payment process for completion of the security threat assessments required under this...

  6. 6 CFR 27.215 - Security vulnerability assessments.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.215 Security vulnerability...-risk, the facility must complete a Security Vulnerability Assessment. A Security Vulnerability... in meeting the applicable Risk-Based Performance Standards; (4) Risk Assessment, including...

  7. 6 CFR 27.215 - Security vulnerability assessments.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.215 Security vulnerability...-risk, the facility must complete a Security Vulnerability Assessment. A Security Vulnerability... in meeting the applicable Risk-Based Performance Standards; (4) Risk Assessment, including...

  8. Validity and reliability of food security measures.

    PubMed

    Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

    2014-12-01

    This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. PMID:25407084

  9. Validity and reliability of food security measures.

    PubMed

    Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

    2014-12-01

    This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda.

  10. MVC Framework

    2008-06-03

    Provides a reusable model-view-controller application programming interface (API) for use in the rapid development of graphical user interface applications in the .NET 2.0 framework. This includes a mechanism for adding new data stores, data sources, data analyses, and visualizations in the form of plugins.] The MVC Framework is implemented in C# as a .NET 2.0 framework that can then be built against when developing applications. The infrasturcture allows for presenting application specific views (visualizations) tomore » the user to interact with. Based on the interactions the suer makes with a view, requests are generated which in turn are handled by the central controller facility. The controller handles the request in an application specific manner by routing the request to appropriate data stores, data accessors or data analyzers. Retrieved or processed data is published to subscribed components for further processing or for presentation to the user.« less

  11. Insider Threat and Information Security Management

    NASA Astrophysics Data System (ADS)

    Coles-Kemp, Lizzie; Theoharidou, Marianthi

    The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

  12. Towards An Engineering Discipline of Computational Security

    SciTech Connect

    Mili, Ali; Sheldon, Frederick T; Jilani, Lamia Labed; Ayed, Rahma Ben

    2007-01-01

    George Boole ushered the era of modern logic by arguing that logical reasoning does not fall in the realm of philosophy, as it was considered up to his time, but in the realm of mathematics. As such, logical propositions and logical arguments are modeled using algebraic structures. Likewise, we submit that security attributes must be modeled as formal mathematical propositions that are subject to mathematical analysis. In this paper, we approach this problem by attempting to model security attributes in a refinement-like framework that has traditionally been used to represent reliability and safety claims. Keywords: Computable security attributes, survivability, integrity, dependability, reliability, safety, security, verification, testing, fault tolerance.

  13. 19 CFR 122.75 - Complete manifest.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 19 Customs Duties 1 2010-04-01 2010-04-01 false Complete manifest. 122.75 Section 122.75 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Documents Required for Clearance and Permission To Depart;...

  14. Security system

    DOEpatents

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  15. Security seal

    DOEpatents

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  16. The European Qualification Framework: Skills, Competences or Knowledge?

    ERIC Educational Resources Information Center

    Mehaut, Philippe; Winch, Christopher

    2012-01-01

    The European Qualification Framework (EQF) is intended to transform European national qualification frameworks (NQFs) by moulding them into a learning outcomes framework. Currently adopted as an enabling law by the European Union, the EQF has now operated for several years. In order to secure widespread adoption, however, it will be necessary for…

  17. Predictive Dynamic Security Assessment through Advanced Computing

    SciTech Connect

    Huang, Zhenyu; Diao, Ruisheng; Jin, Shuangshuang; Chen, Yousu

    2014-11-30

    Abstract— Traditional dynamic security assessment is limited by several factors and thus falls short in providing real-time information to be predictive for power system operation. These factors include the steady-state assumption of current operating points, static transfer limits, and low computational speed. This addresses these factors and frames predictive dynamic security assessment. The primary objective of predictive dynamic security assessment is to enhance the functionality and computational process of dynamic security assessment through the use of high-speed phasor measurements and the application of advanced computing technologies for faster-than-real-time simulation. This paper presents algorithms, computing platforms, and simulation frameworks that constitute the predictive dynamic security assessment capability. Examples of phasor application and fast computation for dynamic security assessment are included to demonstrate the feasibility and speed enhancement for real-time applications.

  18. Statistical security for Social Security.

    PubMed

    Soneji, Samir; King, Gary

    2012-08-01

    The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts. PMID:22592944

  19. RFID Based Context Information Security System Architecture for Securing Personal Information under Ubiquitous Environment

    NASA Astrophysics Data System (ADS)

    Song, Jae-Gu; Park, Gil-Cheol; Kim, Seoksoo

    2007-12-01

    In this study, framework for securing personal information among various contexts collected and utilized under ubiquitous environment is proposed. The proposed framework will analyze relativity among information used to determine the exposure of personal information according to circumstances where personal information is used. In addition, the study will define the definition of role-based structure and propose a structure applying password security system according to access level. Furthermore, the study will propose a method for building information security system using RFID tag information which generates context information.

  20. Secure public cloud platform for medical images sharing.

    PubMed

    Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

    2015-01-01

    Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking. PMID:25991144

  1. Amodal Completion in Bonobos

    ERIC Educational Resources Information Center

    Nagasaka, Yasuo; Brooks, Daniel I.; Wasserman, Edward A.

    2010-01-01

    We trained two bonobos to discriminate among occluded, complete, and incomplete stimuli. The occluded stimulus comprised a pair of colored shapes, one of which appeared to occlude the other. The complete and incomplete stimuli involved the single shape that appeared to have been partially covered in the occluded stimulus; the complete stimulus…

  2. What's Ahead for Campus Security?

    ERIC Educational Resources Information Center

    Queeno, Cam

    2000-01-01

    Identifies five trends in security technology and what they mean for colleges and universities in the near future. Trends addressed are: less emphasis on complete system integration; increased prevalence of open networking protocol systems; rising use of proximity and smart cards; increased use of digital technology and remote video surveillance;…

  3. Nuclear security

    SciTech Connect

    Dingell, J.D.

    1991-02-01

    The Department of Energy's (DOE) Lawrence Livermore National Laboratory, located in Livermore, California, generates and controls large numbers of classified documents associated with the research and testing of nuclear weapons. Concern has been raised about the potential for espionage at the laboratory and the national security implications of classified documents being stolen. This paper determines the extent of missing classified documents at the laboratory and assesses the adequacy of accountability over classified documents in the laboratory's custody. Audit coverage was limited to the approximately 600,000 secret documents in the laboratory's custody. The adequacy of DOE's oversight of the laboratory's secret document control program was also assessed.

  4. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.262 Security measures for newly-hired employees. (a... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is...

  5. 33 CFR 106.262 - Security measures for newly-hired employees.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.262 Security measures for newly-hired employees. (a... accordance with 49 CFR part 1572 by completing the full enrollment process, paying the user fee, and is...

  6. Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

    ERIC Educational Resources Information Center

    Edwards, Gregory

    2011-01-01

    Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

  7. Developing a Regional Recovery Framework

    SciTech Connect

    Lesperance, Ann M.; Olson, Jarrod; Stein, Steven L.; Clark, Rebecca; Kelly, Heather; Sheline, Jim; Tietje, Grant; Williamson, Mark; Woodcock, Jody

    2011-09-01

    Abstract A biological attack would present an unprecedented challenge for local, state, and federal agencies; the military; the private sector; and individuals on many fronts ranging from vaccination and treatment to prioritization of cleanup actions to waste disposal. To prepare the Seattle region to recover from a biological attack, the Seattle Urban Area Security Initiative (UASI) partners collaborated with military and federal agencies to develop a Regional Recovery Framework for a Biological Attack in the Seattle Urban Area. The goal was to reduce the time and resources required to recover and restore wide urban areas, military installations, and other critical infrastructure following a biological incident by providing a coordinated systems approach. Based on discussions in small workshops, tabletop exercises, and interviews with emergency response agency staff, the partners identified concepts of operation for various areas to address critical issues the region will face as recovery progresses. Key to this recovery is the recovery of the economy. Although the Framework is specific to a catastrophic, wide-area biological attack using anthrax, it was designed to be flexible and scalable so it could also serve as the recovery framework for an all-hazards approach. The Framework also served to coalesce policy questions that must be addressed for long-term recovery. These questions cover such areas as safety and health, security, financial management, waste management, legal issues, and economic development.

  8. Alternative Education Completers: A Phenomenological Study

    ERIC Educational Resources Information Center

    Murray, Becky L.; Holt, Carleton R.

    2014-01-01

    The purpose of this study was to explore the elements of the alternative education experience significant to successful completion of the program. This phenomenological paradigm provided the framework for all aspects of the qualitative study. Students, parents, administrators, and staff members of two alternative programs in the southeast Kansas…

  9. Secure surface identification codes

    NASA Astrophysics Data System (ADS)

    Beekhof, F.; Voloshynovskiy, S.; Koval, O.; Villan, R.; Pun, T.

    2008-02-01

    This paper introduces an identification framework for random microstructures of material surfaces. These microstructures represent a kind of unique fingerprints that can be used to track and trace an item as well as for anti-counterfeiting. We first consider the architecture for mobile phone-based item identification and then introduce a practical identification algorithm enabling fast searching in large databases. The proposed algorithm is based on reference list decoding. The link to digital communications and robust perceptual hashing is shown. We consider a practical construction of reference list decoding, which comprizes computational complexity, security, memory storage and performance requirements. The efficiency of the proposed algorithm is demonstrated on experimental data obtained from natural paper surfaces.

  10. Asian Energy Security

    SciTech Connect

    Peter Hayes, PhD

    2003-12-01

    OAK-B135 In the Asian Energy Security (AES) Project, Nautilus Institute works together with a network of collaborating groups from the countries of Northeast Asia to evaluate the energy security implications of different national and regional energy ''paths''. The goal of the Asia Energy Security project is to illuminate energy paths--and the energy policy choices that might help to bring them about--that result in a higher degree of energy security for the region and for the world as a whole, that is, to identify energy paths that are ''robust'' in meeting many different energy security and development objectives, while also offering flexibility in the face of uncertainty. In work to date, Nautilus has carefully assembled a network of colleagues from the countries of the region, trained them together as a group in the use of a common, flexible, and transparent energy and environmental analysis planning software tool (LEAP, the Long-range Energy Alternatives Planning system), and worked with them to prepare base-year energy sector models for each country. To date, complete data sets and models for ''Business as Usual'' (BAU) energy paths have been compiled for China, Japan, the Republic of Korea, and the Democratic Peoples' Republic of Korea. A partial data set and BAU path has been compiled for the Russian Far East, and a data set is being started in Mongolia, where a team of researchers has just joined the AES project. In several countries, ''Alternative'' energy paths have been developed as well, or partially elaborated. National energy sector developments, progress on national LEAP modeling, additional LEAP training, and planning for the next phase of the AES project were the topics of a recent (early November) workshop held in Vancouver, British Columbia. With funding from the Department of Energy, Nautilus is poised to build upon the successes of the project to date with a coordinated international effort to research the energy security ramifications of

  11. Multi-Disciplinary Analysis and Optimization Frameworks

    NASA Technical Reports Server (NTRS)

    Naiman, Cynthia Gutierrez

    2009-01-01

    Since July 2008, the Multidisciplinary Analysis & Optimization Working Group (MDAO WG) of the Systems Analysis Design & Optimization (SAD&O) discipline in the Fundamental Aeronautics Program s Subsonic Fixed Wing (SFW) project completed one major milestone, Define Architecture & Interfaces for Next Generation Open Source MDAO Framework Milestone (9/30/08), and is completing the Generation 1 Framework validation milestone, which is due December 2008. Included in the presentation are: details of progress on developing the Open MDAO framework, modeling and testing the Generation 1 Framework, progress toward establishing partnerships with external parties, and discussion of additional potential collaborations

  12. Latino College Completion: Oklahoma

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  13. Latino College Completion: Arizona

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  14. Latino College Completion: Minnesota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  15. Latino College Completion: Nevada

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  16. Latino College Completion: Virginia

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  17. Latino College Completion: Texas

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  18. Latino College Completion: Maryland

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  19. Methods of Organizational Information Security

    NASA Astrophysics Data System (ADS)

    Martins, José; Dos Santos, Henrique

    The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

  20. Sensor integration architectures for homeland security

    NASA Astrophysics Data System (ADS)

    Hamilton, Mark K.; Kramer, Michael J.; Feddes, Robert G.; Giannetti, Charles W.

    2002-07-01

    Achieving effective Homeland Security requires the instantiation of automatic, intelligent and vigilant systems of systems, which integrate a diverse array of sensor, signal, and information processing technologies. While the cost and performance envelopes of in-situ and remote sensing systems continuously improve, synergistically combining these sensory inputs to provide actionable, utilitarian information presents significant but tractable architecting challenges. This paper explores Homeland Security 's critical enabling sensing technologies. It also examines and analyzes in greater depth critical communication and information infrastructure challenges. Only when new communications frameworks, which aggregate relevant data, generate and disseminate mission-critical information products, will we achieve the kind of tailored situational awareness Homeland Security requires.

  1. 76 FR 69755 - National Disaster Recovery Framework (NDRF)

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-11-09

    ... principles solely focused on disaster recovery. Recognizing the continuum between preparedness, response... changing needs of different disasters. In recognizing the continuum between preparedness, response... SECURITY Federal Emergency Management Agency National Disaster Recovery Framework (NDRF) AGENCY:...

  2. Computer security engineering management

    SciTech Connect

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system.

  3. Transportation Security Administration

    MedlinePlus

    ... content Official website of the Department of Homeland Security Transportation Security Administration A - Z Index What Can I Bring? Search form Apples Main menu Administrator Travel Security Screening Special Procedures TSA Pre✓® Passenger Support Travel ...

  4. 50 CFR 86.100 - What is the National Framework?

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... (BIG) PROGRAM Service Completion of the National Framework § 86.100 What is the National Framework? The... your State. Through a State survey, you must conduct a boating access needs assessment or...

  5. 50 CFR 86.100 - What is the National Framework?

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... (BIG) PROGRAM Service Completion of the National Framework § 86.100 What is the National Framework? The... your State. Through a State survey, you must conduct a boating access needs assessment or...

  6. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  7. 17 CFR 270.17f-1 - Custody of securities with members of national securities exchanges.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... segregation and marking of such securities and investments may be accomplished by putting them in separate... of the examination, shall be attached to a completed Form N-17f-1 (17 CFR 274.219) and transmitted to... a member of a national securities exchange of any obligation under existing law or under the...

  8. Complete binasal hemianopia

    PubMed Central

    Pomeranz, Howard D.; Smith, Kyle H.

    2014-01-01

    Binasal hemianopia is a rarely encountered visual field defect. We examined two asymptomatic female patients, aged 17 and 83, with complete binasal hemianopia. Both patients had unremarkable eye exams except for the visual field deficits and minimally reduced visual acuity and color vision. Both patients had normal neuroimaging. These are the first reported cases of complete binasal visual field defects without an identifiable ocular or neurologic cause. PMID:25484511

  9. A Unified Approach to Intra-Domain Security

    SciTech Connect

    Shue, Craig A; Kalafut, Andrew J.; Gupta, Prof. Minaxi

    2009-01-01

    While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. We develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructure which can later be leveraged to support inter-domain authentication.

  10. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  11. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

    SciTech Connect

    Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David

    2007-01-01

    Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.

  12. Acceptance Criteria Framework for Autonomous Biological Detectors

    SciTech Connect

    Dzenitis, J M

    2006-12-12

    The purpose of this study was to examine a set of user acceptance criteria for autonomous biological detection systems for application in high-traffic, public facilities. The test case for the acceptance criteria was the Autonomous Pathogen Detection System (APDS) operating in high-traffic facilities in New York City (NYC). However, the acceptance criteria were designed to be generally applicable to other biological detection systems in other locations. For such detection systems, ''users'' will include local authorities (e.g., facility operators, public health officials, and law enforcement personnel) and national authorities [including personnel from the Department of Homeland Security (DHS), the BioWatch Program, the Centers for Disease Control and Prevention (CDC), and the Federal Bureau of Investigation (FBI)]. The panel members brought expertise from a broad range of backgrounds to complete this picture. The goals of this document are: (1) To serve as informal guidance for users in considering the benefits and costs of these systems. (2) To serve as informal guidance for developers in understanding the needs of users. In follow-up work, this framework will be used to systematically document the APDS for appropriateness and readiness for use in NYC.

  13. Redefining security.

    PubMed

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  14. Redefining security.

    PubMed

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services. PMID:12343986

  15. Security guide for subcontractors

    SciTech Connect

    Adams, R.C.

    1993-06-01

    This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

  16. Security Data Warehouse Application

    NASA Technical Reports Server (NTRS)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  17. Beyond a series of security nets: Applying STAMP & STPA to port security

    SciTech Connect

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systems and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.

  18. Beyond a series of security nets: Applying STAMP & STPA to port security

    DOE PAGESBeta

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

  19. From Secure Memories to Smart Card Security

    NASA Astrophysics Data System (ADS)

    Handschuh, Helena; Trichina, Elena

    Non-volatile memory is essential in most embedded security applications. It will store the key and other sensitive materials for cryptographic and security applications. In this chapter, first an overview is given of current flash memory architectures. Next the standard security features which form the basis of so-called secure memories are described in more detail. Smart cards are a typical embedded application that is very vulnerable to attacks and that at the same time has a high need for secure non-volatile memory. In the next part of this chapter, the secure memories of so-called flash-based high-density smart cards are described. It is followed by a detailed analysis of what the new security challenges for such objects are.

  20. Modeling behavioral considerations related to information security.

    SciTech Connect

    Martinez-Moyano, I. J.; Conrad, S. H.; Andersen, D. F.

    2011-01-01

    The authors present experimental and simulation results of an outcome-based learning model for the identification of threats to security systems. This model integrates judgment, decision-making, and learning theories to provide a unified framework for the behavioral study of upcoming threats.

  1. The myth of secure computing.

    PubMed

    Austin, Robert D; Darby, Christopher A

    2003-06-01

    Few senior executives pay a whole lot of attention to computer security. They either hand off responsibility to their technical people or bring in consultants. But given the stakes involved, an arm's-length approach is extremely unwise. According to industry estimates, security breaches affect 90% of all businesses every year and cost some $17 billion. Fortunately, the authors say, senior executives don't need to learn about the more arcane aspects of their company's IT systems in order to take a hands-on approach. Instead, they should focus on the familiar task of managing risk. Their role should be to assess the business value of their information assets, determine the likelihood that those assets will be compromised, and then tailor a set of risk abatement processes to their company's particular vulnerabilities. This approach, which views computer security as an operational rather than a technical challenge, is akin to a classic quality assurance program in that it attempts to avoid problems rather than fix them and involves all employees, not just IT staffers. The goal is not to make computer systems completely secure--that's impossible--but to reduce the business risk to an acceptable level. This article looks at the types of threats a company is apt to face. It also examines the processes a general manager should spearhead to lessen the likelihood of a successful attack. The authors recommend eight processes in all, ranging from deciding how much protection each digital asset deserves to insisting on secure software to rehearsing a response to a security breach. The important thing to realize, they emphasize, is that decisions about digital security are not much different from other cost-benefit decisions. The tools general managers bring to bear on other areas of the business are good models for what they need to do in this technical space.

  2. JACOB: An Enterprise Framework for Computational Chemistry

    PubMed Central

    Waller, Mark P; Dresselhaus, Thomas; Yang, Jack

    2013-01-01

    Here, we present just a collection of beans (JACOB): an integrated batch-based framework designed for the rapid development of computational chemistry applications. The framework expedites developer productivity by handling the generic infrastructure tier, and can be easily extended by user-specific scientific code. Paradigms from enterprise software engineering were rigorously applied to create a scalable, testable, secure, and robust framework. A centralized web application is used to configure and control the operation of the framework. The application-programming interface provides a set of generic tools for processing large-scale noninteractive jobs (e.g., systematic studies), or for coordinating systems integration (e.g., complex workflows). The code for the JACOB framework is open sourced and is available at: http://www.wallerlab.org/jacob. © 2013 Wiley Periodicals, Inc. PMID:23553271

  3. Coupling Functions Enable Secure Communications

    NASA Astrophysics Data System (ADS)

    Stankovski, Tomislav; McClintock, Peter V. E.; Stefanovska, Aneta

    2014-01-01

    Secure encryption is an essential feature of modern communications, but rapid progress in illicit decryption brings a continuing need for new schemes that are harder and harder to break. Inspired by the time-varying nature of the cardiorespiratory interaction, here we introduce a new class of secure communications that is highly resistant to conventional attacks. Unlike all earlier encryption procedures, this cipher makes use of the coupling functions between interacting dynamical systems. It results in an unbounded number of encryption key possibilities, allows the transmission or reception of more than one signal simultaneously, and is robust against external noise. Thus, the information signals are encrypted as the time variations of linearly independent coupling functions. Using predetermined forms of coupling function, we apply Bayesian inference on the receiver side to detect and separate the information signals while simultaneously eliminating the effect of external noise. The scheme is highly modular and is readily extendable to support different communications applications within the same general framework.

  4. Building Security into Schools.

    ERIC Educational Resources Information Center

    Kosar, John E.; Ahmed, Faruq

    2000-01-01

    Offers tips for redesigning safer school sites; installing and implementing security technologies (closed-circuit television cameras, door security hardware, electronic security panels, identification cards, metal detectors, and panic buttons); educating students and staff about security functions; and minimizing costs via a comprehensive campus…

  5. Unix Security Cookbook

    NASA Astrophysics Data System (ADS)

    Rehan, S. C.

    This document has been written to help Site Managers secure their Unix hosts from being compromised by hackers. I have given brief introductions to the security tools along with downloading, configuring and running information. I have also included a section on my recommendations for installing these security tools starting from an absolute minimum security requirement.

  6. School Security Roundtable, 2000.

    ERIC Educational Resources Information Center

    Agron, Joe, Ed.; Anderson, Larry, Ed.

    A roundtable discussion is presented revealing what experts say about school security problems and how they are being addressed. Also included are trend data from the School Security 2000 survey revealing top security concerns, strategies, and security equipment preferences; how site surveys can be used to keep schools safe; and how creating a…

  7. Chapter 3: Energy Security

    SciTech Connect

    Foust, Thomas D.; Arent, Doug; de Carvalho Macedo, Isaias; Goldemberg, Jose; Hoysala, Chanakya; Filho, Rubens Maciel; Nigro, Francisco E. B.; Richard, Tom L.; Saddler, Jack; Samseth, Jon; Somerville, Chris R.

    2015-04-01

    This chapter considers the energy security implications and impacts of bioenergy. We provide an assessment to answer the following questions: What are the implications for bioenergy and energy security within the broader policy environment that includes food and water security, development, economic productivity, and multiple foreign policy aspects? What are the conditions under which bioenergy contributes positively to energy security?

  8. A Framework for Behavior-Based Malware Analysis in the Cloud

    NASA Astrophysics Data System (ADS)

    Martignoni, Lorenzo; Paleari, Roberto; Bruschi, Danilo

    To ease the analysis of potentially malicious programs, dynamic behavior-based techniques have been proposed in the literature. Unfortunately, these techniques often give incomplete results because the execution environments in which they are performed are synthetic and do not faithfully resemble the environments of end-users, the intended targets of the malicious activities. In this paper, we present a new framework for improving behavior-based analysis of suspicious programs. Our framework allows an end-user to delegate security labs, the cloud, the execution and the analysis of a program and to force the program to behave as if it were executed directly in the environment of the former. The evaluation demonstrated that the proposed framework allows security labs to improve the completeness of the analysis, by analyzing a piece of malware on behalf of multiple end-users simultaneously, while performing a fine-grained analysis of the behavior of the program with no computational cost for end-users.

  9. Congenital complete atrioventricular block.

    PubMed Central

    Kertesz, N J; Fenrich, A L; Friedman, R A

    1997-01-01

    Congenital complete atrioventricular block is found in 1 of 22,000 live births. Over time, it has become apparent that these patients represent not a single distinct disease process, but several processes with the common manifestation of atrioventricular block. The evaluation of these patients to determine their risk of sudden death and need for pacing is not well defined. Images PMID:9456483

  10. Making College Completion Personal

    ERIC Educational Resources Information Center

    Thomas, Heather

    2011-01-01

    There are countless justifications for why young adults, faced with so many distractions, do not complete their educations. Many students fail to finish college because of a lack of information and understanding about healthy relationships and sex education. The author's own struggles and eventual successes as a student and mother compelled her to…

  11. Completing a Simple Circuit.

    ERIC Educational Resources Information Center

    Slater, Timothy F.; Adams, Jeffrey P.; Brown, Thomas R.

    2000-01-01

    Students have problems successfully arranging an electric circuit to make the bulb produce light. Investigates the percentage of students able to complete a circuit with a given apparatus, and the effects of prior experience on student success. Recommends hands-on activities at the elementary and secondary school levels. (Contains 14 references.)…

  12. Beyond FASFA Completion

    ERIC Educational Resources Information Center

    Castleman, Ben; Page, Lindsay

    2015-01-01

    The Free Application for Federal Student Aid (FAFSA)--which students must complete to qualify for most federal, state, and institutional financial aid--is a gateway to college through which many students must pass, particularly those from low- to moderate-income households (King, 2004; Kofoed, 2013). Yet given the complexity of the…

  13. Security guide for subcontractors

    SciTech Connect

    Not Available

    1988-01-01

    The objectives of security in the Department of Energy (DOE) contractor/subcontractor program are: (1) to ensure the protection of information which, if related, would endanger the common defense and security of the nation; and (2) to safeguard the plants and installations of the DOE and its contractors in order that research and production programs will not be interrupted. To achieve these objectives, security responsibilities have been divided into three interdependent categories: personnel security, physical security, and security education and quality audits. This guide presents instructions for implementing a security program at a contractor/subcontractor site.

  14. Efficient Controlled Quantum Secure Direct Communication Protocols

    NASA Astrophysics Data System (ADS)

    Patwardhan, Siddharth; Moulick, Subhayan Roy; Panigrahi, Prasanta K.

    2016-07-01

    We study controlled quantum secure direct communication (CQSDC), a cryptographic scheme where a sender can send a secret bit-string to an intended recipient, without any secure classical channel, who can obtain the complete bit-string only with the permission of a controller. We report an efficient protocol to realize CQSDC using Cluster state and then go on to construct a (2-3)-CQSDC using Brown state, where a coalition of any two of the three controllers is required to retrieve the complete message. We argue both protocols to be unconditionally secure and analyze the efficiency of the protocols to show it to outperform the existing schemes while maintaining the same security specifications.

  15. ICW eHealth Framework.

    PubMed

    Klein, Karsten; Wolff, Astrid C; Ziebold, Oliver; Liebscher, Thomas

    2008-01-01

    The ICW eHealth Framework (eHF) is a powerful infrastructure and platform for the development of service-oriented solutions in the health care business. It is the culmination of many years of experience of ICW in the development and use of in-house health care solutions and represents the foundation of ICW product developments based on the Java Enterprise Edition (Java EE). The ICW eHealth Framework has been leveraged to allow development by external partners - enabling adopters a straightforward integration into ICW solutions. The ICW eHealth Framework consists of reusable software components, development tools, architectural guidelines and conventions defining a full software-development and product lifecycle. From the perspective of a partner, the framework provides services and infrastructure capabilities for integrating applications within an eHF-based solution. This article introduces the ICW eHealth Framework's basic architectural concepts and technologies. It provides an overview of its module and component model, describes the development platform that supports the complete software development lifecycle of health care applications and outlines technological aspects, mainly focusing on application development frameworks and open standards.

  16. Safeguards and security modeling for electrochemical plants

    SciTech Connect

    Cipiti, B.B.; Duran, F.A.; Mendoza, L.A.; Parks, M.J.; Dominguez, D.; Le, T.D.

    2013-07-01

    Safeguards and security design for reprocessing plants can lead to excessive costs if not incorporated early in the design process. The design for electrochemical plants is somewhat uncertain since these plants have not been built at a commercial scale in the past. The Separation and Safeguards Performance Model (SSPM), developed at Sandia National Laboratories, has been used for safeguards design and evaluation for multiple reprocessing plant types. The SSPM includes the following capabilities: -) spent fuel source term library, -) mass tracking of elements 1-99 and bulk solid/liquids, -) tracking of heat load and activity, -) customisable measurement points, -) automated calculation of ID and error propagation, -) alarm conditions and statistical tests, and -) user-defined diversion scenarios. Materials accountancy and process monitoring data can provide more timely detection of material loss specifically to protect against the insider threat. While the SSPM is capable of determining detection probabilities and examining detection times for material loss scenarios, it does not model the operations or spatial effects for a plant design. The STAGE software was chosen to model the physical protection system. STAGE provides a framework to create end-to-end scalable force-on-force combat simulations. It allows for a complete 3D model of a facility to be designed along with the design of physical protection elements. This software, then, can be used to model operations and response for various material loss scenarios. The future integration of the SSPM model data with the STAGE software will provide a more complete analysis of diversion scenarios to assist plant designers.

  17. 78 FR 79241 - Assessment Framework and Organizational Restatement Regarding Preemption for Certain Regulations...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-27

    ... December 27, 2013 Part V Department of Homeland Security Coast Guard 33 CFR Part 1 Assessment Framework and Organizational Restatement Regarding Preemption for Certain Regulations Issued by the Coast Guard; Proposed Rule...; ] DEPARTMENT OF HOMELAND SECURITY Coast Guard 33 CFR Part 1 RIN 1625-AB32 Assessment Framework...

  18. Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications

    SciTech Connect

    Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

    2010-05-24

    This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

  19. Computer security is out of balance

    SciTech Connect

    Bush, G.; Brand, R.

    1989-01-31

    System Engineering practices are being applied to Computer Security, but not broadly enough. If we concentrate on only the computer security aspects in our field of computer security, then our focus may be too narrow, and consequently be out of balance. We must examine the complete system that includes the computers, the users, and their environment on the broadest scale possible. As an example of the problem in balance of emphasis, the work being done on Trusted Computer Bases is excellent, but is easily nullified by indifferent users. Our business is the search for weakest links, but that search cannot focus exclusively on just the part of the system that includes the computers. The dambuilding platitude is also relevant to this issue of focus, when the left side team builds their side of the dam higher than the right side team, no additional security (water) is realized. All parts and security programs must be in balance to be effective. 7 refs.

  20. Secure and Authenticated Data Communication in Wireless Sensor Networks.

    PubMed

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  1. Secure and Efficient Routable Control Systems

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  2. An Open Framework for Low-Latency Communications across the Smart Grid Network

    ERIC Educational Resources Information Center

    Sturm, John Andrew

    2011-01-01

    The recent White House (2011) policy paper for the Smart Grid that was released on June 13, 2011, "A Policy Framework for the 21st Century Grid: Enabling Our Secure Energy Future," defines four major problems to be solved and the one that is addressed in this dissertation is Securing the Grid. Securing the Grid is referred to as one of…

  3. Explaining the Socio-Economic Status School Completion Gap

    ERIC Educational Resources Information Center

    Polidano, Cain; Hanel, Barbara; Buddelmeyer, Hielke

    2013-01-01

    Relatively low rates of school completion among students from low socio-economic backgrounds is a key driver of intergenerational inequality. Linking data from the Programme for International Student Assessment with data from the Longitudinal Survey of Australian Youth, we use a decomposition framework to explain the gap in school completion rates…

  4. New initiatives in materials security

    SciTech Connect

    Cynthia, G.; Jones, Ph.D.

    2008-07-01

    Security Measures (61 Orders issued 1/04, Inspections done); Transportation of Radioactive Material Quantities of Concern (167 Orders Issued 07/05, Inspections done); Orders for Increased Control Measures for other types of sources by categories of licenses (1,098 NRC Orders and 1782 binding State requirements issued by 12/05, Implemented 06/06, Inspections done by NRC and States). Security Inspection Results: All first year Increased Control inspections completed; NRC Information Notice (IN) 2007-16 issued May 2007; Since IN 2007-16 was issued, {approx}50% of the NRC inspections performed resulted in violations; Licensees misinterpreted or incompletely implemented requirements; Common theme: failure to properly document actions or programs when implementing the Increased Controls. Energy Policy Act of 2005: Established Radiation Source Protection and Security Task Force: cooperative effort with 14 Federal agencies, 2 State organizations; Comprehensive analysis of the security of radiation sources in the U.S.; Directed NRC to contract with National Academy of Sciences to conduct a study on radiation source use and replacement; Report to the President and Congress issued 8/06 and every 4 years thereafter. Radiation Source Protection and Security Task Force: Need higher priority on international transport security; Evaluate feasibility of using new and existing technologies to detect and discourage theft during transport; Conduct a feasibility study on the possible phase out of CsCl in highly dispersible forms; Further evaluate potential alternative technologies; Expedite completion of fingerprint requirements in Act. National Source Tracking System: Joint NRC/DOE 2003 report on Radiological Dispersal Devices recommended development of a national source tracking system; IAEA Code of Conduct recommended establishment of a national registry; U.S. Energy Policy Act of 2005 placed requirements for NRC to issue regulations establishing a mandatory tracking system. New

  5. Digital security technology simplified.

    PubMed

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  6. Insert tree completion system

    SciTech Connect

    Brands, K.W.; Ball, I.G.; Cegielski, E.J.; Gresham, J.S.; Saunders, D.N.

    1982-09-01

    This paper outlines the overall project for development and installation of a low-profile, caisson-installed subsea Christmas tree. After various design studies and laboratory and field tests of key components, a system for installation inside a 30-in. conductor was ordered in July 1978 from Cameron Iron Works Inc. The system is designed to have all critical-pressure-containing components below the mudline and, with the reduced profile (height) above seabed, provides for improved safety of satellite underwater wells from damage by anchors, trawl boards, and even icebergs. In addition to the innovative nature of the tree design, the completion includes improved 3 1/2-in. through flowline (TFL) pumpdown completion equipment with deep set safety valves and a dual detachable packer head for simplified workover capability. The all-hydraulic control system incorporates a new design of sequencing valve for both Christmas tree control and remote flowline connection. A semisubmersible drilling rig was used to initiate the first end flowline connection at the wellhead for subsequent tie-in to the prelaid, surface-towed, all-welded subsea pipeline bundle.

  7. Evaluation Framework for Telemedicine Using the Logical Framework Approach and a Fishbone Diagram

    PubMed Central

    2015-01-01

    Objectives Technological advances using telemedicine and telehealth are growing in healthcare fields, but the evaluation framework for them is inconsistent and limited. This paper suggests a comprehensive evaluation framework for telemedicine system implementation and will support related stakeholders' decision-making by promoting general understanding, and resolving arguments and controversies. Methods This study focused on developing a comprehensive evaluation framework by summarizing themes across the range of evaluation techniques and organized foundational evaluation frameworks generally applicable through studies and cases of diverse telemedicine. Evaluation factors related to aspects of information technology; the evaluation of satisfaction of service providers and consumers, cost, quality, and information security are organized using the fishbone diagram. Results It was not easy to develop a monitoring and evaluation framework for telemedicine since evaluation frameworks for telemedicine are very complex with many potential inputs, activities, outputs, outcomes, and stakeholders. A conceptual framework was developed that incorporates the key dimensions that need to be considered in the evaluation of telehealth implementation for a formal structured approach to the evaluation of a service. The suggested framework consists of six major dimensions and the subsequent branches for each dimension. Conclusions To implement telemedicine and telehealth services, stakeholders should make decisions based on sufficient evidence in quality and safety measured by the comprehensive evaluation framework. Further work would be valuable in applying more comprehensive evaluations to verify and improve the comprehensive framework across a variety of contexts with more factors and participant group dimensions. PMID:26618028

  8. Project Management Framework to Organizational Transitions

    NASA Technical Reports Server (NTRS)

    Kotnour, Tim; Barton, Saul

    1996-01-01

    This paper describes a project management framework and associated models for organizational transitions. The framework contains an integrated set of steps an organization can take to lead an organizational transition such as downsizing and change in mission or role. The framework is designed to help an organization do the right work the right way with the right people at the right time. The underlying rationale for the steps in the framework is based on a set of findings which include: defining a transition as containing both near-term and long-term actions, designing actions which respond to drivers and achieve desired results, aligning the organization with the external environment, and aligning the internal components of the organization. The framework was developed based on best practices found in the literature, lessons learned from heads of organizations who have completed large-scale organizational changes, and concerns from employees at the Kennedy Space Center (KSC). The framework is described using KSC.

  9. Towards Efficient Collaboration in Cyber Security

    SciTech Connect

    Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

    2010-06-03

    Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently— for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

  10. Security system signal supervision

    SciTech Connect

    Chritton, M.R. ); Matter, J.C. )

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

  11. Completely bootstrapped tokamak

    SciTech Connect

    Weening, R.H. ); Boozer, A.H. )

    1992-01-01

    Numerical simulations of the evolution of large-scale magnetic fields have been developed using a mean-field Ohm's law. The Ohm's law is coupled to a {Delta}{prime} stabilty analysis and a magnetic island growth equation in order to simulate the behavior of tokamak plasmas that are subject to tearing modes. In one set of calculations, the magnetohydrodynamic (MHD)-stable regime of the tokamak is examined via the construction of an {ital l}{sub {ital i}} -{ital q}{sub {ital a}} diagram. The results confirm previous calculations that show that tearing modes introduce a stability boundary into the {ital l}{sub {ital i}} -{ital q}{sub {ital a}} space. In another series of simulations, the interaction between tearing modes and the bootstrap current is investigated. The results indicate that a completely bootstrapped tokamak may be possible, even in the absence of any externally applied loop voltage or current drive.

  12. SCUBA 2 Nears Completion

    NASA Astrophysics Data System (ADS)

    Robson, I.; Holland, W.; Fairley, A.; MacIntosh, M.; Walton, A.; Parker, W.; Irwin, K.; Hilton, G.; Peter, A.; Halpern, M.; Fich, M.

    2005-12-01

    The second generation submillimetre camera for the JCMT, SCUBA-2, is now in the Assembly-Integration-Test phase in the lab at the UK ATC Edinburgh. The prototype 850 and 450 micron arrays have both been tested at Cardiff and are well within specification. The cryogenic performance of the instrument has been verified with sub 100mK performance achieved and the prototype arrays will receive first light in the instrument before Christmas 2005. The science grade arrays are currently under production from NIST, University of Edinburgh and Raytheon and the first devices will arrive in the UK in November 2005. Testing of the complete system with the Multi-Channel-Electronics from UBC will commence in January and SCUBA-2 will be delivered to the JCMT in August 2006.

  13. Beyond complete positivity

    NASA Astrophysics Data System (ADS)

    Dominy, Jason M.; Lidar, Daniel A.

    2016-04-01

    We provide a general and consistent formulation for linear subsystem quantum dynamical maps, developed from a minimal set of postulates, primary among which is a relaxation of the usual, restrictive assumption of uncorrelated initial system-bath states. We describe the space of possibilities admitted by this formulation, namely that, far from being limited to only completely positive (CP) maps, essentially any C-linear, Hermiticity-preserving, trace-preserving map can arise as a legitimate subsystem dynamical map from a joint unitary evolution of a system coupled to a bath. The price paid for this added generality is a trade-off between the set of admissible initial states and the allowed set of joint system-bath unitary evolutions. As an application, we present a simple example of a non-CP map constructed as a subsystem dynamical map that violates some fundamental inequalities in quantum information theory, such as the quantum data processing inequality.

  14. Security Research and Safety Aspects in Slovakia

    NASA Astrophysics Data System (ADS)

    Sinay, Juraj

    In 2004 the Slovak Republic joined the European Community. This accession called for changes in the new member state's internal and external processes, as well as the acceptance of the European Community regulatory framework and its implementation in Slovakian national legislation. Even though Slovakia had started with step-by-step integration of specific regulations during accession negotiations, final implementation was only concluded upon admission into the European Community. The process spanned the fields of occupational health and safety (Safety) and civil security (Security), notwithstanding that professionals in these areas had already been working in line with the European legislation.

  15. Security: Progress and Challenges

    ERIC Educational Resources Information Center

    Luker, Mark A.

    2004-01-01

    The Homepage column in the March/April 2003 issue of "EDUCAUSE Review" explained the national implication of security vulnerabilities in higher education and the role of the EDUCAUSE/Internet2 Computer and Network Security Task Force in representing the higher education sector in the development of the National Strategy to Secure Cyberspace. Among…

  16. School Violence: Physical Security.

    ERIC Educational Resources Information Center

    Utah State Office of Education, Salt Lake City.

    This booklet provides an overview of security technology product areas that might be appropriate and affordable for school applications. Topics cover security concepts and operational issues; security issues when designing for new schools; the role of maintenance; video camera use; walk-through metal detectors; duress alarm devices; and a partial…

  17. Selecting Security Technology Providers

    ERIC Educational Resources Information Center

    Schneider, Tod

    2009-01-01

    The world of security technology holds great promise, but it is fraught with opportunities for expensive missteps and misapplications. The quality of the security technology consultants and system integrators one uses will have a direct bearing on how well his school masters this complex subject. Security technology consultants help determine…

  18. Homeland Security and Information.

    ERIC Educational Resources Information Center

    Relyea, Harold C.

    2002-01-01

    Reviews the development of two similar policy concepts, national security and internal security, before exploring the new phrase homeland security that has become popular since the September 11 terrorist attacks. Discusses the significance of each for information policy and practice. (Author/LRW)

  19. Filling a Security Gap

    ERIC Educational Resources Information Center

    Parks and Recreation, 1978

    1978-01-01

    A new type of public facility security system, utilizing a radio system and voice logging recorder, has effectively improved security at the John F. Kennedy Center for the Performing Arts. The system monitors security operations, provides a reliable record in the case of conflicting claims, and accurately pinpoints the time of events. (DS)

  20. Designing Ensemble Based Security Framework for M-Learning System

    ERIC Educational Resources Information Center

    Mahalingam, Sheila; Abdollah, Mohd Faizal; bin Sahibuddin, Shahrin

    2014-01-01

    Mobile Learning has a potential to improve efficiency in the education sector and expand educational opportunities to underserved remote area in higher learning institutions. However there are multi challenges in different altitude faced when introducing and implementing m-learning. Despite the evolution of technology changes in education,…

  1. Integrating Intelligence for Border Security

    SciTech Connect

    Anderson, Dale N. ); Thompson, Sandra E. ); Wilhelm, Charles E. E.; Wogman, Ned A. )

    2004-02-04

    Effective utilization of all available intelligence, including sensor signatures and situational awareness is a key objective in homeland security. Binding all sources of information into an objective and lucid decision algorithm can provide clarity to identify signatures that are strongly and uniquely indicative of terrorist activities, thus reducing false alarms that conjure images of profiling and concerns regarding our civil rights. The fundamental premise of this paper is that the optimal integration of situational awareness, intelligence and hard sensor signatures should begin at the field level and work backward, that is, begin with the desired outcome and work backward. Construction of in-the-field algorithms with these characteristics will necessarily be dominated by careful mathematical and scientific thought as opposed to purely empirical, unguided data analysis. The research and development (R and D) effort for optimal decision algorithm construction naturally encourages homeland security communication at all operational levels including that between scientists, intelligence analysts, government leadership and the private sector. Why? Because decisions have consequences that impact all stakeholders, and a formal decision framework is capable of quantifying these consequences. A properly constructed framework naturally includes mathematical plug-in points for hard sensor data, intelligence and situational awareness. These plug-in points naturally guide the formulation of information to a common standard, thus facilitating and promoting intelligence sharing. A well established foundation to build these frameworks at the in-the-field and strategic level can be found in a body of theory in mathematical statistics -Bayesian decision sciences. We assert that decision algorithms with these characteristics are necessary for optimal front line operational capabilities in the war on terrorism.

  2. Information Security Management (ISM)

    NASA Astrophysics Data System (ADS)

    Šalgovičová, Jarmila; Prajová, Vanessa

    2012-12-01

    Currently, all organizations have to tackle the issue of information security. The paper deals with various aspects of Information Security Management (ISM), including procedures, processes, organizational structures, policies and control processes. Introduction of Information Security Management should be a strategic decision. The concept and implementation of Information Security Management in an organization are determined by the corporate needs and objectives, security requirements, the processes deployed as well as the size and structure of the organization. The implementation of ISM should be carried out to the extent consistent with the needs of the organization.

  3. [Several problems in ecological security assessment research].

    PubMed

    Wang, Genxu; Cheng, Guodong; Qian, Ju

    2003-09-01

    Ecological security assessment is the identification and judgment of ecosystem completeness and sustainable ability to maintain ecosystem health under all kinds of risks, the core contents of which are ecological risk assessment and ecological health assessment. Ecological risk identification and ecological vulnerability are the composing elements of ecological risk assessment, while ecological health includes three aspects, i.e., ecological completeness, ecosystem vigor, and ecosystem resilience. In the studies of ecological security assessment, the rational combination of ecological risk and ecological health, and the establishment of integrated measure index system based on confirming spatial scale are needed. At present, risk factor identification index, exposure analysis index, and influence (response) analysis index are the broader construction systems of ecological risk index. Nevertheless, on the basis of the classification of EDI, REI and IRI, the method of superimposing exposure analysis index may be the development direction of establishing index system in the future. Among the methods of quantificational assessment, exposure-response analysis was one of the most extensive method used at present, but ecological model method to assess different-scale ecological security will be the main development field, and focused on the security of ecological processes in the future. Ecological security assessment must be intergraded with ecological prediction, security guarantee and management. PMID:14733019

  4. Computer Security Systems Enable Access.

    ERIC Educational Resources Information Center

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  5. Balancing Security and Learning. School Security Supplement.

    ERIC Educational Resources Information Center

    Kennedy, Mike

    2002-01-01

    Discusses ways to provide vital safety to schools without inhibiting the learning environment for students. Describes security efforts at Orange County, Florida schools, such as using video cameras, school police officers, and access-control systems. (EV)

  6. Securing collaborative environments

    SciTech Connect

    Agarwal, Deborah; Jackson, Keith; Thompson, Mary

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  7. Quantum coin flipping secure against channel noises

    NASA Astrophysics Data System (ADS)

    Zhang, Sheng; Zhang, Yuexin

    2015-08-01

    So far, most existing single-shot quantum coin flipping (QCF) protocols have failed in a noisy quantum channel. Here, we present a nested-structure framework that makes it possible to achieve partially noise-tolerant QCF, due to a trade-off between the security and the justice correctness. It is showed that noise-tolerant single-shot QCF protocols can be produced by filling the presented framework up with existing or even future protocols. We also proved a lower bound of 0.25, with which a cheating Alice or Bob could bias the outcome.

  8. Second generation registry framework

    PubMed Central

    2014-01-01

    Background Information management systems are essential to capture data be it for public health and human disease, sustainable agriculture, or plant and animal biosecurity. In public health, the term patient registry is often used to describe information management systems that are used to record and track phenotypic data of patients. Appropriate design, implementation and deployment of patient registries enables rapid decision making and ongoing data mining ultimately leading to improved patient outcomes. A major bottleneck encountered is the static nature of these registries. That is, software developers are required to work with stakeholders to determine requirements, design the system, implement the required data fields and functionality for each patient registry. Additionally, software developer time is required for ongoing maintenance and customisation. It is desirable to deploy a sophisticated registry framework that can allow scientists and registry curators possessing standard computing skills to dynamically construct a complete patient registry from scratch and customise it for their specific needs with little or no need to engage a software developer at any stage. Results This paper introduces our second generation open source registry framework which builds on our previous rare disease registry framework (RDRF). This second generation RDRF is a new approach as it empowers registry administrators to construct one or more patient registries without software developer effort. New data elements for a diverse range of phenotypic and genotypic measurements can be defined at any time. Defined data elements can then be utilised in any of the created registries. Fine grained, multi-level user and workgroup access can be applied to each data element to ensure appropriate access and data privacy. We introduce the concept of derived data elements to assist the data element standards communities on how they might be best categorised. Conclusions We introduce the

  9. An Assessment of Integrated Health Management Frameworks

    SciTech Connect

    Lybeck, Nancy; Coble, Jamie B.; Tawfik, Magdy; Bond, Leonard J.

    2012-05-18

    In order to meet the ever increasing demand for energy, the United States nuclear industry is turning to life extension of existing nuclear power plants (NPPs). Economically ensuring the safe, secure, and reliable operation of aging NPPs presents many challenges. The 2009 Light Water Reactor Sustainability Workshop identified online monitoring of active and structural components as essential to better understanding and management of the challenges posed by aging NPPs. Additionally, there is increasing adoption of condition-based maintenance (CBM) for active components in NPPs. These techniques provide a foundation upon which a variety of advanced online surveillance, diagnostic, and prognostic techniques can be deployed to continuously monitor and assess the health of NPP systems and components. The next step in the development of advanced online monitoring is to move beyond CBM to estimating the remaining useful life of active components using prognostic tools. Deployment of prognostic health management (PHM) on the scale of an NPP requires the use of an integrated health management (IHM) framework - a software product (or suite of products) used to manage the necessary elements needed for a complete implementation of online monitoring and prognostics. This paper provides a thoughtful look at the desirable functions and features of IHM architectures. A full PHM system involves several modules, including data acquisition, system modeling, fault detection, fault diagnostics, system prognostics, and advisory generation (operations and maintenance planning). The standards applicable to PHM applications are indentified and summarized. A list of evaluation criteria for PHM software products, developed to ensure scalability of the toolset to an environment with the complexity of an NPP, is presented. Fourteen commercially available PHM software products are identified and classified into four groups: research tools, PHM system development tools, deployable architectures

  10. Component-Based Security Policy Design with Colored Petri Nets

    NASA Astrophysics Data System (ADS)

    Huang, Hejiao; Kirchner, Hélène

    Security policies are one of the most fundamental elements of computer security. This paper uses colored Petri net process (CPNP) to specify and verify security policies in a modular way. It defines fundamental policy properties, i.e., completeness, termination, consistency and confluence, in Petri net terminology and gets some theoretical results. According to XACML combiners and property-preserving Petri net process algebra (PPPA), several policy composition operators are specified and property-preserving results are stated for the policy correctness verification.

  11. A risk management model for securing virtual healthcare communities.

    PubMed

    Chryssanthou, Anargyros; Varlamis, Iraklis; Latsiou, Charikleia

    2011-01-01

    Virtual healthcare communities aim to bring together healthcare professionals and patients, improve the quality of healthcare services and assist healthcare professionals and researchers in their everyday activities. In a secure and reliable environment, patients share their medical data with doctors, expect confidentiality and demand reliable medical consultation. Apart from a concrete policy framework, several ethical, legal and technical issues must be considered in order to build a trustful community. This research emphasises on security issues, which can arise inside a virtual healthcare community and relate to the communication and storage of data. It capitalises on a standardised risk management methodology and a prototype architecture for healthcare community portals and justifies a security model that allows the identification, estimation and evaluation of potential security risks for the community. A hypothetical virtual healthcare community is employed in order to portray security risks and the solutions that the security model provides.

  12. A Framework for Enterprise Operating Systems Based on Zachman Framework

    NASA Astrophysics Data System (ADS)

    Ostadzadeh, S. Shervin; Rahmani, Amir Masoud

    Nowadays, the Operating System (OS) isn't only the software that runs your computer. In the typical information-driven organization, the operating system is part of a much larger platform for applications and data that extends across the LAN, WAN and Internet. An OS cannot be an island unto itself; it must work with the rest of the enterprise. Enterprise wide applications require an Enterprise Operating System (EOS). Enterprise operating systems used in an enterprise have brought about an inevitable tendency to lunge towards organizing their information activities in a comprehensive way. In this respect, Enterprise Architecture (EA) has proven to be the leading option for development and maintenance of enterprise operating systems. EA clearly provides a thorough outline of the whole information system comprising an enterprise. To establish such an outline, a logical framework needs to be laid upon the entire information system. Zachman Framework (ZF) has been widely accepted as a standard scheme for identifying and organizing descriptive representations that have prominent roles in enterprise-wide system development. In this paper, we propose a framework based on ZF for enterprise operating systems. The presented framework helps developers to design and justify completely integrated business, IT systems, and operating systems which results in improved project success rate.

  13. Supervisor security provision: correlates and related mechanisms.

    PubMed

    Lavy, Shiri

    2014-06-01

    Attachment security in relationships is associated with several positive outcomes. Recently, researchers have applied attachment theory to employee-supervisor relationships. Two studies examined associations of supervisors' provision of attachment-related security with work-related outcomes and related underlying mechanisms. Participants completed measures of their supervisors' security provisions and of their own job satisfaction, organizational commitment, burnout, and performance. Supervisors' security provisions were associated with positive work-related outcomes, which were mediated by closeness behaviors (Study 1; N = 150, M age = 33.3 yr., SD = 9.6). These associations were also mediated by employees' sense of meaning at work when the supervisor was of the same sex (Study 2; N = 120, M age = 26.5 yr., SD = 5.0). Findings supported attachment-related dynamics in employee-supervisor relationships and suggested psychological mechanisms underlying these effects. PMID:25074301

  14. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  15. 14. Implementation, execution, and completion of projects.

    PubMed

    2014-05-01

    Once an intervention has been selected for implementation, it becomes a project. Implementation of a project is a complex process and requires completion of a host of tasks. The implementation process has been deconstructed into its components so that it can be analysed and evaluated. A prerequisite for implementation is an operational plan. The tasks that require completion include: (1) reassessing current status and verifying the needs; (2) activating the operational plan; (3) setting-up and operating an administrative structure; (4) identifying, acquiring, and organising resources (including human resources); (5) assigning roles and responsibilities; (6) educating and training personnel (including mission-specific); (7) briefing staff; (8) preparing/readying resources for transport; (9) assuring project self-sufficiency; (10) arranging for personal necessities; (11) ensuring the safety of personnel and the security of equipment and supplies; (12) insuring personnel; (13) coordinating with other projects/actors; (14) coordinating with other BSF systems (role of the coordination and control centre); (15) communicating with community leaders; (16) initiating the use of standardised progress reports; (17) deploying personnel, equipment, and supplies; (18) initiating the intervention(s); (19) executing the intervention(s); (20) reporting start of interventions; (21) completing the project; and (22) completing and submitting a formal report. This deconstruction is essential in order to study the process and identify critical points of success and failure. It also is recognised that many interventions consist of many components (subfunctions), each of which may be considered a production process. PMID:24785811

  16. 32 CFR 154.16 - Security clearance.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... shall be accomplished in accordance with 32 CFR part 159. The investigative requirement shall be the... be processed for a security clearance in accordance with 32 CFR part 353 and the provisions of this...); where the full investigative coverage cannot be completed, a counterintelligence scope...

  17. Towards Changes in Information Security Education

    ERIC Educational Resources Information Center

    Hentea, Mariana; Dhillon, Harpal S.; Dhillon, Manpreet

    2006-01-01

    Despite a variety of Information Security Assurance (ISA) curricula and diverse educational models, universities often fail to provide their graduates with skills demanded by employers. There is a big discrepancy between the levels of skills expected by employers and those the graduates have after completing their studies. The authors compare the…

  18. What is Security? A perspective on achieving security

    SciTech Connect

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  19. Computer security plan development using an expert system

    SciTech Connect

    Hunteman, W.J. ); Evans, R.; Brownstein, M.; Chapman, L. )

    1990-01-01

    The Computer Security Plan Assistant (SPA) is an expert system for reviewing Department of Energy (DOE) Automated Data Processing (ADP) Security Plans. DOE computer security policies require ADP security plans to be periodically reviewed and updated by all DOE sites. SPA is written in XI-Plus, an expert system shell. SPA was developed by BDM International, Inc., under sponsorship by the DOE Center for Computer Security at Los Alamos National Laboratory. SPA runs on an IBM or compatible personal computer. It presents a series of questions about the ADP security plan being reviewed. The SPA user references the ADP Security Plan and answers the questions. The SPA user reviews each section of the security plan, in any order, until all sections have been reviewed. The SPA user can stop the review process after any section and restart later. A Security Plan Review Report is available after the review of each section of the Security Plan. The Security Plan Review Report gives the user a written assessment of the completeness of the ADP Security Plan. SPA is being tested at Los Alamos and will soon be available to the DOE community.

  20. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  1. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  2. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  3. 48 CFR 1339.107-70 - Information security.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information...

  4. PACS image security server

    NASA Astrophysics Data System (ADS)

    Cao, Fei; Huang, H. K.

    2004-04-01

    Medical image security in a PACS environment has become a pressing issue as communications of images increasingly extends over open networks, and hospitals are currently hard-pushed by Health Insurance Portability and Accountability Act (HIPAA) to be HIPPA complaint for ensuring health data security. Other security-related guidelines and technical standards continue bringing to the public attention in healthcare. However, there is not an infrastructure or systematic method to implement and deploy these standards in a PACS. In this paper, we first review DICOM Part15 standard for secure communications of medical images and the HIPAA impacts on PACS security, as well as our previous works on image security. Then we outline a security infrastructure in a HIPAA mandated PACS environment using a dedicated PACS image security server. The server manages its own database of all image security information. It acts as an image Authority for checking and certificating the image origin and integrity upon request by a user, as a secure DICOM gateway to the outside connections and meanwhile also as a PACS operation monitor for HIPAA supporting information.

  5. Urban environment and health: food security.

    PubMed

    Galal, Osman; Corroon, Meghan; Tirado, Cristina

    2010-07-01

    The authors examine the impact of urbanization on food security and human health in the Middle East. Within-urban-population disparities in food security represent one of the most dramatic indicators of economic and health disparities. These disparities are reflected in a double burden of health outcomes: increasing levels of chronic disease as well as growing numbers of undernourished among the urban poor. These require further comprehensive solutions. Some of the factors leading to food insecurity are an overdependence on purchased food commodities, lack of sufficient livelihoods, rapid reductions in peripheral agricultural land, and adverse impacts of climate change. The Food and Agriculture Organization of the United Nations (FAO) Food Security Framework is used to examine and compare 2 cities in the Middle East: Amman, Jordan, and Manama, Bahrain.

  6. Elementary Integrated Curriculum Framework

    ERIC Educational Resources Information Center

    Montgomery County Public Schools, 2010

    2010-01-01

    The Elementary Integrated Curriculum (EIC) Framework is the guiding curriculum document for the Elementary Integrated Curriculum and represents the elementary portion of the Montgomery County (Maryland) Public Schools (MCPS) Pre-K-12 Curriculum Frameworks. The EIC Framework contains the detailed indicators and objectives that describe what…

  7. Choices, Frameworks and Refinement

    NASA Technical Reports Server (NTRS)

    Campbell, Roy H.; Islam, Nayeem; Johnson, Ralph; Kougiouris, Panos; Madany, Peter

    1991-01-01

    In this paper we present a method for designing operating systems using object-oriented frameworks. A framework can be refined into subframeworks. Constraints specify the interactions between the subframeworks. We describe how we used object-oriented frameworks to design Choices, an object-oriented operating system.

  8. Grid-based Visualization Framework

    NASA Astrophysics Data System (ADS)

    Thiebaux, M.; Tangmunarunkit, H.; Kesselman, C.

    2003-12-01

    Advances in science and engineering have put high demands on tools for high-performance large-scale visual data exploration and analysis. For example, earthquake scientists can now study earthquake phenomena from first principle physics-based simulations. These simulations can generate large amounts of data, possibly high spatial resolution, and long time series. Single-system visualization software running on commodity machines cannot scale up to the large amounts of data generated by these simulations. To address this problem, we propose a flexible and extensible Grid-based visualization framework for time-critical, interactively controlled visual browsing of spatially and temporally large datasets in a Grid environment. Our framework leverages Grid resources for scalable computation and data storage to maintain performance and interactivity with large visualization jobs. Our framework utilizes Globus Toolkit 2.4 components for security (i.e., GSI), resource allocation and management (i.e., DUROC, GRAM) and communication (i.e., Globus-IO) to couple commodity desktops with remote, scalable storage and computational resources in a Grid for interactive data exploration. There are two major components in this framework---Grid Data Transport (GDT) and the Grid Visualization Utility (GVU). GDT provides libraries for performing parallel data filtering and parallel data exchange among Grid resources. GDT allows arbitrary data filtering to be integrated into the system. It also facilitates multi-tiered pipeline topology construction of compute resources and displays. In addition to scientific visualization applications, GDT can be used to support other applications that require parallel processing and parallel transfer of partial ordered independent files, such as file-set transfer. On top of GDT, we have developed the Grid Visualization Utility (GVU), which is designed to assist visualization dataset management, including file formatting, data transport and automatic

  9. Addressing Software Security

    NASA Technical Reports Server (NTRS)

    Bailey, Brandon

    2015-01-01

    Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

  10. Beyond grid security

    NASA Astrophysics Data System (ADS)

    Hoeft, B.; Epting, U.; Koenig, T.

    2008-07-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

  11. Standard Agent Framework 1

    SciTech Connect

    Goldsmith, Steven Y.

    1999-04-06

    The Standard Agent framework provides an extensible object-oriented development environment suitable for use in both research and applications projects. The SAF provides a means for constructing and customizing multi-agent systems through specialization of standard base classes (architecture-driven framework) and by composition of component classes (data driven framework). The standard agent system is implemented as an extensible object-centerd framework. Four concrete base classes are developed: (1) Standard Agency; (2) Standard Agent; (3) Human Factor, and (4) Resources. The object-centered framework developed and utilized provides the best comprimise between generality and flexibility available in agent development systems today.

  12. Semi-automatic Synthesis of Security Policies by Invariant-Guided Abduction

    NASA Astrophysics Data System (ADS)

    Hurlin, Clément; Kirchner, Hélène

    We present a specification approach of secured systems as transition systems and security policies as constraints that guard the transitions. In this context, security properties are expressed as invariants. Then we propose an abduction algorithm to generate possible security policies for a given transition-based system. Because abduction is guided by invariants, the generated security policies enforce security properties specified by these invariants. In this framework we are able to tune abduction in two ways in order to: (i) filter out bad security policies and (ii) generate additional possible security policies. Invariant-guided abduction helps designing policies and thus allows using formal methods much earlier in the process of building secured systems. This approach is illustrated on role-based access control systems.

  13. Survey of geothermal completion fluids

    SciTech Connect

    Childers, M.R.

    1980-01-01

    A survey of oil field fluids companies indicates that there are no geothermal completion fluids on the market. It is recommended that development of a completion fluid and appropriate support testing be funded.

  14. Center for computer security: Computer Security Group conference. Summary

    SciTech Connect

    Not Available

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  15. OpenMDAO Framework Status

    NASA Technical Reports Server (NTRS)

    Naiman, Cynthia Gutierrez

    2010-01-01

    Advancing and exploring the science of Multidisciplinary Analysis & Optimization (MDAO) capabilities are high-level goals in the Fundamental Aeronautics Program s Subsonic Fixed Wing (SFW) project. The OpenMDAO team has made significant progress toward completing the Alpha OpenMDAO deliverable due in September 2010. Included in the presentation are: details of progress on developing the OpenMDAO framework, example usage of OpenMDAO, technology transfer plans, near term plans, progress toward establishing partnerships with external parties, and discussion of additional potential collaborations.

  16. Selecting RMF Controls for National Security Systems

    SciTech Connect

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  17. NSI security task: Overview

    NASA Technical Reports Server (NTRS)

    Tencati, Ron

    1991-01-01

    An overview is presented of the NASA Science Internet (NSI) security task. The task includes the following: policies and security documentation; risk analysis and management; computer emergency response team; incident handling; toolkit development; user consulting; and working groups, conferences, and committees.

  18. Network Security Is Manageable

    ERIC Educational Resources Information Center

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  19. Technology's Role in Security.

    ERIC Educational Resources Information Center

    Day, C. William

    1999-01-01

    Examines the use of technology to bolster the school security system, tips on selecting a security consultant, and several basic strategies to make buildings and grounds safer. Technological ideas discussed include the use of telephones in classrooms to expedite care in emergency situations, surveillance cameras to reduce crime, and metal…

  20. Developing a Security Profile.

    ERIC Educational Resources Information Center

    Woodcock, Chris

    1999-01-01

    Examines the questions schools should address when re-evaluating how to protect people, property, and assets. Questions addressed include where and how to begin to improve security in a school, getting the most protection economically, establishing where electronic security should be used, using surveillance cameras and systems, and what the role…

  1. School Security, 2000.

    ERIC Educational Resources Information Center

    Agron, Joe, Ed.; Anderson, Larry, Ed.

    This supplement, a collaboration of "American School & University" and "Access Control & Security Systems Integration" magazines, presents four articles examining equipment and management strategies to ensure school safety. "School Security by the Numbers" (Joe Agron; Larry Anderson) defines the parameters and quantifies the trend in the school…

  2. Secure video communications system

    DOEpatents

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  3. School Safety and Security.

    ERIC Educational Resources Information Center

    California State Dept. of Education, Sacramento.

    This document offers additional guidelines for school facilities in California in the areas of safety and security, lighting, and cleanliness. It also offers a description of technology resources available on the World Wide Web. On the topic of safety and security, the document offers guidelines in the areas of entrances, doors, and controlled…

  4. Incidents of Security Concern

    SciTech Connect

    Atencio, Julian J.

    2014-05-01

    This presentation addresses incidents of security concern and an incident program for addressing them. It addresses the phases of an inquiry, and it divides incidents into categories based on severity and interest types based on whether security, management, or procedural interests are involved. A few scenarios are then analyzed according to these breakdowns.

  5. School Security Technologies

    ERIC Educational Resources Information Center

    Schneider, Tod

    2010-01-01

    Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

  6. Security in the cloud.

    PubMed

    Degaspari, John

    2011-08-01

    As more provider organizations look to the cloud computing model, they face a host of security-related questions. What are the appropriate applications for the cloud, what is the best cloud model, and what do they need to know to choose the best vendor? Hospital CIOs and security experts weigh in.

  7. Water Security Toolkit

    SciTech Connect

    2012-09-11

    The Water Security Toolkit (WST) provides software for modeling and analyzing water distribution systems to minimize the potential impact of contamination incidents. WST wraps capabilities for contaminant transport, impact assessment, and sensor network design with response action plans, including source identification, rerouting, and decontamination, to provide a range of water security planning and real-time applications.

  8. Hydrological extremes and security

    NASA Astrophysics Data System (ADS)

    Kundzewicz, Z. W.; Matczak, P.

    2015-04-01

    Economic losses caused by hydrological extremes - floods and droughts - have been on the rise. Hydrological extremes jeopardize human security and impact on societal livelihood and welfare. Security can be generally understood as freedom from threat and the ability of societies to maintain their independent identity and their functional integrity against forces of change. Several dimensions of security are reviewed in the context of hydrological extremes. The traditional interpretation of security, focused on the state military capabilities, has been replaced by a wider understanding, including economic, societal and environmental aspects that get increasing attention. Floods and droughts pose a burden and serious challenges to the state that is responsible for sustaining economic development, and societal and environmental security. The latter can be regarded as the maintenance of ecosystem services, on which a society depends. An important part of it is water security, which can be defined as the availability of an adequate quantity and quality of water for health, livelihoods, ecosystems and production, coupled with an acceptable level of water-related risks to people, environments and economies. Security concerns arise because, over large areas, hydrological extremes - floods and droughts - are becoming more frequent and more severe. In terms of dealing with water-related risks, climate change can increase uncertainties, which makes the state's task to deliver security more difficult and more expensive. However, changes in population size and development, and level of protection, drive exposure to hydrological hazards.

  9. Addressing Information Security Risk

    ERIC Educational Resources Information Center

    Qayoumi, Mohammad H.; Woody, Carol

    2005-01-01

    Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…

  10. Bio-Inspired Cyber Security for Smart Grid Deployments

    SciTech Connect

    McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

    2013-05-01

    mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

  11. Secure quantum communication with orthogonal states

    NASA Astrophysics Data System (ADS)

    Shukla, Chitra; Banerjee, Anindita; Pathak, Anirban; Srikanth, R.

    2016-08-01

    In majority of protocols of secure quantum communication (such as, BB84, B92, etc.), the unconditional security of the protocols are obtained by using conjugate coding (two or more mutually unbiased bases (MUBs)). Initially, all the conjugate-coding-based protocols of secure quantum communication were restricted to quantum key distribution (QKD), but later on they were extended to other cryptographic tasks (such as, secure direct quantum communication and quantum key agreement). In contrast to the conjugate-coding-based protocols, a few completely orthogonal-state-based protocols of unconditionally secure QKD (such as, Goldenberg-Vaidman and N09) were also proposed. However, till the recent past, orthogonal-state-based protocols were only a theoretical concept and were limited to QKD. Only recently, orthogonal-state-based protocols of QKD are experimentally realized and extended to cryptographic tasks beyond QKD. This paper aims to briefly review the orthogonal-state-based protocols of secure quantum communication that are recently introduced by our group and other researchers.

  12. Biometric template transformation: a security analysis

    NASA Astrophysics Data System (ADS)

    Nagar, Abhishek; Nandakumar, Karthik; Jain, Anil K.

    2010-01-01

    One of the critical steps in designing a secure biometric system is protecting the templates of the users that are stored either in a central database or on smart cards. If a biometric template is compromised, it leads to serious security and privacy threats because unlike passwords, it is not possible for a legitimate user to revoke his biometric identifiers and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key. Only the transformed template is stored and matching is performed directly in the transformed domain. In this paper, we formally investigate the security strength of template transformation techniques and define six metrics that facilitate a holistic security evaluation. Furthermore, we analyze the security of two wellknown template transformation techniques, namely, Biohashing and cancelable fingerprint templates based on the proposed metrics. Our analysis indicates that both these schemes are vulnerable to intrusion and linkage attacks because it is relatively easy to obtain either a close approximation of the original template (Biohashing) or a pre-image of the transformed template (cancelable fingerprints). We argue that the security strength of template transformation techniques must consider also consider the computational complexity of obtaining a complete pre-image of the transformed template in addition to the complexity of recovering the original biometric template.

  13. A Standardization Framework for Electronic Government Service Portals

    NASA Astrophysics Data System (ADS)

    Sarantis, Demetrios; Tsiakaliaris, Christos; Lampathaki, Fenareti; Charalabidis, Yannis

    Although most eGovernment interoperability frameworks (eGIFs) cover adequately the technical aspects of developing and supporting the provision of electronic services to citizens and businesses, they do not exclusively address several important areas regarding the organization, presentation, accessibility and security of the content and the electronic services offered through government portals. This chapter extends the scope of existing eGIFs presenting the overall architecture and the basic concepts of the Greek standardization framework for electronic government service portals which, for the first time in Europe, is part of a country's eGovernment framework. The proposed standardization framework includes standards, guidelines and recommendations regarding the design, development and operation of government portals that support the provision of administrative information and services to citizens and businesses. By applying the guidelines of the framework, the design, development and operation of portals in central, regional and municipal government can be systematically addressed resulting in an applicable, sustainable and ever-expanding framework.

  14. Privacy and Security: A Bibliography.

    ERIC Educational Resources Information Center

    Computer and Business Equipment Manufacturers Association, Washington, DC.

    Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

  15. Network systems security analysis

    NASA Astrophysics Data System (ADS)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  16. Indirection and computer security.

    SciTech Connect

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  17. International Nuclear Security

    SciTech Connect

    Doyle, James E.

    2012-08-14

    This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

  18. 50 CFR 86.101 - What is the Service schedule to adopt the National Framework?

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... National Framework? 86.101 Section 86.101 Wildlife and Fisheries UNITED STATES FISH AND WILDLIFE SERVICE... INFRASTRUCTURE GRANT (BIG) PROGRAM Service Completion of the National Framework § 86.101 What is the Service schedule to adopt the National Framework? The Secretary of the Interior adopted the National Framework...

  19. 50 CFR 86.101 - What is the Service schedule to adopt the National Framework?

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... National Framework? 86.101 Section 86.101 Wildlife and Fisheries UNITED STATES FISH AND WILDLIFE SERVICE... INFRASTRUCTURE GRANT (BIG) PROGRAM Service Completion of the National Framework § 86.101 What is the Service schedule to adopt the National Framework? The Secretary of the Interior adopted the National Framework...

  20. 50 CFR 86.101 - What is the Service schedule to adopt the National Framework?

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... National Framework? 86.101 Section 86.101 Wildlife and Fisheries UNITED STATES FISH AND WILDLIFE SERVICE... INFRASTRUCTURE GRANT (BIG) PROGRAM Service Completion of the National Framework § 86.101 What is the Service schedule to adopt the National Framework? The Secretary of the Interior adopted the National Framework...

  1. The Secure-Base Hypothesis: Global Attachment, Attachment to Counselor, and Session Exploration in Psychotherapy

    ERIC Educational Resources Information Center

    Romano, Vera; Fitzpatrick, Marilyn; Janzen, Jennifer

    2008-01-01

    This study explored J. Bowlby's (1988) secure-base hypothesis, which predicts that a client's secure attachment to the therapist, as well as the client's and the therapist's global attachment security, will facilitate in-session exploration. Volunteer clients (N = 59) and trainee counselors (N = 59) in short-term therapy completed the Experiences…

  2. ARTEMIS: towards a secure interoperability infrastructure for healthcare information systems.

    PubMed

    Boniface, Mike; Wilken, Paul

    2005-01-01

    The ARTEMIS project is developing a semantic web service based P2P interoperability infrastructure for healthcare information systems. The strict legislative framework in which these systems are deployed means that the interoperability of security and privacy mechanisms is an important requirement in supporting communication of electronic healthcare records across organisation boundaries. In ARTEMIS, healthcare providers define semantically annotated security and privacy policies for web services based on organisational requirements. The ARTEMIS mediator uses these semantic web service descriptions to broker between organisational policies by reasoning over security and clinical concept ontologies.

  3. Assessing Quality of Data Standards: Framework and Illustration Using XBRL GAAP Taxonomy

    NASA Astrophysics Data System (ADS)

    Zhu, Hongwei; Wu, Harris

    The primary purpose of data standards or metadata schemas is to improve the interoperability of data created by multiple standard users. Given the high cost of developing data standards, it is desirable to assess the quality of data standards. We develop a set of metrics and a framework for assessing data standard quality. The metrics include completeness and relevancy. Standard quality can also be indirectly measured by assessing interoperability of data instances. We evaluate the framework using data from the financial sector: the XBRL (eXtensible Business Reporting Language) GAAP (Generally Accepted Accounting Principles) taxonomy and US Securities and Exchange Commission (SEC) filings produced using the taxonomy by approximately 500 companies. The results show that the framework is useful and effective. Our analysis also reveals quality issues of the GAAP taxonomy and provides useful feedback to taxonomy users. The SEC has mandated that all publicly listed companies must submit their filings using XBRL. Our findings are timely and have practical implications that will ultimately help improve the quality of financial data.

  4. 12 CFR 563.76 - Offers and sales of securities at an office of a savings association.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... guaranteed appears conspicuously on the security and in all offering documents and advertisements for the... completion of the conversion stock offering. (b) Securities sales practices, advertisements, and other sales... using the association's name, trade name, or logo....

  5. 12 CFR 563.76 - Offers and sales of securities at an office of a savings association.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... guaranteed appears conspicuously on the security and in all offering documents and advertisements for the... completion of the conversion stock offering. (b) Securities sales practices, advertisements, and other sales... using the association's name, trade name, or logo....

  6. 12 CFR 563.76 - Offers and sales of securities at an office of a savings association.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... guaranteed appears conspicuously on the security and in all offering documents and advertisements for the... completion of the conversion stock offering. (b) Securities sales practices, advertisements, and other sales... using the association's name, trade name, or logo....

  7. Multimodal Biometrics and Multilayered IDM for Secure Authentication

    NASA Astrophysics Data System (ADS)

    Rashed, Abdullah; Santos, Henrique

    In the Electronic Society (e-world) users are represented by a set of data called Digital Identity (ID), which they must use for authentication purposes. Within the e-world it is certainly risky to lose the identity and this security threat must be ranking with the highest priority, forcing a solution that provides an amenable usage of digital identity. Efficient protection of the digital identity would also encourage users to enter the digital world without worries. Security needs to provide the necessary identity management (IDM) process to mitigate that threat. This paper gives an overview of IDM and suggests a framework that can be particularly useful for a secure user authentication. The proposed model appears as a multi-layered security approach, since it tries to integrate different security technologies and multimodal biometrics tools and practices, such as police, procedures, guidelines, standards and legislation. The advantages, limitations and requirements of the proposed model are discussed.

  8. Exploring Robust and Resilient Pathways to Water Security (Invited)

    NASA Astrophysics Data System (ADS)

    Brown, C. M.

    2013-12-01

    Lack of water security and the resultant cumulative effects of water-related hazards are understood to hinder economic growth throughout the world. Traditional methods for achieving water security as exemplified in the industrialized world have exerted negative externalities such as degradation of aquatic ecosystems. There is also growing concern that such methods may not be robust to climate variability change. It has been proposed that alternative pathways to water security must be followed in the developing world. However, it is not clear such pathways currently exist and there is an inherent moral hazard in such recommendations. This presentation will present a multidimensional definition of water security, explore the conflict in norms between engineering and ecologically oriented communities, and present a framework synthesizing those norms for assessing and innovating robust and resilient pathways to water security.

  9. Security Verification Techniques Applied to PatchLink COTS Software

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Powell, John D.; Bishop, Matt; Andrew, Chris; Jog, Sameer

    2006-01-01

    Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink's UNIX Agent, a Commercial-Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.

  10. FY 1986 activities and accomplishments of the DOE Center for Computer Security. Status report

    SciTech Connect

    Strittmatter, R.B.

    1986-10-01

    The Department of Energy (DOE) Center for Computer Security (CCS) at Los Alamos National Laboratory is responsible for developing, collecting, organizing, and disseminating computer security information to the DOE and DOE contractors. This responsibility involves operations and field support, computer security education and awareness, and research and development. During the current fiscal year, the Center completed the Link ACE II, the DOE/CCS computer laboratory and Wide-Band Security Test Bed, and the computer security products database and its merger with the National Bureau of Standard's database. Also completed was the implementation of the Data Encryption Standard on the Wide-Band Communications Network.

  11. Economic performance of water storage capacity expansion for food security

    NASA Astrophysics Data System (ADS)

    Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

    2013-03-01

    SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

  12. Assessment of global water security: moving beyond water scarcity assessment

    NASA Astrophysics Data System (ADS)

    Wada, Y.; Gain, A. K.; Giupponi, C.

    2015-12-01

    Water plays an important role in underpinning equitable, stable and productive societies, and the ecosystems on which we depend. Many international river basins are likely to experience 'low water security' over the coming decades. Hence, ensuring water security along with energy and food securities has been recognised as priority goals in Sustainable Development Goals (SDGs) by the United Nations. This water security is not rooted only in the limitation of physical resources, i.e. the shortage in the availability of freshwater relative to water demand, but also on social and economic factors (e.g. flawed water planning and management approaches, institutional incapability to provide water services, unsustainable economic policies). Until recently, advanced tools and methods are available for assessment of global water scarcity. However, integrating both physical and socio-economic indicators assessment of water security at global level is not available yet. In this study, we present the first global understanding of water security using a spatial multi-criteria analysis framework that goes beyond available water scarcity assessment. For assessing water security at global scale, the term 'security' is conceptualized as a function of 'availability', 'accessibility to services', 'safety and quality', and 'management'. The Water security index is calculated by aggregating the indicators using both simple additive weighting (SAW) and ordered weighted average (OWA).

  13. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  14. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  15. HANFORD SITE CENTRAL PLATEAU CLEANUP COMPLETION STRATEGY

    SciTech Connect

    BERGMAN TB

    2011-01-14

    Cleanup of the Hanford Site is a complex and challenging undertaking. The U.S. Department of Energy (DOE) has developed a comprehensive vision for completing Hanford's cleanup mission including transition to post-cleanup activities. This vision includes 3 principle components of cleanup: the {approx}200 square miles ofland adjacent to the Columbia River, known as the River Corridor; the 75 square miles of land in the center of the Hanford Site, where the majority of the reprocessing and waste management activities have occurred, known as the Central Plateau; and the stored reprocessing wastes in the Central Plateau, the Tank Wastes. Cleanup of the River Corridor is well underway and is progressing towards completion of most cleanup actions by 2015. Tank waste cleanup is progressing on a longer schedule due to the complexity of the mission, with construction of the largest nuclear construction project in the United States, the Waste Treatment Plant, over 50% complete. With the progress on the River Corridor and Tank Waste, it is time to place increased emphasis on moving forward with cleanup of the Central Plateau. Cleanup of the Hanford Site has been proceeding under a framework defmed in the Hanford Federal Facility Agreement and Consent Order (Tri-Party Agreement). In early 2009, the DOE, the State of Washington Department of Ecology, and the U.S. Environmental Protection Agency signed an Agreement in Principle in which the parties recognized the need to develop a more comprehensive strategy for cleanup of the Central Plateau. DOE agreed to develop a Central Plateau Cleanup Completion Strategy as a starting point for discussions. This DOE Strategy was the basis for negotiations between the Parties, discussions with the State of Oregon, the Hanford Advisory Board, and other Stakeholder groups (including open public meetings), and consultation with the Tribal Nations. The change packages to incorporate the Central Plateau Cleanup Completion Strategy were signed by

  16. A secure semantic interoperability infrastructure for inter-enterprise sharing of electronic healthcare records.

    PubMed

    Boniface, Mike; Watkins, E Rowland; Saleh, Ahmed; Dogac, Asuman; Eichelberg, Marco

    2006-01-01

    Healthcare professionals need access to accurate and complete healthcare records for effective assessment, diagnosis and treatment of patients. The non-interoperability of healthcare information systems means that interenterprise access to a patient's history over many distributed encounters is difficult to achieve. The ARTEMIS project has developed a secure semantic web service infrastructure for the interoperability of healthcare information systems. Healthcare professionals share services and medical information using a web service annotation and mediation environment based on functional and clinical semantics derived from healthcare standards. Healthcare professionals discover medical information about individuals using a patient identification protocol based on pseudonymous information. The management of care pathways and access to medical information is based on a well-defined business process allowing healthcare providers to negotiate collaboration and data access agreements within the context of strict legislative frameworks.

  17. Complete to Compete: Common College Completion Metrics. Technical Guide

    ERIC Educational Resources Information Center

    Reyna, Ryan; Reindl, Travis; Witham, Keith; Stanley, Jeff

    2010-01-01

    Improved college completion rates are critical to the future of the United States, and states must have better data to understand the nature of the challenges they confront or target areas for policy change. The 2010-2011 National Governors Association (NGA) Chair's initiative, "Complete to Compete", recommends that all states collect data from…

  18. Management of Global Nuclear Materials for International Security

    SciTech Connect

    Isaacs, T; Choi, J-S

    2003-09-18

    Nuclear materials were first used to end the World War II. They were produced and maintained during the cold war for global security reasons. In the succeeding 50 years since the Atoms for Peace Initiative, nuclear materials were produced and used in global civilian reactors and fuel cycles intended for peaceful purposes. The Nonproliferation Treaty (NPT) of 1970 established a framework for appropriate applications of both defense and civilian nuclear activities by nuclear weapons states and non-nuclear weapons states. As global inventories of nuclear materials continue to grow, in a diverse and dynamically changing manner, it is time to evaluate current and future trends and needed actions: what are the current circumstances, what has been done to date, what has worked and what hasn't? The aim is to identify mutually reinforcing programmatic directions, leading to global partnerships that measurably enhance international security. Essential elements are material protection, control and accountability (MPC&A) of separated nuclear materials, interim storage, and geologic repositories for all nuclear materials destined for final disposal. Cooperation among key partners, such as the MPC&A program between the U.S. and Russia for nuclear materials from dismantled weapons, is necessary for interim storage and final disposal of nuclear materials. Such cooperative partnerships can lead to a new nuclear regime where a complete fuel cycle service with fuel leasing and spent fuel take-back can be offered to reactor users. The service can effectively minimize or even eliminate the incentive or rationale for the user-countries to develop their indigenous enrichment and reprocessing technologies. International cooperation, supported by governments of key countries can be best to facilitate the forum for formation of such cooperative partnerships.

  19. HCI∧2 framework: a software framework for multimodal human-computer interaction systems.

    PubMed

    Shen, Jie; Pantic, Maja

    2013-12-01

    This paper presents a novel software framework for the development and research in the area of multimodal human-computer interface (MHCI) systems. The proposed software framework, which is called the HCI∧2 Framework, is built upon publish/subscribe (P/S) architecture. It implements a shared-memory-based data transport protocol for message delivery and a TCP-based system management protocol. The latter ensures that the integrity of system structure is maintained at runtime. With the inclusion of bridging modules, the HCI∧2 Framework is interoperable with other software frameworks including Psyclone and ActiveMQ. In addition to the core communication middleware, we also present the integrated development environment (IDE) of the HCI∧2 Framework. It provides a complete graphical environment to support every step in a typical MHCI system development process, including module development, debugging, packaging, and management, as well as the whole system management and testing. The quantitative evaluation indicates that our framework outperforms other similar tools in terms of average message latency and maximum data throughput under a typical single PC scenario. To demonstrate HCI∧2 Framework's capabilities in integrating heterogeneous modules, we present several example modules working with a variety of hardware and software. We also present an example of a full system developed using the proposed HCI∧2 Framework, which is called the CamGame system and represents a computer game based on hand-held marker(s) and low-cost camera(s).

  20. An Information Fusion Framework for Threat Assessment

    SciTech Connect

    Beaver, Justin M; Kerekes, Ryan A; Treadwell, Jim N

    2009-01-01

    Modern enterprises are becoming increasingly sensitive to the potential destructive power of small groups or individuals with malicious intent. In response, significant investments are being made in developing a means to assess the likelihood of certain threats to their enterprises. Threat assessment needs are typically focused in very specific application areas where current processes rely heavily on human analysis to both combine any available data and draw conclusions about the probability of a threat. A generic approach to threat assessment is proposed, including a threat taxonomy and decision-level information fusion framework, that provides a computational means for merging multi-modal data for the purpose of assessing the presence of a threat. The framework is designed for flexibility, and intentionally accounts for the accuracy of each data source, given the environmental conditions, in order to manage the uncertainty associated with any acquired data. The taxonomy and information fusion framework is described, and discussed in the context of real-world applications such as shipping container security and cyber security.

  1. SOD: Framework structures

    NASA Astrophysics Data System (ADS)

    Fischer, R. X.; Baur, W. H.

    This document is part of Subvolume E `Zeolite-Type Crystal Structures and their Chemistry. Framework Type Codes RON to STI' of Volume 14 `Microporous and other Framework Materials with Zeolite-Type Structures' of Landolt-Börnstein Group IV `Physical Chemistry'.

  2. Unicam Activity Framework (UAF)

    ERIC Educational Resources Information Center

    Gagliardi, R.; Mauri, M.; Polzonetti, A.

    2016-01-01

    This presentation illustrates the framework of processing performance of the faculty of the University of Camerino. The evaluation criteria are explained and the technological structure that allows automatic performance assessment available online anywhere and anytime. The designed framework is usually applied to the performance evaluation of…

  3. Frameworks of Educational Technology

    ERIC Educational Resources Information Center

    Ely, Donald

    2008-01-01

    This paper, written from a 20th-century perspective, traces the development of, and influences on, the field of instructional technology and attempts to describe a framework within which we can better understand the field. [This article is based on "Instructional Technology: Contemporary Frameworks" originally written by the author for the…

  4. Implementing Information Security and Its Technology: A LineManagement Perspective

    SciTech Connect

    Barletta, William A.

    2005-08-22

    Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

  5. Standard Agent Framework 1

    1999-04-06

    The Standard Agent framework provides an extensible object-oriented development environment suitable for use in both research and applications projects. The SAF provides a means for constructing and customizing multi-agent systems through specialization of standard base classes (architecture-driven framework) and by composition of component classes (data driven framework). The standard agent system is implemented as an extensible object-centerd framework. Four concrete base classes are developed: (1) Standard Agency; (2) Standard Agent; (3) Human Factor, and (4)more » Resources. The object-centered framework developed and utilized provides the best comprimise between generality and flexibility available in agent development systems today.« less

  6. Teaching Secure Programming

    SciTech Connect

    Bishop, Matt; Frincke, Deb A.

    2005-09-01

    This article discusses issues in teaching secure coding in the context of both academic institutions and training organizations. The emphasis is on the importance of assurance. There is also some discussion of the role of checklists.

  7. Secure Chemical Facilities Act

    THOMAS, 113th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2013-01-23

    01/23/2013 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  8. Secure Chemical Facilities Act

    THOMAS, 112th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2011-03-31

    03/31/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  9. Intelligent Sensors Security

    PubMed Central

    Bialas, Andrzej

    2010-01-01

    The paper is focused on the security issues of sensors provided with processors and software and used for high-risk applications. Common IT related threats may cause serious consequences for sensor system users. To improve their robustness, sensor systems should be developed in a restricted way that would provide them with assurance. One assurance creation methodology is Common Criteria (ISO/IEC 15408) used for IT products and systems. The paper begins with a primer on the Common Criteria, and then a general security model of the intelligent sensor as an IT product is discussed. The paper presents how the security problem of the intelligent sensor is defined and solved. The contribution of the paper is to provide Common Criteria (CC) related security design patterns and to improve the effectiveness of the sensor development process. PMID:22315571

  10. Secure Visas Act

    THOMAS, 111th Congress

    Rep. Smith, Lamar [R-TX-21

    2010-03-04

    04/26/2010 Referred to the Subcommittee on Immigration, Citizenship, Refugees, Border Security, and International Law. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  11. Securing Cabin Baggage Act

    THOMAS, 111th Congress

    Rep. Lipinski, Daniel [D-IL-3

    2009-06-15

    06/17/2009 Referred to the Subcommittee on Transportation Security and Infrastructure Protection. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  12. Cognitive Computing for Security.

    SciTech Connect

    Debenedictis, Erik; Rothganger, Fredrick; Aimone, James Bradley; Marinella, Matthew; Evans, Brian Robert; Warrender, Christina E.; Mickel, Patrick

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  13. Department of Homeland Security

    MedlinePlus

    ... TSA Pre✓® Active Shooter Preparedness Hometown Security Countering Violent Extremism Forms Combating Human Trafficking Taking Action on ... Oct 31 Blog DHS Releases Strategy for Countering Violent Extremism Violent extremism is an evolving threat and ...

  14. Secure Chemical Facilities Act

    THOMAS, 111th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2010-07-15

    07/15/2010 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  15. Security vs. Safety.

    ERIC Educational Resources Information Center

    Sturgeon, Julie

    1999-01-01

    Provides administrative advice on how some safety experts have made college campuses safer and friendlier without breaking the budget. Tips on security and advice on safety management that encompasses the whole environment are highlighted. (GR)

  16. Keep America Secure Act

    THOMAS, 112th Congress

    Rep. Slaughter, Louise McIntosh [D-NY-28

    2012-08-02

    09/05/2012 Referred to the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  17. Disarmament and security

    SciTech Connect

    Alley, R.M.

    1985-01-01

    This book contains the following five selections: Opening address; Global disarmament negotiations; Global security and the nuclear balance; Nuclear politics and the environment; and New Zealand's approach: another perspective.

  18. 2016-2020 Strategic Plan and Implementing Framework

    SciTech Connect

    2015-11-01

    The 2016-2020 Strategic Plan and Implementing Framework from the Office of Energy Efficiency and Renewable Energy (EERE) is the blueprint for launching the nation’s leadership in the global clean energy economy. This document will guide the organization to build on decades of progress in powering our nation from clean, affordable and secure energy.

  19. High School Completion Longitudinal Study

    ERIC Educational Resources Information Center

    Alberta Education, 2009

    2009-01-01

    While Alberta enjoys proven high, world-class results in student achievement, raising high school completion rates is one of the top priorities in improving the provincial education system. The 2011-12 targeted high school completion rate is 82% five years after entering Grade 10--a 2.5% increase from the current average rate of 79.5%. The purpose…

  20. Latino College Completion: North Dakota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  1. Latino College Completion: South Dakota

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  2. Latino College Completion: United States

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  3. Latino College Completion: West Virginia

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  4. Latino College Completion: Rhode Island

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  5. Latino College Completion: New York

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  6. Latino College Completion: New Mexico

    ERIC Educational Resources Information Center

    Excelencia in Education (NJ1), 2012

    2012-01-01

    In 2009, Excelencia in Education launched the Ensuring America's Future initiative to inform, organize, and engage leaders in a tactical plan to increase Latino college completion. An executive summary of Latino College Completion in 50 states synthesizes information on 50 state factsheets and builds on the national benchmarking guide. Each…

  7. Strictly homogeneous laterally complete modules

    NASA Astrophysics Data System (ADS)

    Chilin, V. I.; Karimov, J. A.

    2016-03-01

    Let A be a laterally complete commutative regular algebra and X be a laterally complete A-module. In this paper we introduce a notion of homogeneous and strictly homogeneous A-modules. It is proved that any homogeneous A-module is strictly homogeneous A-module, if the Boolean algebra of all idempotents in A is multi-σ-finite.

  8. Pure-state informationally complete and 'really' complete measurements

    SciTech Connect

    Finkelstein, J.

    2004-11-01

    I construct a positive-operator-valued measure (POVM) which has 2d rank-1 elements and which is informationally complete for generic pure states in d dimensions, thus confirming a conjecture made by Flammia, Silberfarb, and Caves (e-print quant-ph/0404137). I show that if a rank-1 POVM is required to be informationally complete for all pure states in d dimensions, it must have at least 3d-2 elements. I also show that, in a POVM which is informationally complete for all pure states in d dimensions, for any vector there must be at least 2d-1 POVM elements which do not annihilate that vector.

  9. Lemnos Interoperable Security Program

    SciTech Connect

    Stewart, John; Halbgewachs, Ron; Chavez, Adrian; Smith, Rhett; Teumim, David

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  10. Secure quantum key distribution

    NASA Astrophysics Data System (ADS)

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  11. Secure video communications systems

    SciTech Connect

    Smith, R.L.

    1991-10-08

    This patent describes a secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  12. Data port security lock

    DOEpatents

    Quinby, Joseph D.; Hall, Clarence S.

    2008-06-24

    In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

  13. Variable contour securing system

    NASA Technical Reports Server (NTRS)

    Zebus, P. P.; Packer, P. N.; Haynie, C. C. (Inventor)

    1978-01-01

    A variable contour securing system has a retaining structure for a member whose surface contains a variable contour. The retaining mechanism includes a spaced array of adjustable spindles mounted on a housing. Each spindle has a base member support cup at one end. A vacuum source is applied to the cups for seating the member adjacent to the cups. A locking mechanism sets the spindles in a predetermined position once the member has been secured to the spindle support cups.

  14. Security systems engineering overview

    SciTech Connect

    Steele, B.J.

    1996-12-31

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).

  15. Security systems engineering overview

    NASA Astrophysics Data System (ADS)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  16. [Food security in Mexico].

    PubMed

    Urquía-Fernández, Nuria

    2014-01-01

    An overview of food security and nutrition in Mexico is presented, based on the analysis of the four pillars of food security: availability, access, utilization of food, and stability of the food supply. In addition, the two faces of malnutrition in Mexico were analyzed: obesity and undernourishment. Data were gathered from the food security indicators of the United Nations's Food and Agriculture Organization, from the Mexican Scale of Food Security, and from the National Health and Nutrition Survey. Mexico presents an index of availability of 3 145 kilocalories per person per day, one of the highest indexes in the world, including both food production and imports. In contrast, Mexico is affected by a double burden of malnutrition: whereas children under five present 14% of stunt, 30% of the adult population is obese. Also, more than 18% of the population cannot afford the basic food basket (food poverty). Using perception surveys, people reports important levels of food insecurity, which concentrates in seven states of the Mexican Federation. The production structure underlying these indicators shows a very heterogeneous landscape, which translates in to a low productivity growth across the last years. Food security being a multidimensional concept, to ensure food security for the Mexican population requires a revision and redesign of public productive and social policies, placing a particular focus on strengthening the mechanisms of institutional governance. PMID:25649459

  17. [Food security in Mexico].

    PubMed

    Urquía-Fernández, Nuria

    2014-01-01

    An overview of food security and nutrition in Mexico is presented, based on the analysis of the four pillars of food security: availability, access, utilization of food, and stability of the food supply. In addition, the two faces of malnutrition in Mexico were analyzed: obesity and undernourishment. Data were gathered from the food security indicators of the United Nations's Food and Agriculture Organization, from the Mexican Scale of Food Security, and from the National Health and Nutrition Survey. Mexico presents an index of availability of 3 145 kilocalories per person per day, one of the highest indexes in the world, including both food production and imports. In contrast, Mexico is affected by a double burden of malnutrition: whereas children under five present 14% of stunt, 30% of the adult population is obese. Also, more than 18% of the population cannot afford the basic food basket (food poverty). Using perception surveys, people reports important levels of food insecurity, which concentrates in seven states of the Mexican Federation. The production structure underlying these indicators shows a very heterogeneous landscape, which translates in to a low productivity growth across the last years. Food security being a multidimensional concept, to ensure food security for the Mexican population requires a revision and redesign of public productive and social policies, placing a particular focus on strengthening the mechanisms of institutional governance.

  18. Safeguarding Your Technology: Practical Guidelines for Electronic Education Information Security.

    ERIC Educational Resources Information Center

    Szuba, Tom

    This guide was developed specifically for educational administrators at the building, campus, district, system, and state levels, and is meant to serve as a framework to help them better understand why and how to effectively secure their organization's information, software, and computer and networking equipment. This document is organized into 10…

  19. Waste Management Policy Framework to Mitigate Terrorist Intrusion Activities

    SciTech Connect

    Redus, Kenneth, S.

    2003-02-26

    A policy-directed framework is developed to support US Department of Energy (DOE) counterterrorism efforts, specifically terrorist intrusion activities that affect of Environmental Management (EM) programs. The framework is called the Security Effectiveness and Resource Allocation Definition Forecasting and Control System (SERAD-FACS). Use of SERAD-FACS allows trade-offs between resources, technologies, risk, and Research and Development (R&D) efforts to mitigate such intrusion attempts. Core to SERAD-FACS is (1) the understanding the perspectives and time horizons of key decisionmakers and organizations, (2) a determination of site vulnerabilities and accessibilities, and (3) quantifying the measures that describe the risk associated with a compromise of EM assets. The innovative utility of SERAD-FACS is illustrated for three integrated waste management and security strategies. EM program risks, time delays, and security for effectiveness are examined to demonstrate the significant cost and schedule impact terrorist activities can have on cleanup efforts in the DOE complex.

  20. Towards a complete caracterisation of Ganymede's environnement

    NASA Astrophysics Data System (ADS)

    Cessateur, Gaël; Barthélémy, Mathieu; Lilensten, Jean; Dudok de Wit, Thierry; Kretzschmar, Matthieu; Mbemba Kabuiku, Lydie

    2013-04-01

    In the framework to the JUICE mission to the Jovian system, a complete picture of the interaction between Ganymede's atmosphere and external forcing is needed. This will definitely allow us to constrain instrument performances according to the mission objectives. The main source of information regarding the upper atmosphere is the non LTE UV-Visible-near IR emissions. Those emissions are both induce by the incident solar UV flux and particle precipitations. This work aims at characterizing the impact from those external forcing, and then at deriving some key physical parameters that are measurable by an orbiter, namely the oxygen red line at 630 nm or the resonant oxygen line at 130 nm for example. We will also present the 4S4J instrument, a proposed EUV radiometer, which will provides the solar local EUV flux, an invaluable parameter for the JUICE mission. Based on new technologies and a new design, only two passbands are considered for reconstructing the whole EUV spectrum.

  1. Computer access security code system

    NASA Technical Reports Server (NTRS)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  2. Aligning the Effective Use of Student Data with Student Privacy and Security Laws

    ERIC Educational Resources Information Center

    Winnick, Steve; Coleman, Art; Palmer, Scott; Lipper, Kate; Neiditz, Jon

    2011-01-01

    This legal and policy guidance provides a summary framework for state policymakers as they work to use longitudinal data to improve student achievement while also protecting the privacy and security of individual student records. Summarizing relevant federal privacy and security laws, with a focus on the Family Educational Records and Privacy Act…

  3. The Globalization of Higher Education as a Societal and Cultural Security Problem

    ERIC Educational Resources Information Center

    Samier, Eugenie A.

    2015-01-01

    In this article, I propose a theory of the globalization of higher education as societal and cultural security problems for many regions of the world. The first section examines the field of security studies for theoretical frameworks appropriate to critiquing globalized higher education, including critical human, societal and cultural security…

  4. Information Security Trends and Issues in the Moodle E-Learning Platform: An Ethnographic Content Analysis

    ERIC Educational Resources Information Center

    Schultz, Christopher

    2012-01-01

    Empirical research on information security trends and practices in e-learning is scarce. Many articles that have been published apply basic information security concepts to e-learning and list potential threats or propose frameworks for classifying threats. The purpose of this research is to identify, categorize and understand trends and issues in…

  5. A Review of State Test Security Laws in 2013. ACT Research Report Series, 2014 (1)

    ERIC Educational Resources Information Center

    Croft, Michelle

    2014-01-01

    Test security has increased in importance in the last few years given high-profile cases of educator misconduct. This paper provides a review of state test security statutes and regulations related to statewide achievement testing using as a framework recent best practices reports by the U.S. Department of Education's National Center for Education…

  6. Securing Location Services Infrastructures: Practical Criteria for Application Developers and Solutions Architects

    ERIC Educational Resources Information Center

    Karamanian, Andre

    2013-01-01

    This qualitative, exploratory, normative study examined the security and privacy of location based services in mobile applications. This study explored risk, and controls to implement privacy and security. This study was addressed using components of the FIPS Risk Management Framework. This study found that risk to location information was…

  7. The Impact of Regional Higher Education Spaces on the Security of International Students

    ERIC Educational Resources Information Center

    Forbes-Mewett, Helen

    2016-01-01

    The security of international students in regional higher education spaces in Australia has been overlooked. Contingency theory provides the framework for this case study to explore the organisational structure and support services relevant to a regional higher education space and how this impacts the security of international students. In-depth…

  8. Wireless Network Security Vulnerabilities and Concerns

    NASA Astrophysics Data System (ADS)

    Mushtaq, Ahmad

    The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

  9. Cooperative monitoring of regional security agreements

    SciTech Connect

    Pregenzer, A.L.; Vannoni, M.; Biringer, K.L.

    1996-11-01

    This paper argues that cooperative monitoring plays a critical role in the implementation of regional security agreements and confidence building measures. A framework for developing cooperative monitoring options is proposed and several possibilities for relating bilateral and regional monitoring systems to international monitoring systems are discussed. Three bilateral or regional agreements are analyzed briefly to illustrate different possibilities. These examples illustrate that the relationship of regional or bilateral arms control or security agreements to international agreements depends on a number of factors: the overlap of provisions between regional and international agreements; the degree of interest in a regional agreement among the international community; efficiency in implementing the agreement; and numerous political considerations. Given the importance of regional security to the international community, regions should be encouraged to develop their own infrastructure for implementing regional arms control and other security agreements. A regional infrastructure need not preclude participation in an international regime. On the contrary, establishing regional institutions for arms control and nonproliferation could result in more proactive participation of regional parties in developing solutions for regional and international problems, thereby strengthening existing and future international regimes. Possible first steps for strengthening regional infrastructures are identified and potential technical requirements are discussed.

  10. Roadmap on optical security

    NASA Astrophysics Data System (ADS)

    Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

    2016-08-01

    Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections

  11. [Biological review of completed suicide].

    PubMed

    Otsuka, Ikuo; Sora, Ichiro; Hishimoto, Akitoyo

    2016-06-01

    Family, twin and adoption studies have revealed genetic factors involved in suicide, while the accumulation of stress and mental illnesses are major contributing factors of suicide. Since higher lethality of suicidal behavior is considered to increase familial liability to suicidal behavior, we believe biological research of completed suicide is most important for a better understanding of the pathophysiology in suicide. Dysregulated hypothalamic-pituitary-adrenal axis has gained a special interest in the neurobiology of suicide, mostly because of the findings using a dexamethasone suppression test (DST), in which DST non-suppressors show a nearly 10-fold higher risk of completed suicide than DST suppressors in a depressed cohort. Other data mainly from postmortem brain studies indicate abnormalities of the noradrenergic-locus coeruleus system, serotonergic system, endogenous opioid system, brain-derived neurotrophic factor, inflammatory cytokines and omega-3 fatty acid in completed suicide. However, genetic research of complete suicide is behind other mental problems because it is extremely difficult to obtain tissue samples of completed suicide. Under the difficult situation, we now retain over 800 blood samples of suicide completers thanks to bereaved families' cooperation. We are actively working on the research of suicide, for instance, by performing a GWAS using 500 samples of suicide completers.

  12. [Biological review of completed suicide].

    PubMed

    Otsuka, Ikuo; Sora, Ichiro; Hishimoto, Akitoyo

    2016-06-01

    Family, twin and adoption studies have revealed genetic factors involved in suicide, while the accumulation of stress and mental illnesses are major contributing factors of suicide. Since higher lethality of suicidal behavior is considered to increase familial liability to suicidal behavior, we believe biological research of completed suicide is most important for a better understanding of the pathophysiology in suicide. Dysregulated hypothalamic-pituitary-adrenal axis has gained a special interest in the neurobiology of suicide, mostly because of the findings using a dexamethasone suppression test (DST), in which DST non-suppressors show a nearly 10-fold higher risk of completed suicide than DST suppressors in a depressed cohort. Other data mainly from postmortem brain studies indicate abnormalities of the noradrenergic-locus coeruleus system, serotonergic system, endogenous opioid system, brain-derived neurotrophic factor, inflammatory cytokines and omega-3 fatty acid in completed suicide. However, genetic research of complete suicide is behind other mental problems because it is extremely difficult to obtain tissue samples of completed suicide. Under the difficult situation, we now retain over 800 blood samples of suicide completers thanks to bereaved families' cooperation. We are actively working on the research of suicide, for instance, by performing a GWAS using 500 samples of suicide completers. PMID:27506081

  13. Integrated secure solution for electronic healthcare records sharing

    NASA Astrophysics Data System (ADS)

    Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

    2007-03-01

    The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

  14. Molecule database framework: a framework for creating database applications with chemical structure search capability

    PubMed Central

    2013-01-01

    Background Research in organic chemistry generates samples of novel chemicals together with their properties and other related data. The involved scientists must be able to store this data and search it by chemical structure. There are commercial solutions for common needs like chemical registration systems or electronic lab notebooks. However for specific requirements of in-house databases and processes no such solutions exist. Another issue is that commercial solutions have the risk of vendor lock-in and may require an expensive license of a proprietary relational database management system. To speed up and simplify the development for applications that require chemical structure search capabilities, I have developed Molecule Database Framework. The framework abstracts the storing and searching of chemical structures into method calls. Therefore software developers do not require extensive knowledge about chemistry and the underlying database cartridge. This decreases application development time. Results Molecule Database Framework is written in Java and I created it by integrating existing free and open-source tools and frameworks. The core functionality includes: • Support for multi-component compounds (mixtures) • Import and export of SD-files • Optional security (authorization) For chemical structure searching Molecule Database Framework leverages the capabilities of the Bingo Cartridge for PostgreSQL and provides type-safe searching, caching, transactions and optional method level security. Molecule Database Framework supports multi-component chemical compounds (mixtures). Furthermore the design of entity classes and the reasoning behind it are explained. By means of a simple web application I describe how the framework could be used. I then benchmarked this example application to create some basic performance expectations for chemical structure searches and import and export of SD-files. Conclusions By using a simple web application it was

  15. Secure and Authenticated Data Communication in Wireless Sensor Networks

    PubMed Central

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  16. Global threats to human water security and river biodiversity.

    PubMed

    Vörösmarty, C J; McIntyre, P B; Gessner, M O; Dudgeon, D; Prusevich, A; Green, P; Glidden, S; Bunn, S E; Sullivan, C A; Liermann, C Reidy; Davies, P M

    2010-09-30

    Protecting the world's freshwater resources requires diagnosing threats over a broad range of scales, from global to local. Here we present the first worldwide synthesis to jointly consider human and biodiversity perspectives on water security using a spatial framework that quantifies multiple stressors and accounts for downstream impacts. We find that nearly 80% of the world's population is exposed to high levels of threat to water security. Massive investment in water technology enables rich nations to offset high stressor levels without remedying their underlying causes, whereas less wealthy nations remain vulnerable. A similar lack of precautionary investment jeopardizes biodiversity, with habitats associated with 65% of continental discharge classified as moderately to highly threatened. The cumulative threat framework offers a tool for prioritizing policy and management responses to this crisis, and underscores the necessity of limiting threats at their source instead of through costly remediation of symptoms in order to assure global water security for both humans and freshwater biodiversity.

  17. Secure and Authenticated Data Communication in Wireless Sensor Networks.

    PubMed

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  18. Refusers, dropouts, and completers: measuring sex offender treatment efficacy.

    PubMed

    Seager, James A; Jellicoe, Debra; Dhaliwal, Gurmeet K

    2004-10-01

    A sex offender program delivered in a medium-security prison followed 109 treatment completers and 37 noncompleters for 2 years after release. Noncompleters, those who refused treatment or dropped out, had 6 times the rate of sexual and violent reoffending relative to completers. Among those who completed the program, however, positive evaluations of treatment change, such as quality of disclosure and enhanced victim empathy, found in posttreatment assessments did not correlate with recidivism. Furthermore, completers did not differ in their rates of recidivism from pretreatment rates predicted by the Static 99, an actuarial measure of anticipated sexual and violent recidivism. We conclude that the program did not influence propensities for sexual and violent recidivism but rather served as a prolonged screening instrument for sex offenders whose failure to comply with treatment attendance predicted higher rates of recidivism.

  19. Optimal security investments and extreme risk.

    PubMed

    Mohtadi, Hamid; Agiwal, Swati

    2012-08-01

    In the aftermath of 9/11, concern over security increased dramatically in both the public and the private sector. Yet, no clear algorithm exists to inform firms on the amount and the timing of security investments to mitigate the impact of catastrophic risks. The goal of this article is to devise an optimum investment strategy for firms to mitigate exposure to catastrophic risks, focusing on how much to invest and when to invest. The latter question addresses the issue of whether postponing a risk mitigating decision is an optimal strategy or not. Accordingly, we develop and estimate both a one-period model and a multiperiod model within the framework of extreme value theory (EVT). We calibrate these models using probability measures for catastrophic terrorism risks associated with attacks on the food sector. We then compare our findings with the purchase of catastrophic risk insurance.

  20. Optimal security investments and extreme risk.

    PubMed

    Mohtadi, Hamid; Agiwal, Swati

    2012-08-01

    In the aftermath of 9/11, concern over security increased dramatically in both the public and the private sector. Yet, no clear algorithm exists to inform firms on the amount and the timing of security investments to mitigate the impact of catastrophic risks. The goal of this article is to devise an optimum investment strategy for firms to mitigate exposure to catastrophic risks, focusing on how much to invest and when to invest. The latter question addresses the issue of whether postponing a risk mitigating decision is an optimal strategy or not. Accordingly, we develop and estimate both a one-period model and a multiperiod model within the framework of extreme value theory (EVT). We calibrate these models using probability measures for catastrophic terrorism risks associated with attacks on the food sector. We then compare our findings with the purchase of catastrophic risk insurance. PMID:22694261

  1. Genotype imputation via matrix completion.

    PubMed

    Chi, Eric C; Zhou, Hua; Chen, Gary K; Del Vecchyo, Diego Ortega; Lange, Kenneth

    2013-03-01

    Most current genotype imputation methods are model-based and computationally intensive, taking days to impute one chromosome pair on 1000 people. We describe an efficient genotype imputation method based on matrix completion. Our matrix completion method is implemented in MATLAB and tested on real data from HapMap 3, simulated pedigree data, and simulated low-coverage sequencing data derived from the 1000 Genomes Project. Compared with leading imputation programs, the matrix completion algorithm embodied in our program MENDEL-IMPUTE achieves comparable imputation accuracy while reducing run times significantly. Implementation in a lower-level language such as Fortran or C is apt to further improve computational efficiency. PMID:23233546

  2. A framework for consciousness.

    PubMed

    Crick, Francis; Koch, Christof

    2003-02-01

    Here we summarize our present approach to the problem of consciousness. After an introduction outlining our general strategy, we describe what is meant by the term 'framework' and set it out under ten headings. This framework offers a coherent scheme for explaining the neural correlates of (visual) consciousness in terms of competing cellular assemblies. Most of the ideas we favor have been suggested before, but their combination is original. We also outline some general experimental approaches to the problem and, finally, acknowledge some relevant aspects of the brain that have been left out of the proposed framework.

  3. Information Systems, Security, and Privacy.

    ERIC Educational Resources Information Center

    Ware, Willis H.

    1984-01-01

    Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

  4. Building a Secure Library System.

    ERIC Educational Resources Information Center

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  5. A Portable Computer Security Workshop

    ERIC Educational Resources Information Center

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  6. Gross anatomy of network security

    NASA Technical Reports Server (NTRS)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  7. Is complete seizure control imperative?

    PubMed

    Andermann, Frederick

    2002-01-01

    Is complete control imperative? The answer depends on whether complete control is indeed possible, on the possibility of achieving modifications of lifestyle, and on the type of epilepsy, with particular reference to the presence of progressive dysfunction. This may be seen in patients with temporal lobe or other forms of focal epilepsy, in the epileptic encephalopathies such as West and Lennox Gastaut Syndromes and even in some patients with idiopathic generalized epilepsy. Progressive memory changes and global cognitive problems are examples. Progressive language deterioration, secondary epileptogenesis and phenomena analogous to kindling are also important issues. How long treatment should be continued depends on many factors, not least the preference of the patient and of the family. Weighing the benefits of complete control versus the side effects and risks of medication or surgery is crucial. There are obvious benefits to complete control; it is imperative if these benefits are greater than the cost.

  8. JWST Primary Mirror Installation Complete

    NASA Video Gallery

    Completing the assembly of the primary mirror, which took place at NASA’s Goddard Space Flight Center in Greenbelt, Maryland, is a significant milestone and the culmination of over a decade of desi...

  9. Is complete seizure control imperative?

    PubMed

    Andermann, Frederick

    2002-01-01

    Is complete control imperative? The answer depends on whether complete control is indeed possible, on the possibility of achieving modifications of lifestyle, and on the type of epilepsy, with particular reference to the presence of progressive dysfunction. This may be seen in patients with temporal lobe or other forms of focal epilepsy, in the epileptic encephalopathies such as West and Lennox Gastaut Syndromes and even in some patients with idiopathic generalized epilepsy. Progressive memory changes and global cognitive problems are examples. Progressive language deterioration, secondary epileptogenesis and phenomena analogous to kindling are also important issues. How long treatment should be continued depends on many factors, not least the preference of the patient and of the family. Weighing the benefits of complete control versus the side effects and risks of medication or surgery is crucial. There are obvious benefits to complete control; it is imperative if these benefits are greater than the cost. PMID:12143366

  10. Complete Blood Count (For Parents)

    MedlinePlus

    ... KidsHealth in the Classroom What Other Parents Are Reading Upsetting News Reports? What to Say Vaccines: Which ... Metabolic Panel (BMP) Blood Test: Hemoglobin Basic Blood Chemistry Tests Word! Complete Blood Count (CBC) Medical Tests ...

  11. PRE: A framework for enterprise integration

    SciTech Connect

    Whiteside, R.A.; Friedman-Hill, E.J.; Detry, R.J.

    1998-03-01

    Sandia National Laboratories` Product Realization Environment (PRE) is a lightweight, CORBA based framework for the integration of a broad variety of applications. These applications are wrapped for use in the PRE framework as reusable components. For example, some of the PRE components currently available include: (1) product data management (PDM) system, (2) human resources database, several finite element analysis programs, and (3) a variety of image and document format converters. PRE enables the development of end user applications (as Java applets, for example) that use these components as building blocks. To aid such development, the PreLib library (available in both C++ and Java) permits both wrapping and using these components without knowledge of either CORBA or the security mechanisms used.

  12. Using software security analysis to verify the secure socket layer (SSL) protocol

    NASA Technical Reports Server (NTRS)

    Powell, John D.

    2004-01-01

    nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

  13. Conductive open frameworks

    DOEpatents

    Yaghi, Omar M.; Wan, Shun; Doonan, Christian J.; Wang, Bo; Deng, Hexiang

    2016-02-23

    The disclosure relates generally to materials that comprise conductive covalent organic frameworks. The disclosure also relates to materials that are useful to store and separate gas molecules and sensors.

  14. 76 FR 39884 - Aviation Security Advisory Committee

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-07-07

    ... SECURITY Aviation Security Advisory Committee AGENCY: Transportation Security Administration, DHS. ACTION... Security Administration (TSA) announces the re-establishment of the Aviation Security Advisory Committee...-governmental organizations (NGOs) and stakeholder representatives concerning potential risks to...

  15. Biological and Chemical Security

    SciTech Connect

    Fitch, P J

    2002-12-19

    The LLNL Chemical & Biological National Security Program (CBNP) provides science, technology and integrated systems for chemical and biological security. Our approach is to develop and field advanced strategies that dramatically improve the nation's capabilities to prevent, prepare for, detect, and respond to terrorist use of chemical or biological weapons. Recent events show the importance of civilian defense against terrorism. The 1995 nerve gas attack in Tokyo's subway served to catalyze and focus the early LLNL program on civilian counter terrorism. In the same year, LLNL began CBNP using Laboratory-Directed R&D investments and a focus on biodetection. The Nunn-Lugar-Domenici Defense Against Weapons of Mass Destruction Act, passed in 1996, initiated a number of U.S. nonproliferation and counter-terrorism programs including the DOE (now NNSA) Chemical and Biological Nonproliferation Program (also known as CBNP). In 2002, the Department of Homeland Security was formed. The NNSA CBNP and many of the LLNL CBNP activities are being transferred as the new Department becomes operational. LLNL has a long history in national security including nonproliferation of weapons of mass destruction. In biology, LLNL had a key role in starting and implementing the Human Genome Project and, more recently, the Microbial Genome Program. LLNL has over 1,000 scientists and engineers with relevant expertise in biology, chemistry, decontamination, instrumentation, microtechnologies, atmospheric modeling, and field experimentation. Over 150 LLNL scientists and engineers work full time on chemical and biological national security projects.

  16. Energy and national security.

    SciTech Connect

    Karas, Thomas H.

    2003-09-01

    On May 19 and 20, 2003, thirty-some members of Sandia staff and management met to discuss the long-term connections between energy and national security. Three broad security topics were explored: I. Global and U.S. economic dependence on oil (and gas); II. Potential security implications of global climate change; and III. Vulnerabilities of the U.S. domestic energy infrastructure. This report, rather than being a transcript of the workshop, represents a synthesis of background information used in the workshop, ideas that emerged in the discussions, and ex post facto analysis of the discussions. Each of the three subjects discussed at this workshop has significant U.S. national security implications. Each has substantial technology components. Each appears a legitimate area of concern for a national security laboratory with relevant technology capabilities. For the laboratory to play a meaningful role in contributing to solutions to national problems such as these, it needs to understand the political, economic, and social environments in which it expects its work to be accepted and used. In addition, it should be noted that the problems of oil dependency and climate change are not amenable to solution by the policies of any one nation--even the one that is currently the largest single energy consumer. Therefore, views, concerns, policies, and plans of other countries will do much to determine which solutions might work and which might not.

  17. Computer Security Risk Assessment

    1992-02-11

    LAVA/CS (LAVA for Computer Security) is an application of the Los Alamos Vulnerability Assessment (LAVA) methodology specific to computer and information security. The software serves as a generic tool for identifying vulnerabilities in computer and information security safeguards systems. Although it does not perform a full risk assessment, the results from its analysis may provide valuable insights into security problems. LAVA/CS assumes that the system is exposed to both natural and environmental hazards and tomore » deliberate malevolent actions by either insiders or outsiders. The user in the process of answering the LAVA/CS questionnaire identifies missing safeguards in 34 areas ranging from password management to personnel security and internal audit practices. Specific safeguards protecting a generic set of assets (or targets) from a generic set of threats (or adversaries) are considered. There are four generic assets: the facility, the organization''s environment; the hardware, all computer-related hardware; the software, the information in machine-readable form stored both on-line or on transportable media; and the documents and displays, the information in human-readable form stored as hard-copy materials (manuals, reports, listings in full-size or microform), film, and screen displays. Two generic threats are considered: natural and environmental hazards, storms, fires, power abnormalities, water and accidental maintenance damage; and on-site human threats, both intentional and accidental acts attributable to a perpetrator on the facility''s premises.« less

  18. Practical secure quantum communications

    NASA Astrophysics Data System (ADS)

    Diamanti, Eleni

    2015-05-01

    We review recent advances in the field of quantum cryptography, focusing in particular on practical implementations of two central protocols for quantum network applications, namely key distribution and coin flipping. The former allows two parties to share secret messages with information-theoretic security, even in the presence of a malicious eavesdropper in the communication channel, which is impossible with classical resources alone. The latter enables two distrustful parties to agree on a random bit, again with information-theoretic security, and with a cheating probability lower than the one that can be reached in a classical scenario. Our implementations rely on continuous-variable technology for quantum key distribution and on a plug and play discrete-variable system for coin flipping, and necessitate a rigorous security analysis adapted to the experimental schemes and their imperfections. In both cases, we demonstrate the protocols with provable security over record long distances in optical fibers and assess the performance of our systems as well as their limitations. The reported advances offer a powerful toolbox for practical applications of secure communications within future quantum networks.

  19. Maritime security laboratory for maritime security research

    NASA Astrophysics Data System (ADS)

    Bunin, Barry J.; Sutin, Alexander; Bruno, Michael S.

    2007-04-01

    Stevens Institute of Technology has established a new Maritime Security Laboratory (MSL) to facilitate advances in methods and technologies relevant to maritime security. MSL is designed to enable system-level experiments and data-driven modeling in the complex environment of an urban tidal estuary. The initial focus of the laboratory is on the threats posed by divers and small craft with hostile intent. The laboratory is, however, evolvable to future threats as yet unidentified. Initially, the laboratory utilizes acoustic, environmental, and video sensors deployed in and around the Hudson River estuary. Experimental data associated with boats and SCUBA divers are collected on a computer deployed on board a boat specifically designed and equipped for these experiments and are remotely transferred to a Visualization Center on campus. Early experiments utilizing this laboratory have gathered data to characterize the relevant parameters of the estuary, acoustic signals produced by divers, and water and air traffic. Hydrophones were deployed to collect data to enable the development of passive acoustic methodologies for maximizing SCUBA diver detection distance. Initial results involving characteristics of the estuary, acoustic signatures of divers, ambient acoustic noise in an urban estuary, and transmission loss of acoustic signals in a wide frequency band are presented. These results can also be used for the characterization of abnormal traffic and improvement of underwater communication in a shallow water estuary.

  20. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  1. Secure content objects

    DOEpatents

    Evans, William D.

    2009-02-24

    A secure content object protects electronic documents from unauthorized use. The secure content object includes an encrypted electronic document, a multi-key encryption table having at least one multi-key component, an encrypted header and a user interface device. The encrypted document is encrypted using a document encryption key associated with a multi-key encryption method. The encrypted header includes an encryption marker formed by a random number followed by a derivable variation of the same random number. The user interface device enables a user to input a user authorization. The user authorization is combined with each of the multi-key components in the multi-key encryption key table and used to try to decrypt the encrypted header. If the encryption marker is successfully decrypted, the electronic document may be decrypted. Multiple electronic documents or a document and annotations may be protected by the secure content object.

  2. Double layer secure sketch

    NASA Astrophysics Data System (ADS)

    Li, Cai

    2012-09-01

    Secure sketch has been applied successfully in a wide variety of applications like cryptography, biometric authentication systems and so on. All of these secure sketches have properties in common namely error-tolerance and small entropy loss. The former ensures an input set w' can unlock the system if w' is substantially overlapped with a template set w while the latter means it is hard for an adversary to get the information of w even with the knowledge of s, which is produced by w and stored in the system publicly. In their constructions, they all consider w as a set of atomic elements. However, in the real word, it is very likely the elements in the template set are sets as well. In this paper, we propose a double layer secure sketch to address this issue.

  3. Secure medical digital libraries.

    PubMed

    Papadakis, I; Chrissikopoulos, V; Polemi, D

    2001-12-01

    In this paper, a secure medical digital library is presented. It is based on the CORBA specifications for distributed systems. The described approach relies on a three-tier architecture. Interaction between the medical digital library and its users is achieved through a Web server. The choice of employing Web technology for the dissemination of medical data has many advantages compared to older approaches, but also poses extra requirements that need to be fulfilled. Thus, special attention is paid to the distinguished nature of such medical data, whose integrity and confidentiality should be preserved at all costs. This is achieved through the employment of Trusted Third Parties (TTP) technology for the support of the required security services. Additionally, the proposed digital library employs smartcards for the management of the various security tokens that are used from the above services.

  4. Unfalsifiability of security claims.

    PubMed

    Herley, Cormac

    2016-06-01

    There is an inherent asymmetry in computer security: Things can be declared insecure by observation, but not the reverse. There is no observation that allows us to declare an arbitrary system or technique secure. We show that this implies that claims of necessary conditions for security (and sufficient conditions for insecurity) are unfalsifiable. This in turn implies an asymmetry in self-correction: Whereas the claim that countermeasures are sufficient is always subject to correction, the claim that they are necessary is not. Thus, the response to new information can only be to ratchet upward: Newly observed or speculated attack capabilities can argue a countermeasure in, but no possible observation argues one out. Further, when justifications are unfalsifiable, deciding the relative importance of defensive measures reduces to a subjective comparison of assumptions. Relying on such claims is the source of two problems: once we go wrong we stay wrong and errors accumulate, and we have no systematic way to rank or prioritize measures.

  5. Port and Harbor Security

    SciTech Connect

    Saito, T; Guthmuller, H; DeWeert, M

    2004-12-15

    Port and Harbor Security is a daunting task to which optics and photonics offers significant solutions. We are pleased to report that the 2005 Defense and Security Symposium (DSS, Orlando, FL) will include reports on active and passive photonic systems operating from both airborne and subsurface platforms. In addition to imaging techniques, there are various photonic applications, such as total internal reflection fluorescence (TIRF), which can be used to ''sniff'' for traces of explosives or contaminants in marine. These non-imaging technologies are beyond the scope of this article, but will also be represented at DSS 2005. We encourage colleagues to join our technical group to help us to make our ports and harbors safer and more secure.

  6. A Learning-Based Approach to Reactive Security

    NASA Astrophysics Data System (ADS)

    Barth, Adam; Rubinstein, Benjamin I. P.; Sundararajan, Mukund; Mitchell, John C.; Song, Dawn; Bartlett, Peter L.

    Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker's incentives and knowledge.

  7. Cyber Security Evaluation Tool

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied tomore » enhance cybersecurity controls.« less

  8. Strategy for IT Security

    NASA Technical Reports Server (NTRS)

    Santiago, S. Scott; Moyles, Thomas J. (Technical Monitor)

    2001-01-01

    This viewgraph presentation provides information on the importance of information technology (IT) security (ITS) to NASA's mission. Several points are made concerning the subject. In order for ITS to be successful, it must be supported by management. NASA, while required by law to keep the public informed of its pursuits, must take precautions due to possible IT-based incursions by computer hackers and other malignant persons. Fear is an excellent motivation for establishing and maintaining a robust ITS policy. The ways in which NASA ITS personnel continually increase security are manifold, however a great deal relies upon the active involvement of the entire NASA community.

  9. Cyber Security Evaluation Tool

    SciTech Connect

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

  10. Improving computer security by health smart card.

    PubMed

    Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

    2003-01-01

    The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

  11. Security Bounds for Continuous Variables Quantum Key Distribution

    NASA Astrophysics Data System (ADS)

    Navascués, Miguel; Acín, Antonio

    2005-01-01

    Security bounds for key distribution protocols using coherent and squeezed states and homodyne measurements are presented. These bounds refer to (i)general attacks and (ii)collective attacks where Eve applies the optimal individual interaction to the sent states, but delays her measurement until the end of the reconciliation process. For the case of a lossy line and coherent states, it is first proven that a secure key distribution is possible up to 1.9dB of losses. For the second scenario, the security bounds are the same as for the completely incoherent attack.

  12. Complete nitrification by Nitrospira bacteria.

    PubMed

    Daims, Holger; Lebedeva, Elena V; Pjevac, Petra; Han, Ping; Herbold, Craig; Albertsen, Mads; Jehmlich, Nico; Palatinszky, Marton; Vierheilig, Julia; Bulaev, Alexandr; Kirkegaard, Rasmus H; von Bergen, Martin; Rattei, Thomas; Bendinger, Bernd; Nielsen, Per H; Wagner, Michael

    2015-12-24

    Nitrification, the oxidation of ammonia via nitrite to nitrate, has always been considered to be a two-step process catalysed by chemolithoautotrophic microorganisms oxidizing either ammonia or nitrite. No known nitrifier carries out both steps, although complete nitrification should be energetically advantageous. This functional separation has puzzled microbiologists for a century. Here we report on the discovery and cultivation of a completely nitrifying bacterium from the genus Nitrospira, a globally distributed group of nitrite oxidizers. The genome of this chemolithoautotrophic organism encodes the pathways both for ammonia and nitrite oxidation, which are concomitantly activated during growth by ammonia oxidation to nitrate. Genes affiliated with the phylogenetically distinct ammonia monooxygenase and hydroxylamine dehydrogenase genes of Nitrospira are present in many environments and were retrieved on Nitrospira-contigs in new metagenomes from engineered systems. These findings fundamentally change our picture of nitrification and point to completely nitrifying Nitrospira as key components of nitrogen-cycling microbial communities. PMID:26610024

  13. Best practices in record completion.

    PubMed

    Doyon, Cindy

    2004-01-01

    Completion of hospital and office (clinic) medical records is one of the least popular of clinicians' duties. Adherence to Joint Commission on Accreditation of Healthcare Organizations (JCAHO) requirements and submission of hospital and provider bills to insurers and patients, however, are predicated on patient charts being completed and signed in a timely manner. This article details the rules and regulations that many institutions impose on providers to assure that records are up to date. It also discusses the carrot-and-stick approaches that are frequently used to assure compliance.

  14. Design of real-time encryption module for secure data protection of wearable healthcare devices.

    PubMed

    Kim, Jungchae; Lee, Byuck Jin; Yoo, Sun K

    2013-01-01

    Wearable devices for biomedical instrumentation could generate the medical data and transmit to a repository on cloud service through wireless networks. In this process, the private medical data will be disclosed by man in the middle attack. Thus, the archived data for healthcare services would be protected by non-standardized security policy by healthcare service provider (HSP) because HIPAA only defines the security rules. In this paper, we adopted the Advanced Encryption Standard (AES) for security framework on wearable devices, so healthcare applications using this framework could support the confidentiality easily. The framework developed as dynamic loadable module targeted for lightweight microcontroller such as msp430 within embedded operating system. The performance was shown that the module can support the real-time encryption using electrocardiogram and photoplethysmogram. In this regard, the processing load for enabling security is distributed to wearable devices, and the customized data protection method could be composed by HSP for a trusted healthcare service. PMID:24110180

  15. An integration of two fertility analysis frameworks.

    PubMed

    Retherford, R D

    1987-01-01

    The family size preference function approach and the indifference map approach are described and compared to demonstrate the complementarity of these 2 formulations for fertility analysis. The original intent of the family size preference function approach was to use utility-cost concepts to analyze both the effects of economic and social development variables on fertility and the related process of birth control innovation and diffusion. The basic conceptual elements of this approach include: completed family size; birth control cost (including psychic costs) of achieving a completed family size of x children; family size preference function; total utility associated with completed family size of x children; demand for children; demand for children with birth control costs compared; and natural family size. The family size preference function formulation of the framework also can be expressed in terms of indifference maps and budget constraints as used by Easterlin, with some refinements. Again, it is assumed at first that birth control is without cost and there are no restrictions on the potential supply of children. Only 2 goods are considered: children (X) and other goods (G). In the indifference map formulation, demand is determined by the elements of tastes, income, and prices. Once an integrated framework is formulated that includes both a family size preference formulation and an indifference map formulation, it can be compared with Easterlin's original framework. Essentially, the indifference map formulation of the integrated framework is the same as Easterlin's framework. The most important difference is that Easterlin specifies the discontinuity in the budget line but does not specify the parallel discontinuity in tastes. It is important to specify the discontinuity in tastes, because it is needed to explain the role of subjective fixed birth control costs in the analysis of rapid diffusion of birth control and sudden rapid fertility decline. The

  16. Conceptual frameworks in astronomy

    NASA Astrophysics Data System (ADS)

    Pundak, David

    2016-06-01

    How to evaluate students' astronomy understanding is still an open question. Even though some methods and tools to help students have already been developed, the sources of students' difficulties and misunderstanding in astronomy is still unclear. This paper presents an investigation of the development of conceptual systems in astronomy by 50 engineering students, as a result of learning a general course on astronomy. A special tool called Conceptual Frameworks in Astronomy (CFA) that was initially used in 1989, was adapted to gather data for the present research. In its new version, the tool included 23 questions, and five to six optional answers were given for each question. Each of the answers was characterized by one of the four conceptual astronomical frameworks: pre-scientific, geocentric, heliocentric and sidereal or scientific. The paper describes the development of the tool and discusses its validity and reliability. Using the CFA we were able to identify the conceptual frameworks of the students at the beginning of the course and at its end. CFA enabled us to evaluate the paradigmatic change of students following the course and also the extent of the general improvement in astronomical knowledge. It was found that the measure of the students’ improvement (gain index) was g = 0.37. Approximately 45% of the students in the course improved their understanding of conceptual frameworks in astronomy and 26% deepened their understanding of the heliocentric or sidereal conceptual frameworks.

  17. General Aviation Data Framework

    NASA Technical Reports Server (NTRS)

    Blount, Elaine M.; Chung, Victoria I.

    2006-01-01

    The Flight Research Services Directorate at the NASA Langley Research Center (LaRC) provides development and operations services associated with three general aviation (GA) aircraft used for research experiments. The GA aircraft includes a Cessna 206X Stationair, a Lancair Colombia 300X, and a Cirrus SR22X. Since 2004, the GA Data Framework software was designed and implemented to gather data from a varying set of hardware and software sources as well as enable transfer of the data to other computers or devices. The key requirements for the GA Data Framework software include platform independence, the ability to reuse the framework for different projects without changing the framework code, graphics display capabilities, and the ability to vary the interfaces and their performance. Data received from the various devices is stored in shared memory. This paper concentrates on the object oriented software design patterns within the General Aviation Data Framework, and how they enable the construction of project specific software without changing the base classes. The issues of platform independence and multi-threading which enable interfaces to run at different frame rates are also discussed in this paper.

  18. The Security Continuum.

    ERIC Educational Resources Information Center

    Thompson, Ian

    2002-01-01

    Discusses the creation of a comprehensive security strategy for schools, including the importance of tailoring it to a specific school's mission and culture. Describes three classes of tactics (natural, organized, and technical) which can be chosen to implement the strategy. Discusses access control as an example of how strategies and tactics…

  19. Security classification of information

    SciTech Connect

    Quist, A.S.

    1989-09-01

    Certain governmental information must be classified for national security reasons. However, the national security benefits from classifying information are usually accompanied by significant costs -- those due to a citizenry not fully informed on governmental activities, the extra costs of operating classified programs and procuring classified materials (e.g., weapons), the losses to our nation when advances made in classified programs cannot be utilized in unclassified programs. The goal of a classification system should be to clearly identify that information which must be protected for national security reasons and to ensure that information not needing such protection is not classified. This document was prepared to help attain that goal. This document is the first of a planned four-volume work that comprehensively discusses the security classification of information. Volume 1 broadly describes the need for classification, the basis for classification, and the history of classification in the United States from colonial times until World War 2. Classification of information since World War 2, under Executive Orders and the Atomic Energy Acts of 1946 and 1954, is discussed in more detail, with particular emphasis on the classification of atomic energy information. Adverse impacts of classification are also described. Subsequent volumes will discuss classification principles, classification management, and the control of certain unclassified scientific and technical information. 340 refs., 6 tabs.

  20. Designs on Security.

    ERIC Educational Resources Information Center

    Hubler, Gary L.

    1999-01-01

    Discusses design options that can help create a more secure education environment and help staff to supervise students and reduce outside interruptions that can disrupt the learning experience. Suggestions include eliminating stairwells, placing teacher planning rooms strategically along main corridors where they can keep an eye on students, and…

  1. Security: Step by Step

    ERIC Educational Resources Information Center

    Svetcov, Eric

    2005-01-01

    This article provides a list of the essential steps to keeping a school's or district's network safe and sound. It describes how to establish a security architecture and approach that will continually evolve as the threat environment changes over time. The article discusses the methodology for implementing this approach and then discusses the…

  2. Metaphors for cyber security.

    SciTech Connect

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  3. Reporters, Curators, Security Chiefs...

    ERIC Educational Resources Information Center

    Black Issues in Higher Education, 1996

    1996-01-01

    Opportunities for employment other than faculty positions in colleges and universities are explored, and the stories of a number of nonfaculty personnel in such areas as computer technology, security, public relations, admissions, sports information, museums, and glee club are recounted. These employees offer insights into how they obtained their…

  4. Today's School Security

    ERIC Educational Resources Information Center

    Kennedy, Mike

    2012-01-01

    Outbreaks of violence at education institutions typically do not rise to the horrific levels of Virginia Tech, Columbine High School, or Oikos University. But incidents that threaten school security--bullying, hazing, online harassment--take place in every month of the year and may occur in any classroom or campus from coast to coast. Schools and…

  5. Transmission Line Security Monitor

    SciTech Connect

    2011-01-01

    The Transmission Line Security Monitor is a multi-sensor monitor that mounts directly on high-voltage transmission lines to detect, characterize and communicate terrorist activity, human tampering and threatening conditions around support towers. For more information about INL's critical infrastructure protection research, visit http://www.facebook.com/idahonationallaboratory.

  6. What Price Security?

    ERIC Educational Resources Information Center

    Corson, Dale

    1983-01-01

    A National Academy panel evaluates trade-offs between dangers to national security that arise from technology transfers and threats to the openness of scientific communication that are caused by too much secrecy. Major conclusions/suggestions are discussed. A list of acquisitions from the West affecting Soviet military technology is included.…

  7. Designing Secure Library Networks.

    ERIC Educational Resources Information Center

    Breeding, Michael

    1997-01-01

    Focuses on designing a library network to maximize security. Discusses UNIX and file servers; connectivity to campus, corporate networks and the Internet; separation of staff from public servers; controlling traffic; the threat of network sniffers; hubs that eliminate eavesdropping; dividing the network into subnets; Switched Ethernet;…

  8. Transmission Line Security Monitor

    ScienceCinema

    None

    2016-07-12

    The Transmission Line Security Monitor is a multi-sensor monitor that mounts directly on high-voltage transmission lines to detect, characterize and communicate terrorist activity, human tampering and threatening conditions around support towers. For more information about INL's critical infrastructure protection research, visit http://www.facebook.com/idahonationallaboratory.

  9. Mastering Mobile Security

    ERIC Educational Resources Information Center

    Panettieri, Joseph C.

    2007-01-01

    Without proper security, mobile devices are easy targets for worms, viruses, and so-called robot ("bot") networks. Hackers increasingly use bot networks to launch massive attacks against eCommerce websites--potentially targeting one's online tuition payment or fundraising/financial development systems. How can one defend his mobile systems against…

  10. Inequities in Income Security

    ERIC Educational Resources Information Center

    Rosenman, Linda

    1976-01-01

    Whether women choose to work in the home or in business, they receive the worst of both worlds in terms of protection against poverty. The author describes how the income security program discriminates against women and presents ways of eliminating the injustice. (Author)

  11. Campus [in] Security

    ERIC Educational Resources Information Center

    Collett, Stacy

    2007-01-01

    Community colleges, while safe, are not immune to violence. In the wake of the Virginia Tech shootings, community colleges are committed to making campuses safer. From training first responders to understanding and identifying potential threats, the author describes what schools are doing to eradicate their so-called [in] securities and improve…

  12. Safe and Secure

    ERIC Educational Resources Information Center

    Cavanagh, Sean

    2004-01-01

    Since the Sept. 11, 2001, terrorist attacks, student interest in school programs dealing with careers in law, public safety, and national security is on the rise. This article describes students' experiences at the Academy for Law and Public Safety at Butler High School in Butler, New Jersey. This vocational academy is one of a number of career…

  13. Safe and Secure

    ERIC Educational Resources Information Center

    Kennedy, Mike

    2010-01-01

    The education headlines have been filled with grim news about facility closings, teacher layoffs and program cutbacks. When the economic climate is gloomy, few areas of schools and universities are spared. In areas outside the classroom, such as safety and security, the cuts may be larger and come more quickly. When money is scarce, education…

  14. A network security monitor

    SciTech Connect

    Heberlein, L.T.; Dias, G.V.; Levitt, K.N.; Mukherjee, B.; Wood, J.; Wolber, D. . Dept. of Electrical Engineering and Computer Science)

    1989-11-01

    The study of security in computer networks is a rapidly growing area of interest because of the proliferation of networks and the paucity of security measures in most current networks. Since most networks consist of a collection of inter-connected local area networks (LANs), this paper concentrates on the security-related issues in a single broadcast LAN such as Ethernet. Specifically, we formalize various possible network attacks and outline methods of detecting them. Our basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, our work is similar to the host-based intrusion-detection systems such as SRI's IDES. Different from such systems, however, is our use of a hierarchical model to refine the focus of the intrusion-detection mechanism. We also report on the development of our experimental LAN monitor currently under implementation. Several network attacks have been simulated and results on how the monitor has been able to detect these attacks are also analyzed. Initial results demonstrate that many network attacks are detectable with our monitor, although it can surely be defeated. Current work is focusing on the integration of network monitoring with host-based techniques. 20 refs., 2 figs.

  15. Securing smart grid technology

    NASA Astrophysics Data System (ADS)

    Chaitanya Krishna, E.; Kosaleswara Reddy, T.; Reddy, M. YogaTeja; Reddy G. M., Sreerama; Madhusudhan, E.; AlMuhteb, Sulaiman

    2013-03-01

    In the developing countries electrical energy is very important for its all-round improvement by saving thousands of dollars and investing them in other sector for development. For Growing needs of power existing hierarchical, centrally controlled grid of the 20th Century is not sufficient. To produce and utilize effective power supply for industries or people we should have Smarter Electrical grids that address the challenges of the existing power grid. The Smart grid can be considered as a modern electric power grid infrastructure for enhanced efficiency and reliability through automated control, high-power converters, modern communications infrastructure along with modern IT services, sensing and metering technologies, and modern energy management techniques based on the optimization of demand, energy and network availability and so on. The main objective of this paper is to provide a contemporary look at the current state of the art in smart grid communications as well as critical issues on smart grid technologies primarily in terms of information and communication technology (ICT) issues like security, efficiency to communications layer field. In this paper we propose new model for security in Smart Grid Technology that contains Security Module(SM) along with DEM which will enhance security in Grid. It is expected that this paper will provide a better understanding of the technologies, potential advantages and research challenges of the smart grid and provoke interest among the research community to further explore this promising research area.

  16. Application Security Automation

    ERIC Educational Resources Information Center

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  17. Cryptographic Combinatorial Securities Exchanges

    NASA Astrophysics Data System (ADS)

    Thorpe, Christopher; Parkes, David C.

    We present a useful new mechanism that facilitates the atomic exchange of many large baskets of securities in a combinatorial exchange. Cryptography prevents information about the securities in the baskets from being exploited, enhancing trust. Our exchange offers institutions who wish to trade large positions a new alternative to existing methods of block trading: they can reduce transaction costs by taking advantage of other institutions’ available liquidity, while third party liquidity providers guarantee execution—preserving their desired portfolio composition at all times. In our exchange, institutions submit encrypted orders which are crossed, leaving a “remainder”. The exchange proves facts about the portfolio risk of this remainder to third party liquidity providers without revealing the securities in the remainder, the knowledge of which could also be exploited. The third parties learn either (depending on the setting) the portfolio risk parameters of the remainder itself, or how their own portfolio risk would change if they were to incorporate the remainder into a portfolio they submit. In one setting, these third parties submit bids on the commission, and the winner supplies necessary liquidity for the entire exchange to clear. This guaranteed clearing, coupled with external price discovery from the primary markets for the securities, sidesteps difficult combinatorial optimization problems. This latter method of proving how taking on the remainder would change risk parameters of one’s own portfolio, without revealing the remainder’s contents or its own risk parameters, is a useful protocol of independent interest.

  18. CAS. Controlled Access Security

    SciTech Connect

    Martinez, B.; Pomeroy, G.

    1989-12-01

    The Security Alarm System is a data acquisition and control system which collects data from intrusion sensors and displays the information in a real-time environment for operators. The Access Control System monitors and controls the movement of personnel with the use of card readers and biometrics hand readers.

  19. Learning with Security

    ERIC Educational Resources Information Center

    Jokela, Paivi; Karlsudd, Peter

    2007-01-01

    The current higher education, both distance education and traditional campus courses, relies more and more on modern information and communication technologies (ICT). The use of computer systems and networks results in a wide range of security issues that must be dealt with in order to create a safe learning environment. In this work, we study the…

  20. Identity security awareness.

    PubMed

    Philipsen, Nayna C

    2004-01-01

    Identity theft is an increasing concern when organizations, businesses, and even childbirth educators ask for a client's Social Security number for identification purposes. In this column, the author suggests ways to protect one's identity and, more importantly, decrease the opportunities for identity theft.

  1. Graph Laplace for occluded face completion and recognition.

    PubMed

    Deng, Yue; Dai, Qionghai; Zhang, Zengke

    2011-08-01

    This paper proposes a spectral-graph-based algorithm for face image repairing, which can improve the recognition performance on occluded faces. The face completion algorithm proposed in this paper includes three main procedures: 1) sparse representation for partially occluded face classification; 2) image-based data mining; and 3) graph Laplace (GL) for face image completion. The novel part of the proposed framework is GL, as named from graphical models and the Laplace equation, and can achieve a high-quality repairing of damaged or occluded faces. The relationship between the GL and the traditional Poisson equation is proven. We apply our face repairing algorithm to produce completed faces, and use face recognition to evaluate the performance of the algorithm. Experimental results verify the effectiveness of the GL method for occluded face completion.

  2. Food Literacy: Definition and Framework for Action.

    PubMed

    Cullen, Tracy; Hatch, Janelle; Martin, Wanda; Higgins, Joan Wharf; Sheppard, Rosanna

    2015-09-01

    The term food literacy is emergent, and as a result the literature reflects a great variety of definitions. Simultaneously, new research and food literacy programming is being developed without an agreed upon definition of what food literacy is and how food skills, food security, and health literacy may fit with the definition. We undertook a scoping review and conceptual analysis to identify how the term is understood and to determine shared components of definitions. We found that although most definitions included a nutrition and food skills component, there was great variation in how the ability to access, process, and enjoy food was affected by our complex food system. We propose a definition of food literacy that includes the positive relationship built through social, cultural, and environmental experiences with food enabling people to make decisions that support health. We offer a framework that situates food literacy at the intersection between community food security and food skills, and we assert that behaviours and skills cannot be separated from their environmental or social context. The proposed definition and framework are intended to be guiding templates for academics and practitioners to position their work in education and advocacy, bringing together separate spheres for collective action.

  3. Environment and security: core ideas and US government initiatives.

    PubMed

    Dabelko, G D; Simmons, P J

    1997-01-01

    This article provides an overview of the links between environment and national security in the US. The links vary with geography and institutional affiliation. Developed countries tend to associate global environmental changes with the potential to create instability and conflict and tend to focus on the human security implications of local and regional environmental problems. Understanding of these issues is obscured by vagueness of terminology and postures. Current research and statistics have increased the prominence of environmental issues on national and international agendas and led to creating thinking among a diverse population of experts. An environmental and security framework has implications for the aesthetics of nature, human responsibility for global stewardship, and humanitarian concerns. Policymakers should frame international environmental priorities in terms of broad interests; to refrain from limiting interests to security concerns; and to examine environmental problems in ways other than as crises or threats. Long-term strategies are needed to address underlying problems, as well as pragmatic, multidisciplinary approaches to problem solving, conceptual clarity, and improved willingness and ability to explain complexity of environmental change to the public. US Secretary of State Warren Christopher put environmental issues near the top of the foreign policy agenda in April 1996. This article provides an overview of the major scholarly arguments and US government actions on environmental and security issues, new and traditional definitions of security, and how security issues affect the environment.

  4. A-3 steel work completed

    NASA Technical Reports Server (NTRS)

    2009-01-01

    Stennis Space Center engineers celebrated a key milestone in construction of the A-3 Test Stand on April 9 - completion of structural steel work. Workers with Lafayette (La.) Steel Erector Inc. placed the last structural steel beam atop the stand during a noon ceremony attended by more than 100 workers and guests.

  5. Review of "A Complete Education"

    ERIC Educational Resources Information Center

    Warren, Beth

    2010-01-01

    The research summary, "A Complete Education," presents the Obama administration's proposal for ensuring that all students have a comprehensive education. The key areas include: strengthening instruction in literacy and in science, technology, engineering, and mathematics (STEM); increasing access to instruction in a broader range of subject…

  6. Indiana College Completion. 2014 Report

    ERIC Educational Resources Information Center

    Indiana Commission for Higher Education, 2014

    2014-01-01

    The Indiana Commission for Higher Education is committed to providing a clearer and more comprehensive picture of college completion in order to inform and advance Indiana's collective efforts to boost education attainment. In partnership with Indiana public colleges and the National Student Clearinghouse, the Commission has collected completion…

  7. Program Costs and Student Completion

    ERIC Educational Resources Information Center

    Manning, Terri M.; Crosta, Peter M.

    2014-01-01

    Community colleges are under pressure to increase completion rates, prepare students for the workplace, and contain costs. Colleges need to know the financial implications of what are often perceived as routine decisions: course scheduling, program offerings, and the provision of support services. This chapter presents a methodology for estimating…

  8. Complete feeds-intensive systems

    Technology Transfer Automated Retrieval System (TEKTRAN)

    Most commercially cultivated fish are raised in high-density culture systems where the assumption is that the contribution of natural foods to the nutrition of the fish is insignificant. Thus, intensively cultured fish must be fed a nutritionally complete feed. A short section on the concept and im...

  9. Complete denture technique using natural anterior teeth.

    PubMed

    Kafandaris, N M; Theodorou, T P

    1975-05-01

    A technique has been described which permits the use of desirable natural anterior teeth in complete dentures (Fig. 3). The main characteristic of this technique is the use of cast copings with dowels to which the natural teeth are attached. The cast copings securely fit the natural teeth to the base of the denture (Fig, 4). The use of NATURAL teeth in a denture may encourage discoloration of fracture. Discoloration of the natural teeth may be prevented by the immediate removal of the pulp tissue, the attentive cleaning of the pulp chamber with normal saline, and the storage of the teeth in an atmosphere of 100 per cent humidity. Adequate vertical and horizontal overlaps insure stability of the denture and suitable protection of the natural teeth from cracknig or curshing during function of the denture. If accidental fracture or discoloration of a natural tooth should occur, ti may be replaced by an acrylic resin tooth duplicated from the natural tooth or by an artifical tooth of proper size and color. PMID:1092840

  10. Multimedia content description framework

    NASA Technical Reports Server (NTRS)

    Bergman, Lawrence David (Inventor); Kim, Michelle Yoonk Yung (Inventor); Li, Chung-Sheng (Inventor); Mohan, Rakesh (Inventor); Smith, John Richard (Inventor)

    2003-01-01

    A framework is provided for describing multimedia content and a system in which a plurality of multimedia storage devices employing the content description methods of the present invention can interoperate. In accordance with one form of the present invention, the content description framework is a description scheme (DS) for describing streams or aggregations of multimedia objects, which may comprise audio, images, video, text, time series, and various other modalities. This description scheme can accommodate an essentially limitless number of descriptors in terms of features, semantics or metadata, and facilitate content-based search, index, and retrieval, among other capabilities, for both streamed or aggregated multimedia objects.

  11. Java online monitoring framework

    SciTech Connect

    Ronan, M.; Kirkby, D.; Johnson, A.S.; Groot, D. de

    1997-10-01

    An online monitoring framework has been written in the Java Language Environment to develop applications for monitoring special purpose detectors during commissioning of the PEP-II Interaction Region. PEP-II machine parameters and signals from several of the commissioning detectors are logged through VxWorks/EPICS and displayed by Java display applications. Remote clients are able to monitor the machine and detector performance using graphical displays and analysis histogram packages. In this paper, the design and implementation of the object-oriented Java framework is described. Illustrations of data acquisition, display and histograming applications are also given.

  12. Towards a global water scarcity risk assessment framework: using scenarios and risk distributions

    NASA Astrophysics Data System (ADS)

    Veldkamp, Ted; Wada, Yoshihide; Aerts, Jeroen; Ward, Philip

    2016-04-01

    Over the past decades, changing hydro-climatic and socioeconomic conditions have led to increased water scarcity problems. A large number of studies have shown that these water scarcity conditions will worsen in the near future. Despite numerous calls for risk-based assessments of water scarcity, a framework that includes UNISDR's definition of risk does not yet exist at the global scale. This study provides a first step towards such a risk-based assessment, applying a Gamma distribution to estimate water scarcity conditions at the global scale under historic and future conditions, using multiple climate change projections and socioeconomic scenarios. Our study highlights that water scarcity risk increases given all future scenarios, up to >56.2% of the global population in 2080. Looking at the drivers of risk, we find that population growth outweigh the impacts of climate change at global and regional scales. Using a risk-based method to assess water scarcity in terms of Expected Annual Exposed Population, we show the results to be less sensitive than traditional water scarcity assessments to the use of fixed threshold to represent different levels of water scarcity. This becomes especially important when moving from global to local scales, whereby deviations increase up to 50% of estimated risk levels. Covering hazard, exposure, and vulnerability, risk-based methods are well-suited to assess water scarcity adaptation. Completing the presented risk framework therefore offers water managers a promising perspective to increase water security in a well-informed and adaptive manner.

  13. Local completeness, drop theorem and Ekeland's variational principle

    NASA Astrophysics Data System (ADS)

    Qiu, Jing-Hui

    2005-11-01

    By using a very general drop theorem in locally convex spaces we obtain some extended versions of Ekeland's variational principle, which only need assume local completeness of some related sets and improve Hamel's recent results. From this, we derive some new versions of Caristi's fixed points theorems. In the framework of locally convex spaces, we prove that Danes' drop theorem, Ekeland's variational principle, Caristi's fixed points theorem and Phelps lemma are equivalent to each other.

  14. Optical security features by using information carrier digital screening

    NASA Astrophysics Data System (ADS)

    Koltai, Ferenc

    2002-04-01

    Jura is an Austrian-Hungarian company providing security printers with proprietary security printing design software, complete security printing pre=press systems (HW + SW), ultrahigh resolution image setters developed for security printing market, security features, developed by Jura for security printing in general, proprietary security features, destined for document personalization systems. In addition to supply such products Jura is providing its customers with full technical support, as integration, installation, training, hot-line remote and/or on-site support, service and maintenance worldwide. Research and development have always been in the focus of Jura's activity. Development and testing of new software, new security features are the most important parts of the work. Jura was the first on the world to release her Engraver Software enabling artist-engravers to create engraving-styled portraits digitally. This development, incompatibility with Jura's security design software package, enabled a full digital workflow for banknote origination. Jura made a lot of remarkable steps to develop security features also for Document Personalization. This development links the personal data with the photography of the document' holder by encoding personal data to the photography, invisibly for naked human eye, however, decodable by an appropriate decoding device. This feature exists also in machine-readable digital version. Experts of Jura started the research and development on digital screening 15 years ago for commercial printing and 10 years ago on special screens for security printing technologies. In very early stage of this development, when knowledge of creating each screen-dot individually in shape, form and position was acquired, the idea was born to use the screen dots as secondary data holder for encoded messages.

  15. Risks and responses to universal drinking water security.

    PubMed

    Hope, Robert; Rouse, Michael

    2013-11-13

    Risks to universal drinking water security are accelerating due to rapid demographic, climate and economic change. Policy responses are slow, uneven and largely inadequate to address the nature and scale of the global challenges. The challenges relate both to maintaining water security in increasingly fragile supply systems and to accelerating reliable access to the hundreds of millions who remain water-insecure. A conceptual framework illustrates the relationship between institutional, operational and financial risks and drinking water security outcomes. We apply the framework to nine case studies from rural and urban contexts in South Asia and sub-Saharan Africa. Case studies are purposively selected based on established and emerging examples of political, technological or institutional reforms that address water security risks. We find broad evidence that improved information flows reduce institutional costs and promote stronger and more transparent operational performance to increase financial sustainability. However, political barriers need to be overcome in all cases through internal or external interventions that require often decadal time frames and catalytic investments. No single model exists, though there is sufficient evidence to demonstrate that risks to drinking water security can be reduced even in the most difficult and challenging contexts.

  16. Measurable Control System Security through Ideal Driven Technical Metrics

    SciTech Connect

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

  17. Global water risks and national security: Building resilience (Invited)

    NASA Astrophysics Data System (ADS)

    Pulwarty, R. S.

    2013-12-01

    , and (3) Identify preventable risks, public leadership and private innovation needed for developing adaptive water resource management institutions that take advantage of climate and hydrologic information and changes. The presentation will conclude with a preliminary framework for assessing and implementing water security measures given insecure conditions introduced by a changing climate and in the context of national security.

  18. IceProd 2: A Next Generation Data Analysis Framework for the IceCube Neutrino Observatory

    NASA Astrophysics Data System (ADS)

    Schultz, D.

    2015-12-01

    We describe the overall structure and new features of the second generation of IceProd, a data processing and management framework. IceProd was developed by the IceCube Neutrino Observatory for processing of Monte Carlo simulations, detector data, and analysis levels. It runs as a separate layer on top of grid and batch systems. This is accomplished by a set of daemons which process job workflow, maintaining configuration and status information on the job before, during, and after processing. IceProd can also manage complex workflow DAGs across distributed computing grids in order to optimize usage of resources. IceProd is designed to be very light-weight; it runs as a python application fully in user space and can be set up easily. For the initial completion of this second version of IceProd, improvements have been made to increase security, reliability, scalability, and ease of use.

  19. Telemedicine Security: A Systematic Review

    PubMed Central

    Garg, Vaibhav; Brewer, Jeffrey

    2011-01-01

    Telemedicine is a technology-based alternative to traditional health care delivery. However, poor security measures in telemedicine services can have an adverse impact on the quality of care provided, regardless of the chronic condition being studied. We undertook a systematic review of 58 journal articles pertaining to telemedicine security. These articles were selected based on a keyword search on 14 relevant journals. The articles were coded to evaluate the methodology and to identify the key areas of research in security that are being reviewed. Seventy-six percent of the articles defined the security problem they were addressing, and only 47% formulated a research question pertaining to security. Sixty-one percent proposed a solution, and 20% of these tested the security solutions that they proposed. Prior research indicates inadequate reporting of methodology in telemedicine research. We found that to be true for security research as well. We also identified other issues such as using outdated security standards. PMID:21722592

  20. Telemedicine security: a systematic review.

    PubMed

    Garg, Vaibhav; Brewer, Jeffrey

    2011-05-01

    Telemedicine is a technology-based alternative to traditional health care delivery. However, poor security measures in telemedicine services can have an adverse impact on the quality of care provided, regardless of the chronic condition being studied. We undertook a systematic review of 58 journal articles pertaining to telemedicine security. These articles were selected based on a keyword search on 14 relevant journals. The articles were coded to evaluate the methodology and to identify the key areas of research in security that are being reviewed. Seventy-six percent of the articles defined the security problem they were addressing, and only 47% formulated a research question pertaining to security. Sixty-one percent proposed a solution, and 20% of these tested the security solutions that they proposed. Prior research indicates inadequate reporting of methodology in telemedicine research. We found that to be true for security research as well. We also identified other issues such as using outdated security standards.