42 CFR 480.115 - Requirements for maintaining confidentiality.

Code of Federal Regulations, 2013 CFR

2013-10-01

... HUMAN SERVICES (CONTINUED) QUALITY IMPROVEMENT ORGANIZATIONS ACQUISITION, PROTECTION, AND DISCLOSURE OF...) Responsibilities of QIO officers and employees. The QIO must provide reasonable physical security measures to... those measures needed to secure computer files. Each QIO must instruct its officers and employees and...

42 CFR 480.115 - Requirements for maintaining confidentiality.

Code of Federal Regulations, 2010 CFR

2010-10-01

... HUMAN SERVICES (CONTINUED) QUALITY IMPROVEMENT ORGANIZATIONS ACQUISITION, PROTECTION, AND DISCLOSURE OF...) Responsibilities of QIO officers and employees. The QIO must provide reasonable physical security measures to... those measures needed to secure computer files. Each QIO must instruct its officers and employees and...

42 CFR 480.115 - Requirements for maintaining confidentiality.

Code of Federal Regulations, 2014 CFR

2014-10-01

... HUMAN SERVICES (CONTINUED) QUALITY IMPROVEMENT ORGANIZATIONS ACQUISITION, PROTECTION, AND DISCLOSURE OF...) Responsibilities of QIO officers and employees. The QIO must provide reasonable physical security measures to... those measures needed to secure computer files. Each QIO must instruct its officers and employees and...

Future of Assurance: Ensuring that a System is Trustworthy

NASA Astrophysics Data System (ADS)

Sadeghi, Ahmad-Reza; Verbauwhede, Ingrid; Vishik, Claire

Significant efforts are put in defining and implementing strong security measures for all components of the comput-ing environment. It is equally important to be able to evaluate the strength and robustness of these measures and establish trust among the components of the computing environment based on parameters and attributes of these elements and best practices associated with their production and deployment. Today the inventory of techniques used for security assurance and to establish trust -- audit, security-conscious development process, cryptographic components, external evaluation - is somewhat limited. These methods have their indisputable strengths and have contributed significantly to the advancement in the area of security assurance. However, shorter product and tech-nology development cycles and the sheer complexity of modern digital systems and processes have begun to decrease the efficiency of these techniques. Moreover, these approaches and technologies address only some aspects of security assurance and, for the most part, evaluate assurance in a general design rather than an instance of a product. Additionally, various components of the computing environment participating in the same processes enjoy different levels of security assurance, making it difficult to ensure adequate levels of protection end-to-end. Finally, most evaluation methodologies rely on the knowledge and skill of the evaluators, making reliable assessments of trustworthiness of a system even harder to achieve. The paper outlines some issues in security assurance that apply across the board, with the focus on the trustworthiness and authenticity of hardware components and evaluates current approaches to assurance.

Securing medical research: a cybersecurity point of view.

PubMed

Schneier, Bruce

2012-06-22

The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.

SEADE: Countering the Futility of Network Security

DTIC Science & Technology

2015-10-01

guards, and computer cages) and logical security measures (network firewall and intrusion detection). However, no matter how many layers of network...security built-in and with minimal security dependence on network security appliances (e.g., firewalls ). As Secretary of Defense Ashton Carter...based analysis that assumes nothing bad will happen to applications/data if those defenses prevent malware transactions at the entrance. The

Use of a secure Internet Web site for collaborative medical research.

PubMed

Marshall, W W; Haley, R W

2000-10-11

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849.

Main control computer security model of closed network systems protection against cyber attacks

NASA Astrophysics Data System (ADS)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

Software For Computer-Security Audits

NASA Technical Reports Server (NTRS)

Arndt, Kate; Lonsford, Emily

1994-01-01

Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

On Consistency Test Method of Expert Opinion in Ecological Security Assessment

PubMed Central

Wang, Lihong

2017-01-01

To reflect the initiative design and initiative of human security management and safety warning, ecological safety assessment is of great value. In the comprehensive evaluation of regional ecological security with the participation of experts, the expert’s individual judgment level, ability and the consistency of the expert’s overall opinion will have a very important influence on the evaluation result. This paper studies the consistency measure and consensus measure based on the multiplicative and additive consistency property of fuzzy preference relation (FPR). We firstly propose the optimization methods to obtain the optimal multiplicative consistent and additively consistent FPRs of individual and group judgments, respectively. Then, we put forward a consistency measure by computing the distance between the original individual judgment and the optimal individual estimation, along with a consensus measure by computing the distance between the original collective judgment and the optimal collective estimation. In the end, we make a case study on ecological security for five cities. Result shows that the optimal FPRs are helpful in measuring the consistency degree of individual judgment and the consensus degree of collective judgment. PMID:28869570

On Consistency Test Method of Expert Opinion in Ecological Security Assessment.

PubMed

Gong, Zaiwu; Wang, Lihong

2017-09-04

To reflect the initiative design and initiative of human security management and safety warning, ecological safety assessment is of great value. In the comprehensive evaluation of regional ecological security with the participation of experts, the expert's individual judgment level, ability and the consistency of the expert's overall opinion will have a very important influence on the evaluation result. This paper studies the consistency measure and consensus measure based on the multiplicative and additive consistency property of fuzzy preference relation (FPR). We firstly propose the optimization methods to obtain the optimal multiplicative consistent and additively consistent FPRs of individual and group judgments, respectively. Then, we put forward a consistency measure by computing the distance between the original individual judgment and the optimal individual estimation, along with a consensus measure by computing the distance between the original collective judgment and the optimal collective estimation. In the end, we make a case study on ecological security for five cities. Result shows that the optimal FPRs are helpful in measuring the consistency degree of individual judgment and the consensus degree of collective judgment.

Secured Communication for Business Process Outsourcing Using Optimized Arithmetic Cryptography Protocol Based on Virtual Parties

NASA Astrophysics Data System (ADS)

Pathak, Rohit; Joshi, Satyadhar

Within a span of over a decade, India has become one of the most favored destinations across the world for Business Process Outsourcing (BPO) operations. India has rapidly achieved the status of being the most preferred destination for BPO for companies located in the US and Europe. Security and privacy are the two major issues needed to be addressed by the Indian software industry to have an increased and long-term outsourcing contract from the US. Another important issue is about sharing employee’s information to ensure that data and vital information of an outsourcing company is secured and protected. To ensure that the confidentiality of a client’s information is maintained, BPOs need to implement some data security measures. In this paper, we propose a new protocol for specifically for BPO Secure Multi-Party Computation (SMC). As there are many computations and surveys which involve confidential data from many parties or organizations and the concerned data is property of the organization, preservation and security of this data is of prime importance for such type of computations. Although the computation requires data from all the parties, but none of the associated parties would want to reveal their data to the other parties. We have proposed a new efficient and scalable protocol to perform computation on encrypted information. The information is encrypted in a manner that it does not affect the result of the computation. It uses modifier tokens which are distributed among virtual parties, and finally used in the computation. The computation function uses the acquired data and modifier tokens to compute right result from the encrypted data. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved. Also we have analyzed the specific case of Indian BPO.

32 CFR Appendix A to Part 223 - Procedures for Identifying and Controlling DoD UCNI

Code of Federal Regulations, 2011 CFR

2011-07-01

... security measures, including security plans, procedures, and equipment, for the physical protection of DoD... stand-alone personal computers, or shared-logic work processing systems, if protection from unauthorized... and security by increasing significantly the likelihood of the illegal production of nuclear weapons...

On the security of compressed encryption with partial unitary sensing matrices embedding a secret keystream

NASA Astrophysics Data System (ADS)

Yu, Nam Yul

2017-12-01

The principle of compressed sensing (CS) can be applied in a cryptosystem by providing the notion of security. In this paper, we study the computational security of a CS-based cryptosystem that encrypts a plaintext with a partial unitary sensing matrix embedding a secret keystream. The keystream is obtained by a keystream generator of stream ciphers, where the initial seed becomes the secret key of the CS-based cryptosystem. For security analysis, the total variation distance, bounded by the relative entropy and the Hellinger distance, is examined as a security measure for the indistinguishability. By developing upper bounds on the distance measures, we show that the CS-based cryptosystem can be computationally secure in terms of the indistinguishability, as long as the keystream length for each encryption is sufficiently large with low compression and sparsity ratios. In addition, we consider a potential chosen plaintext attack (CPA) from an adversary, which attempts to recover the key of the CS-based cryptosystem. Associated with the key recovery attack, we show that the computational security of our CS-based cryptosystem is brought by the mathematical intractability of a constrained integer least-squares (ILS) problem. For a sub-optimal, but feasible key recovery attack, we consider a successive approximate maximum-likelihood detection (SAMD) and investigate the performance by developing an upper bound on the success probability. Through theoretical and numerical analyses, we demonstrate that our CS-based cryptosystem can be secure against the key recovery attack through the SAMD.

Research and realization implementation of monitor technology on illegal external link of classified computer

NASA Astrophysics Data System (ADS)

Zhang, Hong

2017-06-01

In recent years, with the continuous development and application of network technology, network security has gradually entered people's field of vision. The host computer network external network of violations is an important reason for the threat of network security. At present, most of the work units have a certain degree of attention to network security, has taken a lot of means and methods to prevent network security problems such as the physical isolation of the internal network, install the firewall at the exit. However, these measures and methods to improve network security are often not comply with the safety rules of human behavior damage. For example, the host to wireless Internet access and dual-network card to access the Internet, inadvertently formed a two-way network of external networks and computer connections [1]. As a result, it is possible to cause some important documents and confidentiality leak even in the the circumstances of user unaware completely. Secrecy Computer Violation Out-of-band monitoring technology can largely prevent the violation by monitoring the behavior of the offending connection. In this paper, we mainly research and discuss the technology of secret computer monitoring.

Can the Analytical Hierarchy Process Model Be Effectively Applied in the Prioritization of Information Assurance Defense In-Depth Measures? --A Quantitative Study

ERIC Educational Resources Information Center

Alexander, Rodney T.

2017-01-01

Organizational computing devices are increasingly becoming targets of cyber-attacks, and organizations have become dependent on the safety and security of their computer networks and their organizational computing devices. Business and government often use defense in-depth information assurance measures such as firewalls, intrusion detection…

Measuring the Effectiveness of Information Security Training: A Comparative Analysis of Computer-Based Training and Instructor-Based Training

ERIC Educational Resources Information Center

Kim, Philip

2010-01-01

Financial institutions are increasingly finding difficulty defending against information security risks and threats, as they are often the number one target for information thieves. An effective information security training and awareness program can be a critical component of protecting an organization's information assets. Many financial…

Development of a medical information system that minimizes staff workload and secures system safety at a small medical institution

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Koyama, Tadashi

2005-04-01

We developed a secure system that minimizes staff workload and secures safety of a medical information system. In this study, we assess the legal security requirements and risks occurring from the use of digitized data. We then analyze the security measures for ways of reducing these risks. In the analysis, not only safety, but also costs of security measures and ease of operability are taken into consideration. Finally, we assess the effectiveness of security measures by employing our system in small-sized medical institution. As a result of the current study, we developed and implemented several security measures, such as authentications, cryptography, data back-up, and secure sockets layer protocol (SSL) in our system. In conclusion, the cost for the introduction and maintenance of a system is one of the primary difficulties with its employment by a small-sized institution. However, with recent reductions in the price of computers, and certain advantages of small-sized medical institutions, the development of an efficient system configuration has become possible.

Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

ERIC Educational Resources Information Center

Giacobe, Nicklaus A.

2013-01-01

Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

A novel quantum scheme for secure two-party distance computation

NASA Astrophysics Data System (ADS)

Peng, Zhen-wan; Shi, Run-hua; Zhong, Hong; Cui, Jie; Zhang, Shun

2017-12-01

Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point's location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.

Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1983-01-01

The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

Information Security Scheme Based on Computational Temporal Ghost Imaging.

PubMed

Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

2017-08-09

An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

Secure entanglement distillation for double-server blind quantum computation.

PubMed

Morimae, Tomoyuki; Fujii, Keisuke

2013-07-12

Blind quantum computation is a new secure quantum computing protocol where a client, who does not have enough quantum technologies at her disposal, can delegate her quantum computation to a server, who has a fully fledged quantum computer, in such a way that the server cannot learn anything about the client's input, output, and program. If the client interacts with only a single server, the client has to have some minimum quantum power, such as the ability of emitting randomly rotated single-qubit states or the ability of measuring states. If the client interacts with two servers who share Bell pairs but cannot communicate with each other, the client can be completely classical. For such a double-server scheme, two servers have to share clean Bell pairs, and therefore the entanglement distillation is necessary in a realistic noisy environment. In this Letter, we show that it is possible to perform entanglement distillation in the double-server scheme without degrading the security of blind quantum computing.

Lawrence Livermore National Laboratory safeguards and security quarterly progress report to the US Department of Energy quarter ending September 30, 1994

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

1994-10-01

This report presents the details of the Lawrence Livermore National Laboratory safeguards and securities program. This program is focused on developing new technology, such as x- and gamma-ray spectrometry, for measurement of special nuclear materials. This program supports the Office of Safeguards and Securities in the following five areas; safeguards technology, safeguards and decision support, computer security, automated physical security, and automated visitor access control systems.

Verification for measurement-only blind quantum computing

NASA Astrophysics Data System (ADS)

Morimae, Tomoyuki

2014-06-01

Blind quantum computing is a new secure quantum computing protocol where a client who does not have any sophisticated quantum technology can delegate her quantum computing to a server without leaking any privacy. It is known that a client who has only a measurement device can perform blind quantum computing [T. Morimae and K. Fujii, Phys. Rev. A 87, 050301(R) (2013), 10.1103/PhysRevA.87.050301]. It has been an open problem whether the protocol can enjoy the verification, i.e., the ability of the client to check the correctness of the computing. In this paper, we propose a protocol of verification for the measurement-only blind quantum computing.

A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

NASA Astrophysics Data System (ADS)

Mohammadi, Hadi

Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to create and design a Security and Critical Patch Management Process (SCPMP) framework based on Systems Engineering (SE) principles. This framework will assist Information Technology Department Staff (ITDS) to reduce IT operating time and costs and mitigate the risk of security and vulnerability attacks. Further, this study evaluates implementation of the SCPMP in the networked computing systems of an academic environment in order to: 1. Meet patch management requirements by applying SE principles. 2. Reduce the cost of IT operations and PVM cycles. 3. Improve the current PVM methodologies to prevent networked computing systems from becoming the targets of security vulnerability attacks. 4. Embed a Maintenance Optimization Tool (MOT) in the proposed framework. The MOT allows IT managers to make the most practicable choice of methods for deploying and installing released patches and vulnerability remediation. In recent years, there has been a variety of frameworks for security practices in every networked computing system to protect computer workstations from becoming compromised or vulnerable to security attacks, which can expose important information and critical data. I have developed a new mechanism for implementing PVM for maximizing security-vulnerability maintenance, protecting OS and software packages, and minimizing SCPMP cost. To increase computing system security in any diverse environment, particularly in academia, one must apply SCPMP. I propose an optimal maintenance policy that will allow ITDS to measure and estimate the variation of PVM cycles based on their department's requirements. My results demonstrate that MOT optimizes the process of implementing SCPMP in academic workstations.

High-Tech Security Help.

ERIC Educational Resources Information Center

Flanigan, Robin L.

2000-01-01

Advocates embrace high-tech security measures as necessary to avoid Columbine-style massacres. Critics contend that school systems can go overboard, making students feel less safe and too closely scrutinized. Current electronic, biometric, and computer-mapping devices and school applications are discussed. Vendors are listed. (MLH)

Blind topological measurement-based quantum computation.

PubMed

Morimae, Tomoyuki; Fujii, Keisuke

2012-01-01

Blind quantum computation is a novel secure quantum-computing protocol that enables Alice, who does not have sufficient quantum technology at her disposal, to delegate her quantum computation to Bob, who has a fully fledged quantum computer, in such a way that Bob cannot learn anything about Alice's input, output and algorithm. A recent proof-of-principle experiment demonstrating blind quantum computation in an optical system has raised new challenges regarding the scalability of blind quantum computation in realistic noisy conditions. Here we show that fault-tolerant blind quantum computation is possible in a topologically protected manner using the Raussendorf-Harrington-Goyal scheme. The error threshold of our scheme is 4.3 × 10(-3), which is comparable to that (7.5 × 10(-3)) of non-blind topological quantum computation. As the error per gate of the order 10(-3) was already achieved in some experimental systems, our result implies that secure cloud quantum computation is within reach.

Blind topological measurement-based quantum computation

NASA Astrophysics Data System (ADS)

Morimae, Tomoyuki; Fujii, Keisuke

2012-09-01

Blind quantum computation is a novel secure quantum-computing protocol that enables Alice, who does not have sufficient quantum technology at her disposal, to delegate her quantum computation to Bob, who has a fully fledged quantum computer, in such a way that Bob cannot learn anything about Alice's input, output and algorithm. A recent proof-of-principle experiment demonstrating blind quantum computation in an optical system has raised new challenges regarding the scalability of blind quantum computation in realistic noisy conditions. Here we show that fault-tolerant blind quantum computation is possible in a topologically protected manner using the Raussendorf-Harrington-Goyal scheme. The error threshold of our scheme is 4.3×10-3, which is comparable to that (7.5×10-3) of non-blind topological quantum computation. As the error per gate of the order 10-3 was already achieved in some experimental systems, our result implies that secure cloud quantum computation is within reach.

The Father Christmas worm

NASA Technical Reports Server (NTRS)

Green, James L.; Sisson, Patricia L.

1989-01-01

Given here is an overview analysis of the Father Christmas Worm, a computer worm that was released onto the DECnet Internet three days before Christmas 1988. The purpose behind the worm was to send an electronic mail message to all users on the computer system running the worm. The message was a Christmas greeting and was signed 'Father Christmas'. From the investigation, it was determined that the worm was released from a computer (node number 20597::) at a university in Switzerland. The worm was designed to travel quickly. Estimates are that it was copied to over 6,000 computer nodes. However, it was believed to have executed on only a fraction of those computers. Within ten minutes after it was released, the worm was detected at the Space Physics Analysis Network (SPAN), NASA's largest space and Earth science network. Once the source program was captured, a procedural cure, using the existing functionality of the computer operating systems, was quickly devised and distributed. A combination of existing computer security measures, the quick and accurate procedures devised to stop copies of the worm from executing, and the network itself, were used to rapidly provide the cure. These were the main reasons why the worm executed on such a small percentage of nodes. This overview of the analysis of the events concerning the worm is based on an investigation made by the SPAN Security Team and provides some insight into future security measures that will be taken to handle computer worms and viruses that may hit similar networks.

Lawrence Livermore National Laboratory`s Computer Security Short Subjects Videos: Hidden Password, The Incident, Dangerous Games and The Mess; Computer Security Awareness Guide

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

A video on computer security is described. Lonnie Moore, the Computer Security Manager, CSSM/CPPM at Lawrence Livermore National Laboratory (LLNL) and Gale Warshawsky, the Coordinator for Computer Security Education and Awareness at LLNL, wanted to share topics such as computer ethics, software piracy, privacy issues, and protecting information in a format that would capture and hold an audience`s attention. Four Computer Security Short Subject videos were produced which ranged from 1--3 minutes each. These videos are very effective education and awareness tools that can be used to generate discussions about computer security concerns and good computing practices.

Video Encryption and Decryption on Quantum Computers

NASA Astrophysics Data System (ADS)

Yan, Fei; Iliyasu, Abdullah M.; Venegas-Andraca, Salvador E.; Yang, Huamin

2015-08-01

A method for video encryption and decryption on quantum computers is proposed based on color information transformations on each frame encoding the content of the encoding the content of the video. The proposed method provides a flexible operation to encrypt quantum video by means of the quantum measurement in order to enhance the security of the video. To validate the proposed approach, a tetris tile-matching puzzle game video is utilized in the experimental simulations. The results obtained suggest that the proposed method enhances the security and speed of quantum video encryption and decryption, both properties required for secure transmission and sharing of video content in quantum communication.

BIOS Security Analysis and a Kind of Trusted BIOS

NASA Astrophysics Data System (ADS)

Zhou, Zhenliu; Xu, Rongsheng

The BIOS's security threats to computer system are analyzed and security requirements for firmware BIOS are summarized in this paper. Through discussion about TCG's trust transitivity, a new approach about CRTM implementation based on BIOS is developed. In this paper, we also put forward a new trusted BIOS architecture-UTBIOS which is built on Intel Framework for EFI/UEFI. The trustworthiness of UTBIOS is based on trusted hardware TPM. In UTBIOS, trust encapsulation and trust measurement are used to construct pre-OS trust chain. Performance of trust measurement is also analyzed in the end.

A Portable Computer Security Workshop

ERIC Educational Resources Information Center

Wagner, Paul J.; Phillips, Andrew T.

2006-01-01

We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

Proactive Self Defense in Cyberspace

DTIC Science & Technology

2009-02-17

other security measures. A second theme is the continued expansion of cyber crime. Profit is the motivation for these cyber criminals and many of these...lawbreakers are very successful unfortunately. In fact, experts in the computer and network security fields see that in the future, the cyber criminals “will

Secure data exchange between intelligent devices and computing centers

NASA Astrophysics Data System (ADS)

Naqvi, Syed; Riguidel, Michel

2005-03-01

The advent of reliable spontaneous networking technologies (commonly known as wireless ad-hoc networks) has ostensibly raised stakes for the conception of computing intensive environments using intelligent devices as their interface with the external world. These smart devices are used as data gateways for the computing units. These devices are employed in highly volatile environments where the secure exchange of data between these devices and their computing centers is of paramount importance. Moreover, their mission critical applications require dependable measures against the attacks like denial of service (DoS), eavesdropping, masquerading, etc. In this paper, we propose a mechanism to assure reliable data exchange between an intelligent environment composed of smart devices and distributed computing units collectively called 'computational grid'. The notion of infosphere is used to define a digital space made up of a persistent and a volatile asset in an often indefinite geographical space. We study different infospheres and present general evolutions and issues in the security of such technology-rich and intelligent environments. It is beyond any doubt that these environments will likely face a proliferation of users, applications, networked devices, and their interactions on a scale never experienced before. It would be better to build in the ability to uniformly deal with these systems. As a solution, we propose a concept of virtualization of security services. We try to solve the difficult problems of implementation and maintenance of trust on the one hand, and those of security management in heterogeneous infrastructure on the other hand.

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

PubMed Central

Castedo, Luis

2017-01-01

Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption. PMID:28850104

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications.

PubMed

Suárez-Albela, Manuel; Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Castedo, Luis

2017-08-29

Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.

Security Framework for Pervasive Healthcare Architectures Utilizing MPEG-21 IPMP Components.

PubMed

Fragopoulos, Anastasios; Gialelis, John; Serpanos, Dimitrios

2009-01-01

Nowadays in modern and ubiquitous computing environments, it is imperative more than ever the necessity for deployment of pervasive healthcare architectures into which the patient is the central point surrounded by different types of embedded and small computing devices, which measure sensitive physical indications, interacting with hospitals databases, allowing thus urgent medical response in occurrences of critical situations. Such environments must be developed satisfying the basic security requirements for real-time secure data communication, and protection of sensitive medical data and measurements, data integrity and confidentiality, and protection of the monitored patient's privacy. In this work, we argue that the MPEG-21 Intellectual Property Management and Protection (IPMP) components can be used in order to achieve protection of transmitted medical information and enhance patient's privacy, since there is selective and controlled access to medical data that sent toward the hospital's servers.

An Empirical Measure of Computer Security Strength for Vulnerability Remediation

ERIC Educational Resources Information Center

Villegas, Rafael

2010-01-01

Remediating all vulnerabilities on computer systems in a timely and cost effective manner is difficult given that the window of time between the announcement of a new vulnerability and an automated attack has decreased. Hence, organizations need to prioritize the vulnerability remediation process on their computer systems. The goal of this…

Insider Threat to Computer Security at Nuclear Facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

West, Rebecca Lynn

After completing this session, you should be able to: Describe the Insider Threat; Characterize the cyber insider threat; Describe preventive measures against the insider threat; Describe protective measures against the insider threat.

20 CFR 404.278 - Additional cost-of-living increase.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Section 404.278 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Computing Primary Insurance Amounts Cost-Of-Living Increases § 404.278...) Measuring period for the additional increase—(1) Beginning. To compute the additional increase, we begin...

Exploring Factors That Affect Adoption of Computer Security Practices among College Students

ERIC Educational Resources Information Center

Alqarni, Amani

2017-01-01

Cyber-attacks threaten the security of computer users' information, networks, machines, and privacy. Studies of computer security education, awareness, and training among ordinary computer users, college students, non-IT-oriented user groups, and non-technically trained citizens are limited. Most research has focused on computer security standards…

Blind topological measurement-based quantum computation

PubMed Central

Morimae, Tomoyuki; Fujii, Keisuke

2012-01-01

Blind quantum computation is a novel secure quantum-computing protocol that enables Alice, who does not have sufficient quantum technology at her disposal, to delegate her quantum computation to Bob, who has a fully fledged quantum computer, in such a way that Bob cannot learn anything about Alice's input, output and algorithm. A recent proof-of-principle experiment demonstrating blind quantum computation in an optical system has raised new challenges regarding the scalability of blind quantum computation in realistic noisy conditions. Here we show that fault-tolerant blind quantum computation is possible in a topologically protected manner using the Raussendorf–Harrington–Goyal scheme. The error threshold of our scheme is 4.3×10−3, which is comparable to that (7.5×10−3) of non-blind topological quantum computation. As the error per gate of the order 10−3 was already achieved in some experimental systems, our result implies that secure cloud quantum computation is within reach. PMID:22948818

Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

PubMed

Kraemer, Sara; Carayon, Pascale

2007-03-01

This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

Protecting computer-based medical devices: defending against viruses and other threats.

PubMed

2005-07-01

The increasing integration of computer hardware has exposed medical devices to greater risks than ever before. More and more devices rely on commercial off-the-shelf software and operating systems, which are vulnerable to the increasing proliferation of viruses and other malicious programs that target computers. Therefore, it is necessary for hospitals to take steps such as those outlined in this article to ensure that their computer-based devices are made safe and continue to remain safe in the future. Maintaining the security of medical devices requires planning, careful execution, and a commitment of resources. A team should be created to develop a process for surveying the security status of all computerized devices in the hospital and making sure that patches and other updates are applied as needed. These patches and updates should be approved by the medical system supplier before being implemented. The team should consider using virtual local area networks to isolate susceptible devices on the hospital's network. All security measures should be carefully documented, and the documentation should be kept up-to-date. Above all, care must be taken to ensure that medical device security involves a collaborative, supportive partnership between the hospital's information technology staff and biomedical engineering personnel.

Defense Logistics Agency Computer-Aided Acquisition and Logistics Support Security Measures

DTIC Science & Technology

1989-09-29

sopisit ftre a nduate eiromensweaonsyte dt i vaiou mdi, nfrrngcls- having security features commensurate with today’s weapon system data in various media ...sections, ministrator that has completed an accredited three areas of improvement in security emphasis are APscrt orebfr htst a ecn deemed appropriate...May 1989, been in a hardcopy media and in accordance with Washington, D.C. specific contract clauses and FAR/DFAR. Through CALS, the Government shall

A novel quantum solution to secure two-party distance computation

NASA Astrophysics Data System (ADS)

Peng, Zhen-wan; Shi, Run-hua; Wang, Pan-hong; Zhang, Shun

2018-06-01

Secure Two-Party Distance Computation is an important primitive of Secure Multiparty Computational Geometry that it involves two parties, where each party has a private point, and the two parties want to jointly compute the distance between their points without revealing anything about their respective private information. Secure Two-Party Distance Computation has very important and potential applications in settings of high secure requirements, such as privacy-preserving Determination of Spatial Location-Relation, Determination of Polygons Similarity, and so on. In this paper, we present a quantum protocol for Secure Two-Party Distance Computation by using QKD-based Quantum Private Query. The security of the protocol is based on the physical principles of quantum mechanics, instead of difficulty assumptions, and therefore, it can ensure higher security than the classical related protocols.

Measurement-only verifiable blind quantum computing with quantum input verification

NASA Astrophysics Data System (ADS)

Morimae, Tomoyuki

2016-10-01

Verifiable blind quantum computing is a secure delegated quantum computing where a client with a limited quantum technology delegates her quantum computing to a server who has a universal quantum computer. The client's privacy is protected (blindness), and the correctness of the computation is verifiable by the client despite her limited quantum technology (verifiability). There are mainly two types of protocols for verifiable blind quantum computing: the protocol where the client has only to generate single-qubit states and the protocol where the client needs only the ability of single-qubit measurements. The latter is called the measurement-only verifiable blind quantum computing. If the input of the client's quantum computing is a quantum state, whose classical efficient description is not known to the client, there was no way for the measurement-only client to verify the correctness of the input. Here we introduce a protocol of measurement-only verifiable blind quantum computing where the correctness of the quantum input is also verifiable.

Secure Multiparty Quantum Computation for Summation and Multiplication.

PubMed

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-21

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics.

Secure Multiparty Quantum Computation for Summation and Multiplication

PubMed Central

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-01

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics. PMID:26792197

A Computer Security Course in the Undergraduate Computer Science Curriculum.

ERIC Educational Resources Information Center

Spillman, Richard

1992-01-01

Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

DTIC Science & Technology

2010-07-01

Cloud computing , an emerging form of computing in which users have access to scalable, on-demand capabilities that are provided through Internet... cloud computing , (2) the information security implications of using cloud computing services in the Federal Government, and (3) federal guidance and...efforts to address information security when using cloud computing . The complete report is titled Information Security: Federal Guidance Needed to

76 FR 7818 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-11

... will be open to the public. The ISPAB was established by the Computer Security Act of 1987 (Pub. L. 100..., --Presentation on Science of Security relating to computer security research, --Presentation on Access of..., --A panel of Inspector Generals regarding privacy and security, and --Update on NIST Computer Security...

SEED: A Suite of Instructional Laboratories for Computer Security Education

ERIC Educational Resources Information Center

Du, Wenliang; Wang, Ronghua

2008-01-01

The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

48 CFR 204.7301 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 204.7301 Definitions. As used in this subpart— Adequate security means protective measures that are... restrictions. Cyber incident means actions taken through the use of computer networks that result in an actual.... Technical information means technical data or computer software, as those terms are defined in the clause at...

48 CFR 952.204-77 - Computer security.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 5 2012-10-01 2012-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

48 CFR 952.204-77 - Computer security.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

48 CFR 952.204-77 - Computer security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

48 CFR 952.204-77 - Computer security.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

48 CFR 952.204-77 - Computer security.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

reCAPTCHA: human-based character recognition via Web security measures.

PubMed

von Ahn, Luis; Maurer, Benjamin; McMillen, Colin; Abraham, David; Blum, Manuel

2008-09-12

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.

Measuring Human Performance within Computer Security Incident Response Teams

DOE Office of Scientific and Technical Information (OSTI.GOV)

McClain, Jonathan T.; Silva, Austin Ray; Avina, Glory Emmanuel

Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. Thesemore » events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.« less

Analysis of key technologies for virtual instruments metrology

NASA Astrophysics Data System (ADS)

Liu, Guixiong; Xu, Qingui; Gao, Furong; Guan, Qiuju; Fang, Qiang

2008-12-01

Virtual instruments (VIs) require metrological verification when applied as measuring instruments. Owing to the software-centered architecture, metrological evaluation of VIs includes two aspects: measurement functions and software characteristics. Complexity of software imposes difficulties on metrological testing of VIs. Key approaches and technologies for metrology evaluation of virtual instruments are investigated and analyzed in this paper. The principal issue is evaluation of measurement uncertainty. The nature and regularity of measurement uncertainty caused by software and algorithms can be evaluated by modeling, simulation, analysis, testing and statistics with support of powerful computing capability of PC. Another concern is evaluation of software features like correctness, reliability, stability, security and real-time of VIs. Technologies from software engineering, software testing and computer security domain can be used for these purposes. For example, a variety of black-box testing, white-box testing and modeling approaches can be used to evaluate the reliability of modules, components, applications and the whole VI software. The security of a VI can be assessed by methods like vulnerability scanning and penetration analysis. In order to facilitate metrology institutions to perform metrological verification of VIs efficiently, an automatic metrological tool for the above validation is essential. Based on technologies of numerical simulation, software testing and system benchmarking, a framework for the automatic tool is proposed in this paper. Investigation on implementation of existing automatic tools that perform calculation of measurement uncertainty, software testing and security assessment demonstrates the feasibility of the automatic framework advanced.

Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

DTIC Science & Technology

2016-07-14

of the important properties of secure computation . In particular, it is known that full fairness cannot be achieved in the case of two-party com...Jakobsen, J. Nielsen, and C. Orlandi. A framework for outsourcing of secure computation . In ACM Workshop on Cloud Computing Security (CCSW), pages...Function Evaluation with Applications to Genomic Computation Abstract: Computation based on genomic data is becoming increasingly popular today, be it

Outsourcing Security Services for Low Performance Portable Devices

NASA Astrophysics Data System (ADS)

Szentgyörgyi, Attila; Korn, András

The number of portable devices using wireless network technologies is on the rise. Some of these devices are incapable of, or at a disadvantage at using secure Internet services, because secure communication often requires comparatively high computing capacity. In this paper, we propose a solution which can be used to offer secure network services for low performance portable devices without severely degrading data transmission rates. We also show that using our approach these devices can utilize some secure network services which were so far unavailable to them due to a lack of software support. In order to back up our claims, we present performance measurement results obtained in a test network.

Method for transferring data from an unsecured computer to a secured computer

DOEpatents

Nilsen, Curt A.

1997-01-01

A method is described for transferring data from an unsecured computer to a secured computer. The method includes transmitting the data and then receiving the data. Next, the data is retransmitted and rereceived. Then, it is determined if errors were introduced when the data was transmitted by the unsecured computer or received by the secured computer. Similarly, it is determined if errors were introduced when the data was retransmitted by the unsecured computer or rereceived by the secured computer. A warning signal is emitted from a warning device coupled to the secured computer if (i) an error was introduced when the data was transmitted or received, and (ii) an error was introduced when the data was retransmitted or rereceived.

Verifiable Measurement-Only Blind Quantum Computing with Stabilizer Testing.

PubMed

Hayashi, Masahito; Morimae, Tomoyuki

2015-11-27

We introduce a simple protocol for verifiable measurement-only blind quantum computing. Alice, a client, can perform only single-qubit measurements, whereas Bob, a server, can generate and store entangled many-qubit states. Bob generates copies of a graph state, which is a universal resource state for measurement-based quantum computing, and sends Alice each qubit of them one by one. Alice adaptively measures each qubit according to her program. If Bob is honest, he generates the correct graph state, and, therefore, Alice can obtain the correct computation result. Regarding the security, whatever Bob does, Bob cannot get any information about Alice's computation because of the no-signaling principle. Furthermore, malicious Bob does not necessarily send the copies of the correct graph state, but Alice can check the correctness of Bob's state by directly verifying the stabilizers of some copies.

Verifiable Measurement-Only Blind Quantum Computing with Stabilizer Testing

NASA Astrophysics Data System (ADS)

Hayashi, Masahito; Morimae, Tomoyuki

2015-11-01

We introduce a simple protocol for verifiable measurement-only blind quantum computing. Alice, a client, can perform only single-qubit measurements, whereas Bob, a server, can generate and store entangled many-qubit states. Bob generates copies of a graph state, which is a universal resource state for measurement-based quantum computing, and sends Alice each qubit of them one by one. Alice adaptively measures each qubit according to her program. If Bob is honest, he generates the correct graph state, and, therefore, Alice can obtain the correct computation result. Regarding the security, whatever Bob does, Bob cannot get any information about Alice's computation because of the no-signaling principle. Furthermore, malicious Bob does not necessarily send the copies of the correct graph state, but Alice can check the correctness of Bob's state by directly verifying the stabilizers of some copies.

Computer Security Models

DTIC Science & Technology

1984-09-01

Verification Technique for a Class of Security Kernels," International Symposium on Programming , Lecture Notes in Computer Science 137, Springer-Verlag, New York...September 1984 MTR9S31 " J. K. Millen Computer Security C. M. Cerniglia Models * 0 Ne c - ¢- C. S• ~CONTRACT SPONSOR OUSDRE/C31 & ESO/ALEE...ABSTRACT The purpose of this report is to provide a basis for evaluating security models in the context of secure computer system development

Home Computer and Internet User Security

DTIC Science & Technology

2005-01-01

Information Security Model © 2005 Carnegie Mellon University (Lawrence R. Rogers, Author) Home Computer and Internet User Security...Carnegie Mellon University (Lawrence R. Rogers, Author) Home Computer and Internet User Security Version 1.0.4 – slide 50 Contact Information Lawrence R. Rogers • Email: cert@cert.org CERT website: http://www.cert.org/ ...U.S. Patent and Trademark Office Home Computer and Internet User Security Report Documentation Page Form ApprovedOMB

20 CFR 404.275 - How is an automatic cost-of-living increase calculated?

Code of Federal Regulations, 2010 CFR

2010-04-01

... calculated? 404.275 Section 404.275 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Computing Primary Insurance Amounts Cost-Of-Living Increases... compute the average of the CPI for the quarters that begin and end the measuring period by adding the...

The ALL-OUT Library; A Design for Computer-Powered, Multidimensional Services.

ERIC Educational Resources Information Center

Sleeth, Jim; LaRue, James

1983-01-01

Preliminary description of design of electronic library and home information delivery system highlights potentials of personal computer interface program (applying for service, assuring that users are valid, checking for measures, searching, locating titles) and incorporation of concepts used in other information systems (security checks,…

Security screening via computational imaging using frequency-diverse metasurface apertures

NASA Astrophysics Data System (ADS)

Smith, David R.; Reynolds, Matthew S.; Gollub, Jonah N.; Marks, Daniel L.; Imani, Mohammadreza F.; Yurduseven, Okan; Arnitz, Daniel; Pedross-Engel, Andreas; Sleasman, Timothy; Trofatter, Parker; Boyarsky, Michael; Rose, Alec; Odabasi, Hayrettin; Lipworth, Guy

2017-05-01

Computational imaging is a proven strategy for obtaining high-quality images with fast acquisition rates and simpler hardware. Metasurfaces provide exquisite control over electromagnetic fields, enabling the radiated field to be molded into unique patterns. The fusion of these two concepts can bring about revolutionary advances in the design of imaging systems for security screening. In the context of computational imaging, each field pattern serves as a single measurement of a scene; imaging a scene can then be interpreted as estimating the reflectivity distribution of a target from a set of measurements. As with any computational imaging system, the key challenge is to arrive at a minimal set of measurements from which a diffraction-limited image can be resolved. Here, we show that the information content of a frequency-diverse metasurface aperture can be maximized by design, and used to construct a complete millimeter-wave imaging system spanning a 2 m by 2 m area, consisting of 96 metasurfaces, capable of producing diffraction-limited images of human-scale targets. The metasurfacebased frequency-diverse system presented in this work represents an inexpensive, but tremendously flexible alternative to traditional hardware paradigms, offering the possibility of low-cost, real-time, and ubiquitous screening platforms.

Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

ERIC Educational Resources Information Center

Branstad, Dennis K., Ed.

The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

Information Security: Computer Hacker Information Available on the Internet

DTIC Science & Technology

1996-06-05

INFORMATION SECURITY Computer Hacker Information Available on the Internet Statement for the Record of...Report Type N/A Dates Covered (from... to) - Title and Subtitle INFORMATION SECURITY Computer Hacker Information Available on the Internet Contract...1996 4. TITLE AND SUBTITLE Information Security: Computer Hacker Information Available on the Internet 5. FUNDING NUMBERS 6. AUTHOR(S) Jack L.

Indirection and computer security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Berg, Michael J.

2011-09-01

The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyzemore » common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.« less

Computer Security Awareness Guide for Department of Energy Laboratories, Government Agencies, and others for use with Lawrence Livermore National Laboratory`s (LLNL): Computer security short subjects videos

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

Lonnie Moore, the Computer Security Manager, CSSM/CPPM at Lawrence Livermore National Laboratory (LLNL) and Gale Warshawsky, the Coordinator for Computer Security Education & Awareness at LLNL, wanted to share topics such as computer ethics, software piracy, privacy issues, and protecting information in a format that would capture and hold an audience`s attention. Four Computer Security Short Subject videos were produced which ranged from 1-3 minutes each. These videos are very effective education and awareness tools that can be used to generate discussions about computer security concerns and good computing practices. Leaders may incorporate the Short Subjects into presentations. After talkingmore » about a subject area, one of the Short Subjects may be shown to highlight that subject matter. Another method for sharing them could be to show a Short Subject first and then lead a discussion about its topic. The cast of characters and a bit of information about their personalities in the LLNL Computer Security Short Subjects is included in this report.« less

Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

NASA Astrophysics Data System (ADS)

Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

2016-12-01

Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

Downgrade of the Savannah River Sites FB-Line

DOE Office of Scientific and Technical Information (OSTI.GOV)

SADOWSKI, ED; YOURCHAK, RANDY; PRETZELLO MARJI

2005-07-05

This paper will discuss the Safeguards & Security (S&S) activities that resulted in the downgrade of the Savannah River Site's FB-Line (FBL) from a Category I Material Balance Area (MBA) in a Material Access Area (MAA) to a Category IV MBA in a Property Protection Area (PPA). The Safeguards activities included measurement of final product items, transferal of nuclear material to other Savannah River Site (SRS) facilities, discard of excess nuclear material items, and final measurements of holdup material. The Security activities included relocation and destruction of classified documents and repositories, decertification of a classified computer, access control changes, updatesmore » to planning documents, deactivation and removal of security systems, Human Reliability Program (HRP) removals, and information security training for personnel that will remain in the FBL PPA.« less

Security in perspective; luxury or must?

PubMed

Bakker, A

1998-03-01

In this paper, security in health information systems is put into perspective. The further penetration of information technology into health care is discussed and it is concluded that information systems have already become a vital component, not only for the logistics of the health care institution but also for the rendering of care and cure. Health care depends heavily on adequate data, so availability and integrity are equally important. In view of the sensitive nature of many patient data, the importance of confidentiality was recognised long before computers were invented. For widespread use of IT in health care it is of vital importance that computers can be trusted in respect of confidentiality. This paper emphasises the need to pay attention to security and suggests a responsible approach with implementation of both technical and organisational measures.

Phishing

MedlinePlus

... Money & Credit Homes & Mortgages Health & Fitness Jobs & Making Money Privacy, Identity & Online Security Limiting Unwanted Calls and Emails Online Security "Free" Security Scans Computer Security Disposing of Old Computers ...

Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

ERIC Educational Resources Information Center

Edwards, Keith

2015-01-01

Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

31 CFR 31.217 - Confidentiality of information.

Code of Federal Regulations, 2011 CFR

2011-07-01

... facilities and storage containers where nonpublic information is stored. (2) Security measures to detect and prevent unauthorized access to computer equipment and data storage devices that store or transmit...

31 CFR 31.217 - Confidentiality of information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... facilities and storage containers where nonpublic information is stored. (2) Security measures to detect and prevent unauthorized access to computer equipment and data storage devices that store or transmit...

31 CFR 31.217 - Confidentiality of information.

Code of Federal Regulations, 2014 CFR

2014-07-01

... facilities and storage containers where nonpublic information is stored. (2) Security measures to detect and prevent unauthorized access to computer equipment and data storage devices that store or transmit...

31 CFR 31.217 - Confidentiality of information.

Code of Federal Regulations, 2012 CFR

2012-07-01

... facilities and storage containers where nonpublic information is stored. (2) Security measures to detect and prevent unauthorized access to computer equipment and data storage devices that store or transmit...

31 CFR 31.217 - Confidentiality of information.

Code of Federal Regulations, 2013 CFR

2013-07-01

... facilities and storage containers where nonpublic information is stored. (2) Security measures to detect and prevent unauthorized access to computer equipment and data storage devices that store or transmit...

Science and Technology Resources on the Internet: Computer Security.

ERIC Educational Resources Information Center

Kinkus, Jane F.

2002-01-01

Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

Hacked E-mail

MedlinePlus

... Money & Credit Homes & Mortgages Health & Fitness Jobs & Making Money Privacy, Identity & Online Security Limiting Unwanted Calls and Emails Online Security "Free" Security Scans Computer Security Disposing of Old Computers ...

Computer Security Systems Enable Access.

ERIC Educational Resources Information Center

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

76 FR 7817 - Announcing Draft Federal Information Processing Standard 180-4, Secure Hash Standard, and Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-11

... before May 12, 2011. ADDRESSES: Written comments may be sent to: Chief, Computer Security Division... FURTHER INFORMATION CONTACT: Elaine Barker, Computer Security Division, National Institute of Standards... Quynh Dang, Computer Security Division, National Institute of Standards and Technology, Gaithersburg, MD...

Secure key storage and distribution

DOEpatents

Agrawal, Punit

2015-06-02

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data

DTIC Science & Technology

2017-03-02

AFRL-AFOSR-UK-TR-2017-0020 Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data Philip Walther UNIVERSITT WIEN Final...REPORT TYPE Final 3. DATES COVERED (From - To) 15 Oct 2015 to 31 Dec 2016 4. TITLE AND SUBTITLE Quantum-Enhanced Cyber Security: Experimental Computation...FORM SF 298 Final Report for FA9550-1-6-1-0004 Quantum-enhanced cyber security: Experimental quantum computation with quantum-encrypted data

78 FR 1275 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-08

... Social Security Administration (Computer Matching Agreement 1071). SUMMARY: In accordance with the... of its new computer matching program with the Social Security Administration (SSA). DATES: OPM will... conditions under which SSA will disclose Social Security benefit data to OPM via direct computer link. OPM...

Research on the information security system in electrical gis system in mobile application

NASA Astrophysics Data System (ADS)

Zhou, Chao; Feng, Renjun; Jiang, Haitao; Huang, Wei; Zhu, Daohua

2017-05-01

With the rapid development of social informatization process, the demands of government, enterprise, and individuals for spatial information becomes larger. In addition, the combination of wireless network technology and spatial information technology promotes the generation and development of mobile technologies. In today’s rapidly developed information technology field, network technology and mobile communication have become the two pillar industries by leaps and bounds. They almost absorbed and adopted all the latest information, communication, computer, electronics and so on new technologies. Concomitantly, the network coverage is more and more big, the transmission rate is faster and faster, the volume of user’s terminal is smaller and smaller. What’s more, from LAN to WAN, from wired network to wireless network, from wired access to mobile wireless access, people’s demand for communication technology is increasingly higher. As a result, mobile communication technology is facing unprecedented challenges as well as unprecedented opportunities. When combined with the existing mobile communication network, it led to the development of leaps and bounds. However, due to the inherent dependence of the system on the existing computer communication network, information security problems cannot be ignored. Today’s information security has penetrated into all aspects of life. Information system is a complex computer system, and it’s physical, operational and management vulnerabilities constitute the security vulnerability of the system. Firstly, this paper analyzes the composition of mobile enterprise network and information security threat. Secondly, this paper puts forward the security planning and measures, and constructs the information security structure.

77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0089] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Homeland Security (DHS))--Match Number 1010 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that...

FAA computer security : recommendations to address continuing weaknesses

DOT National Transportation Integrated Search

2000-12-01

In September, testimony before the Committee on Science, House of Representatives, focused on the Federal Aviation Administration's (FAA) computer security program. In brief, we reported that FAA's agency-wide computer security program has serious, p...

DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments.

PubMed

Song, Min Su; Lee, Jae Dong; Jeong, Young-Sik; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system.

DS-ARP: A New Detection Scheme for ARP Spoofing Attacks Based on Routing Trace for Ubiquitous Environments

PubMed Central

Song, Min Su; Lee, Jae Dong; Jeong, Hwa-Young; Park, Jong Hyuk

2014-01-01

Despite the convenience, ubiquitous computing suffers from many threats and security risks. Security considerations in the ubiquitous network are required to create enriched and more secure ubiquitous environments. The address resolution protocol (ARP) is a protocol used to identify the IP address and the physical address of the associated network card. ARP is designed to work without problems in general environments. However, since it does not include security measures against malicious attacks, in its design, an attacker can impersonate another host using ARP spoofing or access important information. In this paper, we propose a new detection scheme for ARP spoofing attacks using a routing trace, which can be used to protect the internal network. Tracing routing can find the change of network movement path. The proposed scheme provides high constancy and compatibility because it does not alter the ARP protocol. In addition, it is simple and stable, as it does not use a complex algorithm or impose extra load on the computer system. PMID:25243205

Security training with interactive laser-video-disk technology

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wilson, D.

1988-01-01

DOE, through its contractor EG and G Energy Measurements, Inc., has developed a state-of-the-art interactive-video system for use at the Department of Energy's Central Training Academy. Called the Security Training and Evaluation Shooting System (STRESS), the computer-driven decision shooting system employs the latest is laservideo-disk technology. STRESS is designed to provide realistic and stressful training for security inspectors employed by the DOE and its contractors. The system uses wide-screen video projection, sophisticated scenario-branching technology, and customized video scenarios especially designed for the DOE. Firing a weapon that has been modified to shoot ''laser bullets,'' and wearing a special vest thatmore » detects ''hits'': the security inspector encounters adversaries on the wide screen who can shoot or be shot by the inspector in scenarios that demand fast decisions. Based on those decisions, the computer provides instantaneous branching to different scenes, giving the inspector confrontational training with the realism and variability of real life.« less

Computer loss experience and predictions

NASA Astrophysics Data System (ADS)

Parker, Donn B.

1996-03-01

The types of losses organizations must anticipate have become more difficult to predict because of the eclectic nature of computers and the data communications and the decrease in news media reporting of computer-related losses as they become commonplace. Total business crime is conjectured to be decreasing in frequency and increasing in loss per case as a result of increasing computer use. Computer crimes are probably increasing, however, as their share of the decreasing business crime rate grows. Ultimately all business crime will involve computers in some way, and we could see a decline of both together. The important information security measures in high-loss business crime generally concern controls over authorized people engaged in unauthorized activities. Such controls include authentication of users, analysis of detailed audit records, unannounced audits, segregation of development and production systems and duties, shielding the viewing of screens, and security awareness and motivation controls in high-value transaction areas. Computer crimes that involve highly publicized intriguing computer misuse methods, such as privacy violations, radio frequency emanations eavesdropping, and computer viruses, have been reported in waves that periodically have saturated the news media during the past 20 years. We must be able to anticipate such highly publicized crimes and reduce the impact and embarrassment they cause. On the basis of our most recent experience, I propose nine new types of computer crime to be aware of: computer larceny (theft and burglary of small computers), automated hacking (use of computer programs to intrude), electronic data interchange fraud (business transaction fraud), Trojan bomb extortion and sabotage (code security inserted into others' systems that can be triggered to cause damage), LANarchy (unknown equipment in use), desktop forgery (computerized forgery and counterfeiting of documents), information anarchy (indiscriminate use of crypto without control), Internet abuse (antisocial use of data communications), and international industrial espionage (governments stealing business secrets). A wide variety of safeguards are necessary to deal with these new crimes. The most powerful controls include (1) carefully controlled use of cryptography and digital signatures with good key management and overriding business and government decryption capability and (2) use of tokens such as smart cards to increase the strength of secret passwords for authentication of computer users. Jewelry-type security for small computers--including registration of serial numbers and security inventorying of equipment, software, and connectivity--will be necessary. Other safeguards include automatic monitoring of computer use and detection of unusual activities, segmentation and filtering of networks, special paper and ink for documents, and reduction of paper documents. Finally, international cooperation of governments to create trusted environments for business is essential.

Security model for VM in cloud

NASA Astrophysics Data System (ADS)

Kanaparti, Venkataramana; Naveen K., R.; Rajani, S.; Padmvathamma, M.; Anitha, C.

2013-03-01

Cloud computing is a new approach emerged to meet ever-increasing demand for computing resources and to reduce operational costs and Capital Expenditure for IT services. As this new way of computation allows data and applications to be stored away from own corporate server, it brings more issues in security such as virtualization security, distributed computing, application security, identity management, access control and authentication. Even though Virtualization forms the basis for cloud computing it poses many threats in securing cloud. As most of Security threats lies at Virtualization layer in cloud we proposed this new Security Model for Virtual Machine in Cloud (SMVC) in which every process is authenticated by Trusted-Agent (TA) in Hypervisor as well as in VM. Our proposed model is designed to with-stand attacks by unauthorized process that pose threat to applications related to Data Mining, OLAP systems, Image processing which requires huge resources in cloud deployed on one or more VM's.

Semiquantum key distribution with secure delegated quantum computation

PubMed Central

Li, Qin; Chan, Wai Hong; Zhang, Shengyu

2016-01-01

Semiquantum key distribution allows a quantum party to share a random key with a “classical” party who only can prepare and measure qubits in the computational basis or reorder some qubits when he has access to a quantum channel. In this work, we present a protocol where a secret key can be established between a quantum user and an almost classical user who only needs the quantum ability to access quantum channels, by securely delegating quantum computation to a quantum server. We show the proposed protocol is robust even when the delegated quantum server is a powerful adversary, and is experimentally feasible with current technology. As one party of our protocol is the most quantum-resource efficient, it can be more practical and significantly widen the applicability scope of quantum key distribution. PMID:26813384

Close the Gate, Lock the Windows, Bolt the Doors: Securing Library Computers. Online Treasures

ERIC Educational Resources Information Center

Balas, Janet

2005-01-01

This article, written by a systems librarian at the Monroeville Public Library, discusses a major issue affecting all computer users, security. It indicates that while, staying up-to-date on the latest security issues has become essential for all computer users, it's more critical for network managers who are responsible for securing computer…

Developing a computer security training program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

1990-01-01

We all know that training can empower the computer protection program. However, pushing computer security information outside the computer security organization into the rest of the company is often labeled as an easy project or a dungeon full of dragons. Used in part or whole, the strategy offered in this paper may help the developer of a computer security training program ward off dragons and create products and services. The strategy includes GOALS (what the result of training will be), POINTERS (tips to ensure survival), and STEPS (products and services as a means to accomplish the goals).

Influence of parental attitudes towards Internet use on the employment of online safety measures at home.

PubMed

Floros, Georgios; Siomos, Konstantinos; Dafouli, Evaggelia; Fisoun, Virginia; Geroukalis, Dimitrios

2012-01-01

In this paper we present the results of a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet safety-related practices and attitudes towards the Internet. Total sample was 2017 students and 1214 parent responders. Research material included extended demographics and an Internet security questionnaire, the Internet Attitudes Scale (IAS) for parents and the Adolescent Computer Addiction Test (ACAT) for children and both parents. Both parents thus provided their views on their children's computer use and an estimate for their degree of computer addiction which was tested against their child's self-report. Results indicated that fathers and mothers who had negative views of the Internet, tended to encourage less their children to engage in online activities and worried more for the possibility that their child is addicted to computer use; their worries weren't correlated with their children's results. Parental views on the Internet had no effect on the level of security precautions they employed at home. Those parents who reported a low level of security knowledge and were unsure as to what their children were doing online, tended to consider their children more likely to be addicted to computer use; those views were confirmed by their children' self-reported results.

6 CFR 13.27 - Computation of time.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Computation of time. 13.27 Section 13.27 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROGRAM FRAUD CIVIL REMEDIES § 13.27 Computation of time. (a) In computing any period of time under this part or in an order issued...

Reviews on Security Issues and Challenges in Cloud Computing

NASA Astrophysics Data System (ADS)

An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

2016-11-01

Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

Information Systems, Security, and Privacy.

ERIC Educational Resources Information Center

Ware, Willis H.

1984-01-01

Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

Optimal resource allocation for defense of targets based on differing measures of attractiveness.

PubMed

Bier, Vicki M; Haphuriwat, Naraphorn; Menoyo, Jaime; Zimmerman, Rae; Culpen, Alison M

2008-06-01

This article describes the results of applying a rigorous computational model to the problem of the optimal defensive resource allocation among potential terrorist targets. In particular, our study explores how the optimal budget allocation depends on the cost effectiveness of security investments, the defender's valuations of the various targets, and the extent of the defender's uncertainty about the attacker's target valuations. We use expected property damage, expected fatalities, and two metrics of critical infrastructure (airports and bridges) as our measures of target attractiveness. Our results show that the cost effectiveness of security investment has a large impact on the optimal budget allocation. Also, different measures of target attractiveness yield different optimal budget allocations, emphasizing the importance of developing more realistic terrorist objective functions for use in budget allocation decisions for homeland security.

Intelligent cloud computing security using genetic algorithm as a computational tools

NASA Astrophysics Data System (ADS)

Razuky AL-Shaikhly, Mazin H.

2018-05-01

An essential change had occurred in the field of Information Technology which represented with cloud computing, cloud giving virtual assets by means of web yet awesome difficulties in the field of information security and security assurance. Currently main problem with cloud computing is how to improve privacy and security for cloud “cloud is critical security”. This paper attempts to solve cloud security by using intelligent system with genetic algorithm as wall to provide cloud data secure, all services provided by cloud must detect who receive and register it to create list of users (trusted or un-trusted) depend on behavior. The execution of present proposal has shown great outcome.

Margin and sensitivity methods for security analysis of electric power systems

NASA Astrophysics Data System (ADS)

Greene, Scott L.

Reliable operation of large scale electric power networks requires that system voltages and currents stay within design limits. Operation beyond those limits can lead to equipment failures and blackouts. Security margins measure the amount by which system loads or power transfers can change before a security violation, such as an overloaded transmission line, is encountered. This thesis shows how to efficiently compute security margins defined by limiting events and instabilities, and the sensitivity of those margins with respect to assumptions, system parameters, operating policy, and transactions. Security margins to voltage collapse blackouts, oscillatory instability, generator limits, voltage constraints and line overloads are considered. The usefulness of computing the sensitivities of these margins with respect to interarea transfers, loading parameters, generator dispatch, transmission line parameters, and VAR support is established for networks as large as 1500 buses. The sensitivity formulas presented apply to a range of power system models. Conventional sensitivity formulas such as line distribution factors, outage distribution factors, participation factors and penalty factors are shown to be special cases of the general sensitivity formulas derived in this thesis. The sensitivity formulas readily accommodate sparse matrix techniques. Margin sensitivity methods are shown to work effectively for avoiding voltage collapse blackouts caused by either saddle node bifurcation of equilibria or immediate instability due to generator reactive power limits. Extremely fast contingency analysis for voltage collapse can be implemented with margin sensitivity based rankings. Interarea transfer can be limited by voltage limits, line limits, or voltage stability. The sensitivity formulas presented in this thesis apply to security margins defined by any limit criteria. A method to compute transfer margins by directly locating intermediate events reduces the total number of loadflow iterations required by each margin computation and provides sensitivity information at minimal additional cost. Estimates of the effect of simultaneous transfers on the transfer margins agree well with the exact computations for a network model derived from a portion of the U.S grid. The accuracy of the estimates over a useful range of conditions and the ease of obtaining the estimates suggest that the sensitivity computations will be of practical value.

75 FR 38595 - Guidance to States Regarding Driver History Record Information Security, Continuity of Operation...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-02

... Standards and Technology's (NIST) Computer Security Division maintains a Computer Security Resource Center... Regarding Driver History Record Information Security, Continuity of Operation Planning, and Disaster... (SDLAs) to support their efforts at maintaining the security of information contained in the driver...

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Proposal for a Security Management in Cloud Computing for Health Care

PubMed Central

Dzombeta, Srdan; Brandis, Knud

2014-01-01

Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources. PMID:24701137

Proposal for a security management in cloud computing for health care.

PubMed

Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

2014-01-01

Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

Overview of Computer Security Certification and Accreditation. Final Report.

ERIC Educational Resources Information Center

Ruthberg, Zella G.; Neugent, William

Primarily intended to familiarize ADP (automatic data processing) policy and information resource managers with the approach to computer security certification and accreditation found in "Guideline to Computer Security Certification and Accreditation," Federal Information Processing Standards Publications (FIPS-PUB) 102, this overview…

Visualization Tools for Teaching Computer Security

ERIC Educational Resources Information Center

Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

2010-01-01

Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

A Study on Secure Medical-Contents Strategies with DRM Based on Cloud Computing

PubMed Central

Měsíček, Libor; Choi, Jongsun

2018-01-01

Many hospitals and medical clinics have been using a wearable sensor in its health care system because the wearable sensor, which is able to measure the patients' biometric information, has been developed to analyze their patients remotely. The measured information is saved to a server in a medical center, and the server keeps the medical information, which also involves personal information, on a cloud system. The server and network devices are used by connecting each other, and sensitive medical records are dealt with remotely. However, these days, the attackers, who try to attack the server or the network systems, are increasing. In addition, the server and the network system have a weak protection and security policy against the attackers. In this paper, it is suggested that security compliance of medical contents should be followed to improve the level of security. As a result, the medical contents are kept safely. PMID:29796233

A Study on Secure Medical-Contents Strategies with DRM Based on Cloud Computing.

PubMed

Ko, Hoon; Měsíček, Libor; Choi, Jongsun; Hwang, Seogchan

2018-01-01

Many hospitals and medical clinics have been using a wearable sensor in its health care system because the wearable sensor, which is able to measure the patients' biometric information, has been developed to analyze their patients remotely. The measured information is saved to a server in a medical center, and the server keeps the medical information, which also involves personal information, on a cloud system. The server and network devices are used by connecting each other, and sensitive medical records are dealt with remotely. However, these days, the attackers, who try to attack the server or the network systems, are increasing. In addition, the server and the network system have a weak protection and security policy against the attackers. In this paper, it is suggested that security compliance of medical contents should be followed to improve the level of security. As a result, the medical contents are kept safely.

Realization of Quantum Digital Signatures without the Requirement of Quantum Memory

NASA Astrophysics Data System (ADS)

Collins, Robert J.; Donaldson, Ross J.; Dunjko, Vedran; Wallden, Petros; Clarke, Patrick J.; Andersson, Erika; Jeffers, John; Buller, Gerald S.

2014-07-01

Digital signatures are widely used to provide security for electronic communications, for example, in financial transactions and electronic mail. Currently used classical digital signature schemes, however, only offer security relying on unproven computational assumptions. In contrast, quantum digital signatures offer information-theoretic security based on laws of quantum mechanics. Here, security against forging relies on the impossibility of perfectly distinguishing between nonorthogonal quantum states. A serious drawback of previous quantum digital signature schemes is that they require long-term quantum memory, making them impractical at present. We present the first realization of a scheme that does not need quantum memory and which also uses only standard linear optical components and photodetectors. In our realization, the recipients measure the distributed quantum signature states using a new type of quantum measurement, quantum state elimination. This significantly advances quantum digital signatures as a quantum technology with potential for real applications.

Unfalsifiability of security claims.

PubMed

Herley, Cormac

2016-06-07

There is an inherent asymmetry in computer security: Things can be declared insecure by observation, but not the reverse. There is no observation that allows us to declare an arbitrary system or technique secure. We show that this implies that claims of necessary conditions for security (and sufficient conditions for insecurity) are unfalsifiable. This in turn implies an asymmetry in self-correction: Whereas the claim that countermeasures are sufficient is always subject to correction, the claim that they are necessary is not. Thus, the response to new information can only be to ratchet upward: Newly observed or speculated attack capabilities can argue a countermeasure in, but no possible observation argues one out. Further, when justifications are unfalsifiable, deciding the relative importance of defensive measures reduces to a subjective comparison of assumptions. Relying on such claims is the source of two problems: once we go wrong we stay wrong and errors accumulate, and we have no systematic way to rank or prioritize measures.

Realization of quantum digital signatures without the requirement of quantum memory.

PubMed

Collins, Robert J; Donaldson, Ross J; Dunjko, Vedran; Wallden, Petros; Clarke, Patrick J; Andersson, Erika; Jeffers, John; Buller, Gerald S

2014-07-25

Digital signatures are widely used to provide security for electronic communications, for example, in financial transactions and electronic mail. Currently used classical digital signature schemes, however, only offer security relying on unproven computational assumptions. In contrast, quantum digital signatures offer information-theoretic security based on laws of quantum mechanics. Here, security against forging relies on the impossibility of perfectly distinguishing between nonorthogonal quantum states. A serious drawback of previous quantum digital signature schemes is that they require long-term quantum memory, making them impractical at present. We present the first realization of a scheme that does not need quantum memory and which also uses only standard linear optical components and photodetectors. In our realization, the recipients measure the distributed quantum signature states using a new type of quantum measurement, quantum state elimination. This significantly advances quantum digital signatures as a quantum technology with potential for real applications.

Computer Network Security: Best Practices for Alberta School Jurisdictions.

ERIC Educational Resources Information Center

Alberta Dept. of Education, Edmonton.

This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

Securely Measuring the Overlap between Private Datasets with Cryptosets

PubMed Central

Swamidass, S. Joshua; Matlock, Matthew; Rozenblit, Leon

2015-01-01

Many scientific questions are best approached by sharing data—collected by different groups or across large collaborative networks—into a combined analysis. Unfortunately, some of the most interesting and powerful datasets—like health records, genetic data, and drug discovery data—cannot be freely shared because they contain sensitive information. In many situations, knowing if private datasets overlap determines if it is worthwhile to navigate the institutional, ethical, and legal barriers that govern access to sensitive, private data. We report the first method of publicly measuring the overlap between private datasets that is secure under a malicious model without relying on private protocols or message passing. This method uses a publicly shareable summary of a dataset’s contents, its cryptoset, to estimate its overlap with other datasets. Cryptosets approach “information-theoretic” security, the strongest type of security possible in cryptography, which is not even crackable with infinite computing power. We empirically and theoretically assess both the accuracy of these estimates and the security of the approach, demonstrating that cryptosets are informative, with a stable accuracy, and secure. PMID:25714898

Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems

PubMed Central

Wu, Jun; Su, Zhou; Li, Jianhua

2017-01-01

Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on “friend” relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems. PMID:28758943

Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems.

PubMed

Wu, Jun; Su, Zhou; Wang, Shen; Li, Jianhua

2017-07-30

Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on "friend" relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems.

Excited-State Structure of Oligothiophene Dendrimers: Computational and Experimental Study

DTIC Science & Technology

2010-01-01

REPORT Excited-State Structure of Oligothiophene Dendrimers : Computational and Experimental Study 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: The...nature of one and two-photon absorption enhancement in a series of oligothiophene dendrimers , recently proposed for applications in entangled photon...upconversion measurements). The linear absorption spectra exhibit a red shift of the absorption maxima and broadening as a function of dendrimer generations

Additional Security Considerations for Grid Management

NASA Technical Reports Server (NTRS)

Eidson, Thomas M.

2003-01-01

The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

NASA Astrophysics Data System (ADS)

Fleischmann, Kenneth R.

The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

Quality and security - They work together

NASA Technical Reports Server (NTRS)

Carr, Richard; Tynan, Marie; Davis, Russell

1991-01-01

This paper describes the importance of considering computer security as part of software quality assurance practice. The intended audience is primarily those professionals involved in the design, development, and quality assurance of software. Many issues are raised which point to the need ultimately for integration of quality assurance and computer security disciplines. To address some of the issues raised, the NASA Automated Information Security program is presented as a model which may be used for improving interactions between the quality assurance and computer security community of professionals.

78 FR 15734 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0010] Privacy Act of 1974; Computer Matching Program AGENCY: Department of Homeland Security/U.S. Citizenship and... computer matching program between the Department of Homeland Security/U.S. Citizenship and Immigration...

78 FR 15733 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0008] Privacy Act of 1974; Computer Matching Program AGENCY: Department of Homeland Security/U.S. Citizenship and... computer matching program between the Department of Homeland Security/U.S. Citizenship and Immigration...

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

78 FR 38724 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-27

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0006] Privacy Act of 1974; Computer Matching Program AGENCY: Department of Homeland Security/U.S. Citizenship and... Agreement that establishes a computer matching program between the Department of Homeland Security/U.S...

15 CFR 30.5 - Electronic Export Information filing application and certification processes and standards.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Census Bureau's Foreign Trade Division Computer Security Officer and refrain from using AESDirect until... Bureau's Foreign Trade Division Computer Security Officer that the company's computer systems accessing... threat to national security interests such that its participation in postdeparture filing should be...

15 CFR 30.5 - Electronic Export Information filing application and certification processes and standards.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Census Bureau's Foreign Trade Division Computer Security Officer and refrain from using AESDirect until... Bureau's Foreign Trade Division Computer Security Officer that the company's computer systems accessing... threat to national security interests such that its participation in postdeparture filing should be...

15 CFR 30.5 - Electronic Export Information filing application and certification processes and standards.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Census Bureau's Foreign Trade Division Computer Security Officer and refrain from using AESDirect until... Bureau's Foreign Trade Division Computer Security Officer that the company's computer systems accessing... threat to national security interests such that its participation in postdeparture filing should be...

75 FR 18841 - Office for Civil Rights; Privacy Act of 1974, Amended System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

... Privacy Act of 1974, Federal Information Security Management Act of 2002, Computer Security Act of 1987... 1974, Federal Information Security Management Act of 2002, Computer Security Act of 1987, the Paperwork... Oversight, the Chair of the Senate Committee on Homeland Security and Governmental Affairs, and the...

Cloud Computing Security Issue: Survey

NASA Astrophysics Data System (ADS)

Kamal, Shailza; Kaur, Rajpreet

2011-12-01

Cloud computing is the growing field in IT industry since 2007 proposed by IBM. Another company like Google, Amazon, and Microsoft provides further products to cloud computing. The cloud computing is the internet based computing that shared recourses, information on demand. It provides the services like SaaS, IaaS and PaaS. The services and recourses are shared by virtualization that run multiple operation applications on cloud computing. This discussion gives the survey on the challenges on security issues during cloud computing and describes some standards and protocols that presents how security can be managed.

Challenges and Security in Cloud Computing

NASA Astrophysics Data System (ADS)

Chang, Hyokyung; Choi, Euiin

People who live in this world want to solve any problems as they happen then. An IT technology called Ubiquitous computing should help the situations easier and we call a technology which makes it even better and powerful cloud computing. Cloud computing, however, is at the stage of the beginning to implement and use and it faces a lot of challenges in technical matters and security issues. This paper looks at the cloud computing security.

A computer science approach to managing security in health care.

PubMed

Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

2002-09-01

The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

Modeling Security Aspects of Network

NASA Astrophysics Data System (ADS)

Schoch, Elmar

With more and more widespread usage of computer systems and networks, dependability becomes a paramount requirement. Dependability typically denotes tolerance or protection against all kinds of failures, errors and faults. Sources of failures can basically be accidental, e.g., in case of hardware errors or software bugs, or intentional due to some kind of malicious behavior. These intentional, malicious actions are subject of security. A more complete overview on the relations between dependability and security can be found in [31]. In parallel to the increased use of technology, misuse also has grown significantly, requiring measures to deal with it.

20 CFR 229.65 - Initial reduction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... wage (see § 225.2 of this chapter) used to compute the DIB O/M under the Social Security Act rules... that exceed the maximum used in computing social security benefits) for the 5 consecutive years after... earnings that exceed the maximum used in computing social security benefits) for the year of highest...

A Computational Model and Multi-Agent Simulation for Information Assurance

DTIC Science & Technology

2002-06-01

Podell , Information Security: an Integrated Collection of Essays, IEEE Computer Society Press, Los Alamitos, CA, 1994. Brinkley, D. L. and Schell, R...R., “What is There to Worry About? An Introduction to the Computer Security Problem,” ed. Abrams and Jajodia and Podell , Information Security: an

Business continuity strategies for cyber defence: battling time and information overload.

PubMed

Streufert, John

2010-11-01

Can the same numbers and letters which are the life blood of modern business and government computer systems be harnessed to protect computers from attack against known information security risks? For the past seven years, Foreign Service officers and technicians of the US Government have sought to maintain diplomatic operations in the face of rising cyber attacks and test the hypothesis that an ounce of prevention is worth a pound of cure. As eight out of ten attacks leverage known computer security vulnerabilities or configuration setting weaknesses, a pound of cure would seem to be easy to come by. Yet modern security tools present an unusually consequential threat to business continuity - too much rather than too little information on cyber problems is presented, harking back to a phenomenon cited by social scientists in the 1960s called 'information overload'. Experience indicates that the longer the most serious cyber problems go untreated, the wider the attack surface adversaries can find. One technique used at the Department of State, called 'risk scoring', resulted in an 89 per cent overall reduction in measured risk over 12 months for the Department of State's servers and personal computers. Later refinements of risk scoring enabled technicians to correct unique security threats with unprecedented speed. This paper explores how the use of metrics, special care in presenting information to technicians and executives alike, as well as tactical use of organisational incentives can result in stronger cyber defences protecting modern organisations.

Distributed intrusion detection system based on grid security model

NASA Astrophysics Data System (ADS)

Su, Jie; Liu, Yahui

2008-03-01

Grid computing has developed rapidly with the development of network technology and it can solve the problem of large-scale complex computing by sharing large-scale computing resource. In grid environment, we can realize a distributed and load balance intrusion detection system. This paper first discusses the security mechanism in grid computing and the function of PKI/CA in the grid security system, then gives the application of grid computing character in the distributed intrusion detection system (IDS) based on Artificial Immune System. Finally, it gives a distributed intrusion detection system based on grid security system that can reduce the processing delay and assure the detection rates.

A Lightweight Protocol for Secure Video Streaming

PubMed Central

Morkevicius, Nerijus; Bagdonas, Kazimieras

2018-01-01

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

A Lightweight Protocol for Secure Video Streaming.

PubMed

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

Demonstration of blind quantum computing.

PubMed

Barz, Stefanie; Kashefi, Elham; Broadbent, Anne; Fitzsimons, Joseph F; Zeilinger, Anton; Walther, Philip

2012-01-20

Quantum computers, besides offering substantial computational speedups, are also expected to preserve the privacy of a computation. We present an experimental demonstration of blind quantum computing in which the input, computation, and output all remain unknown to the computer. We exploit the conceptual framework of measurement-based quantum computation that enables a client to delegate a computation to a quantum server. Various blind delegated computations, including one- and two-qubit gates and the Deutsch and Grover quantum algorithms, are demonstrated. The client only needs to be able to prepare and transmit individual photonic qubits. Our demonstration is crucial for unconditionally secure quantum cloud computing and might become a key ingredient for real-life applications, especially when considering the challenges of making powerful quantum computers widely available.

76 FR 81477 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... sessions will be open to the public. The ISPAB was established by the Computer Security Act of 1987 (Pub. L... Secure Mobile Devices, --Panel Discussion on cyber R&D Strategy, and --Update of NIST Computer Security... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and...

Advanced computer graphic techniques for laser range finder (LRF) simulation

NASA Astrophysics Data System (ADS)

Bedkowski, Janusz; Jankowski, Stanislaw

2008-11-01

This paper show an advanced computer graphic techniques for laser range finder (LRF) simulation. The LRF is the common sensor for unmanned ground vehicle, autonomous mobile robot and security applications. The cost of the measurement system is extremely high, therefore the simulation tool is designed. The simulation gives an opportunity to execute algorithm such as the obstacle avoidance[1], slam for robot localization[2], detection of vegetation and water obstacles in surroundings of the robot chassis[3], LRF measurement in crowd of people[1]. The Axis Aligned Bounding Box (AABB) and alternative technique based on CUDA (NVIDIA Compute Unified Device Architecture) is presented.

Analyzing the security of an existing computer system

NASA Technical Reports Server (NTRS)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

PubMed

Caruso, Ronald D

2003-01-01

Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration (SSA). ACTION: Notice of renewal of an existing...

A Semantic Based Policy Management Framework for Cloud Computing Environments

ERIC Educational Resources Information Center

Takabi, Hassan

2013-01-01

Cloud computing paradigm has gained tremendous momentum and generated intensive interest. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this dissertation, we mainly focus on issues related to policy management and access…

Computer Security: the Achilles’ Heel of the Electronic Air Force?

DTIC Science & Technology

2013-02-01

commercials not enough. In the Pentagon a General Electric system called “GCOS” provided classified (secret) com- putation for the Air Staff and others...necessary computer function. January–February 2013 Air & Space Power Journal | 169 Historical Highlight Government designers not perfect. After the Pentagon ...laboratory computer to evaluate Multics as a potential multilevel secure computer for the Pentagon . Although it had the best security design of any system

Change Detection Algorithms for Information Assurance of Computer Networks

DTIC Science & Technology

2002-01-01

original document contains color images. 14. ABSTRACT see report 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18...number of computer attacks increases steadily per year. At the time of this writing the Internet Security Systems’ baseline assessment is that a new...across a network by exploiting security flaws in widely-used services offered by vulnerable computers. In order to locate the vulnerable computers, the

Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

PubMed Central

Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

2016-01-01

Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

PubMed

Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

2016-01-01

Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques.

Computer Security: The Human Element.

ERIC Educational Resources Information Center

Guynes, Carl S.; Vanacek, Michael T.

1981-01-01

The security and effectiveness of a computer system are dependent on the personnel involved. Improved personnel and organizational procedures can significantly reduce the potential for computer fraud. (Author/MLF)

75 FR 13258 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-19

.../index.html/ . Agenda: --Cloud Computing Implementations --Health IT --OpenID --Pending Cyber Security... will be available for the public and media. --OpenID --Cloud Computing Implementations --Security...

NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 2

ScienceCinema

Thomas D'Agostino

2017-12-09

Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

NNSA Administrator Addresses the Next Generation of Nuclear Security Professionals: Part 1

ScienceCinema

Thomas D'Agostino

2017-12-09

Administrator Thomas DAgostino of the National Nuclear Security Administration addressed the next generation of nuclear security professionals during the opening session of todays 2009 Department of Energy (DOE) Computational Science Graduate Fellowship Annual Conference. Administrator DAgostino discussed NNSAs role in implementing President Obamas nuclear security agenda and encouraged the computing science fellows to consider careers in nuclear security.

Embedding Secure Coding Instruction into the IDE: Complementing Early and Intermediate CS Courses with ESIDE

ERIC Educational Resources Information Center

Whitney, Michael; Lipford, Heather Richter; Chu, Bill; Thomas, Tyler

2018-01-01

Many of the software security vulnerabilities that people face today can be remediated through secure coding practices. A critical step toward the practice of secure coding is ensuring that our computing students are educated on these practices. We argue that secure coding education needs to be included across a computing curriculum. We are…

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2010 CFR

2010-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-18

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0055] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration. ACTION: Notice of a renewal of an existing...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2014 CFR

2014-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2012 CFR

2012-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2013 CFR

2013-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2011 CFR

2011-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

Computer-Based Testing: Test Site Security.

ERIC Educational Resources Information Center

Rosen, Gerald A.

Computer-based testing places great burdens on all involved parties to ensure test security. A task analysis of test site security might identify the areas of protecting the test, protecting the data, and protecting the environment as essential issues in test security. Protecting the test involves transmission of the examinations, identifying the…

Scale refinement and initial evaluation of a behavioral health function measurement tool for work disability evaluation.

PubMed

Marfeo, Elizabeth E; Ni, Pengsheng; Haley, Stephen M; Bogusz, Kara; Meterko, Mark; McDonough, Christine M; Chan, Leighton; Rasch, Elizabeth K; Brandt, Diane E; Jette, Alan M

2013-09-01

To use item response theory (IRT) data simulations to construct and perform initial psychometric testing of a newly developed instrument, the Social Security Administration Behavioral Health Function (SSA-BH) instrument, that aims to assess behavioral health functioning relevant to the context of work. Cross-sectional survey followed by IRT calibration data simulations. Community. Sample of individuals applying for Social Security Administration disability benefits: claimants (n=1015) and a normative comparative sample of U.S. adults (n=1000). None. SSA-BH measurement instrument. IRT analyses supported the unidimensionality of 4 SSA-BH scales: mood and emotions (35 items), self-efficacy (23 items), social interactions (6 items), and behavioral control (15 items). All SSA-BH scales demonstrated strong psychometric properties including reliability, accuracy, and breadth of coverage. High correlations of the simulated 5- or 10-item computer adaptive tests with the full item bank indicated robust ability of the computer adaptive testing approach to comprehensively characterize behavioral health function along 4 distinct dimensions. Initial testing and evaluation of the SSA-BH instrument demonstrated good accuracy, reliability, and content coverage along all 4 scales. Behavioral function profiles of Social Security Administration claimants were generated and compared with age- and sex-matched norms along 4 scales: mood and emotions, behavioral control, social interactions, and self-efficacy. Using the computer adaptive test-based approach offers the ability to collect standardized, comprehensive functional information about claimants in an efficient way, which may prove useful in the context of the Social Security Administration's work disability programs. Copyright © 2013 American Congress of Rehabilitation Medicine. Published by Elsevier Inc. All rights reserved.

A Formal Specification and Verification Method for the Prevention of Denial of Service in Ada Services

DTIC Science & Technology

1988-03-01

Mechanism; Computer Security. 16. PRICE CODE 17. SECURITY CLASSIFICATION IS. SECURITY CLASSIFICATION 19. SECURITY CLASSIFICATION 20. UMrrATION OF ABSTRACT...denial of service. This paper assumes that the reader is a computer science or engineering professional working in the area of formal specification and...recovery from such events as deadlocks and crashes can be accounted for in the computation of the waiting time for each service in the service hierarchy

Attribute based encryption for secure sharing of E-health data

NASA Astrophysics Data System (ADS)

Charanya, R.; Nithya, S.; Manikandan, N.

2017-11-01

Distributed computing is one of the developing innovations in IT part and information security assumes a real part. It includes sending gathering of remote server and programming that permit the unified information and online access to PC administrations. Distributed computing depends on offering of asset among different clients are additionally progressively reallocated on interest. Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. The reasons for security and protection issues, which rise on the grounds that the health information possessed by distinctive clients are put away in some cloud servers rather than under their own particular control”z. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed. In this paper, in order to make ehealth data’s more secure we use multi party in cloud computing system. Where the health data is encrypted using attributes and key policy. And the user with a particular attribute and key policy alone will be able to decrypt the health data after it is verified by “key distribution centre” and the “secure data distributor”. This technique can be used in medical field for secure storage of patient details and limiting to particular doctor access. To make data’s scalable secure we need to encrypt the health data before outsourcing.

Cognitive Computing for Security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Debenedictis, Erik; Rothganger, Fredrick; Aimone, James Bradley

Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

Composable security proof for continuous-variable quantum key distribution with coherent States.

PubMed

Leverrier, Anthony

2015-02-20

We give the first composable security proof for continuous-variable quantum key distribution with coherent states against collective attacks. Crucially, in the limit of large blocks the secret key rate converges to the usual value computed from the Holevo bound. Combining our proof with either the de Finetti theorem or the postselection technique then shows the security of the protocol against general attacks, thereby confirming the long-standing conjecture that Gaussian attacks are optimal asymptotically in the composable security framework. We expect that our parameter estimation procedure, which does not rely on any assumption about the quantum state being measured, will find applications elsewhere, for instance, for the reliable quantification of continuous-variable entanglement in finite-size settings.

Analysis on the security of cloud computing

NASA Astrophysics Data System (ADS)

He, Zhonglin; He, Yuhua

2011-02-01

Cloud computing is a new technology, which is the fusion of computer technology and Internet development. It will lead the revolution of IT and information field. However, in cloud computing data and application software is stored at large data centers, and the management of data and service is not completely trustable, resulting in safety problems, which is the difficult point to improve the quality of cloud service. This paper briefly introduces the concept of cloud computing. Considering the characteristics of cloud computing, it constructs the security architecture of cloud computing. At the same time, with an eye toward the security threats cloud computing faces, several corresponding strategies are provided from the aspect of cloud computing users and service providers.

Improving computer security by health smart card.

PubMed

Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

2003-01-01

The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual national implementation of the CPS project and the introduction of new functions using electronic signatures and encryption.

Enhanced delegated computing using coherence

NASA Astrophysics Data System (ADS)

Barz, Stefanie; Dunjko, Vedran; Schlederer, Florian; Moore, Merritt; Kashefi, Elham; Walmsley, Ian A.

2016-03-01

A longstanding question is whether it is possible to delegate computational tasks securely—such that neither the computation nor the data is revealed to the server. Recently, both a classical and a quantum solution to this problem were found [C. Gentry, in Proceedings of the 41st Annual ACM Symposium on the Theory of Computing (Association for Computing Machinery, New York, 2009), pp. 167-178; A. Broadbent, J. Fitzsimons, and E. Kashefi, in Proceedings of the 50th Annual Symposium on Foundations of Computer Science (IEEE Computer Society, Los Alamitos, CA, 2009), pp. 517-526]. Here, we study the first step towards the interplay between classical and quantum approaches and show how coherence can be used as a tool for secure delegated classical computation. We show that a client with limited computational capacity—restricted to an XOR gate—can perform universal classical computation by manipulating information carriers that may occupy superpositions of two states. Using single photonic qubits or coherent light, we experimentally implement secure delegated classical computations between an independent client and a server, which are installed in two different laboratories and separated by 50 m . The server has access to the light sources and measurement devices, whereas the client may use only a restricted set of passive optical devices to manipulate the information-carrying light beams. Thus, our work highlights how minimal quantum and classical resources can be combined and exploited for classical computing.

Enhancing Security by System-Level Virtualization in Cloud Computing Environments

NASA Astrophysics Data System (ADS)

Sun, Dawei; Chang, Guiran; Tan, Chunguang; Wang, Xingwei

Many trends are opening up the era of cloud computing, which will reshape the IT industry. Virtualization techniques have become an indispensable ingredient for almost all cloud computing system. By the virtual environments, cloud provider is able to run varieties of operating systems as needed by each cloud user. Virtualization can improve reliability, security, and availability of applications by using consolidation, isolation, and fault tolerance. In addition, it is possible to balance the workloads by using live migration techniques. In this paper, the definition of cloud computing is given; and then the service and deployment models are introduced. An analysis of security issues and challenges in implementation of cloud computing is identified. Moreover, a system-level virtualization case is established to enhance the security of cloud computing environments.

Computer Network Security- The Challenges of Securing a Computer Network

NASA Technical Reports Server (NTRS)

Scotti, Vincent, Jr.

2011-01-01

This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

EMRlog method for computer security for electronic medical records with logic and data mining.

PubMed

Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

2015-01-01

The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

PubMed Central

Frausto Solis, Juan; Monroy Borja, Raúl

2015-01-01

The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system. PMID:26495300

Study on Information Security and e-Trust in Spanish households

NASA Astrophysics Data System (ADS)

Aguado, José

The study on Information Security and e-Trust in Spanish households has been conducted by INTECO (The National Institute of Communication Technologies) through the Information Security Observatory. It is a study on the incidence and trust of users in the Internet by means of measuring the frequency of the episodes of individual risk in a wide sample of users that are monitored online on a monthly basis, combining quantitative data of incidences (monthly scans of home computers) and qualitative perception data (quarterly surveys). The study is supplied with data from more than 3,000 households with Internet connection, spread across the whole country.

The Naval Postgraduate School SECURE ARCHIVAL STORAGE SYSTEM. Part II. Segment and Process Management Implementation.

DTIC Science & Technology

1981-03-01

Research Instructor of Computer Scienr-. Reviewed by: Released by: WILLIAM M. TOLLES Department puter Science Dean of Research 4c t SECURITY...Lyle A. Cox, Roger R. Schell, and Sonja L. Perdue 9. PERFORMING ORGANIZATION NAME ANO ADDRESS 10. PROGRAM ELEMENT. PROJECT. TASK AREA A WORK UNIT... Computer Networks, Operating Systems, Computer Security 20. AftUrCT (Cnthm, w v re eae old* It n..*p and idm 0 F W blk ..m.m.o’) ",A_;he security

Private quantum computation: an introduction to blind quantum computing and related protocols

NASA Astrophysics Data System (ADS)

Fitzsimons, Joseph F.

2017-06-01

Quantum technologies hold the promise of not only faster algorithmic processing of data, via quantum computation, but also of more secure communications, in the form of quantum cryptography. In recent years, a number of protocols have emerged which seek to marry these concepts for the purpose of securing computation rather than communication. These protocols address the task of securely delegating quantum computation to an untrusted device while maintaining the privacy, and in some instances the integrity, of the computation. We present a review of the progress to date in this emerging area.

Secure or Insure: An Economic Analysis of Security Interdependencies and Investment Types

ERIC Educational Resources Information Center

Grossklags, Jens

2009-01-01

Computer users express a strong desire to prevent attacks, and to reduce the losses from computer and information security breaches. However, despite the widespread availability of various technologies, actual investments in security remain highly variable across the Internet population. As a result, attacks such as distributed denial-of-service…

78 FR 89 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-02

... Management and Budget, and the Director of NIST on security and privacy issues pertaining to federal computer... Computer Security Division. Note that agenda items may change without notice because of possible unexpected... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and...

Computer applications for the hospital security department--buying or developing a shift log reporting system.

PubMed

Gruber, T

1996-01-01

The author presents guidelines to help a security department select a computer system to track security activities--whether it's a commercial software product, an in-house developed program, or a do-it-yourself designed system. Computerized security activity reporting, he believes, is effective and beneficial.

Aviation security : vulnerabilities still exist in the aviation security system

DOT National Transportation Integrated Search

2000-04-06

The testimony today discusses the Federal Aviation Administration's (FAA) efforts to implement and improve security in two key areas: air traffic control computer systems and airport passenger screening checkpoints. Computer systems-and the informati...

Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

DOT National Transportation Integrated Search

1998-05-01

Given the paramount importance of computer security of Air Traffic Control (ATC) systems, Congress asked the General Accounting Office to determine (1) whether the Fedcral Aviation Administration (FAA) is effectively managing physical security at ATC...

Motivating Contributions for Home Computer Security

ERIC Educational Resources Information Center

Wash, Richard L.

2009-01-01

Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

Proposal for founding mistrustful quantum cryptography on coin tossing

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kent, Adrian; Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, Bristol BS34 8QZ,

2003-07-01

A significant branch of classical cryptography deals with the problems which arise when mistrustful parties need to generate, process, or exchange information. As Kilian showed a while ago, mistrustful classical cryptography can be founded on a single protocol, oblivious transfer, from which general secure multiparty computations can be built. The scope of mistrustful quantum cryptography is limited by no-go theorems, which rule out, inter alia, unconditionally secure quantum protocols for oblivious transfer or general secure two-party computations. These theorems apply even to protocols which take relativistic signaling constraints into account. The best that can be hoped for, in general, aremore » quantum protocols which are computationally secure against quantum attack. Here a method is described for building a classically certified bit commitment, and hence every other mistrustful cryptographic task, from a secure coin-tossing protocol. No security proof is attempted, but reasons are sketched why these protocols might resist quantum computational attack.« less

Analysis of Disaster Preparedness Planning Measures in DoD Computer Facilities

DTIC Science & Technology

1993-09-01

city, stae, aod ZP code) 10 Source of Funding Numbers SProgram Element No lProject No ITask No lWork Unit Accesion I 11 Title include security...Computer Disaster Recovery .... 13 a. PC and LAN Lessons Learned . . ..... 13 2. Distributed Architectures . . . .. . 14 3. Backups...amount of expense, but no client problems." (Leeke, 1993, p. 8) 2. Distributed Architectures The majority of operations that were disrupted by the

OS friendly microprocessor architecture: Hardware level computer security

NASA Astrophysics Data System (ADS)

Jungwirth, Patrick; La Fratta, Patrick

2016-05-01

We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

Unfalsifiability of security claims

PubMed Central

Herley, Cormac

2016-01-01

There is an inherent asymmetry in computer security: Things can be declared insecure by observation, but not the reverse. There is no observation that allows us to declare an arbitrary system or technique secure. We show that this implies that claims of necessary conditions for security (and sufficient conditions for insecurity) are unfalsifiable. This in turn implies an asymmetry in self-correction: Whereas the claim that countermeasures are sufficient is always subject to correction, the claim that they are necessary is not. Thus, the response to new information can only be to ratchet upward: Newly observed or speculated attack capabilities can argue a countermeasure in, but no possible observation argues one out. Further, when justifications are unfalsifiable, deciding the relative importance of defensive measures reduces to a subjective comparison of assumptions. Relying on such claims is the source of two problems: once we go wrong we stay wrong and errors accumulate, and we have no systematic way to rank or prioritize measures. PMID:27217574

Network gateway security method for enterprise Grid: a literature review

NASA Astrophysics Data System (ADS)

Sujarwo, A.; Tan, J.

2017-03-01

The computational Grid has brought big computational resources closer to scientists. It enables people to do a large computational job anytime and anywhere without any physical border anymore. However, the massive and spread of computer participants either as user or computational provider arise problems in security. The challenge is on how the security system, especially the one which filters data in the gateway could works in flexibility depends on the registered Grid participants. This paper surveys what people have done to approach this challenge, in order to find the better and new method for enterprise Grid. The findings of this paper is the dynamically controlled enterprise firewall to secure the Grid resources from unwanted connections with a new firewall controlling method and components.

A Test-Bed of Secure Mobile Cloud Computing for Military Applications

DTIC Science & Technology

2016-09-13

searching databases. This kind of applications is a typical example of mobile cloud computing (MCC). MCC has lots of applications in the military...Release; Distribution Unlimited UU UU UU UU 13-09-2016 1-Aug-2014 31-Jul-2016 Final Report: A Test-bed of Secure Mobile Cloud Computing for Military...Army Research Office P.O. Box 12211 Research Triangle Park, NC 27709-2211 Test-bed, Mobile Cloud Computing , Security, Military Applications REPORT

Computer network security for the radiology enterprise.

PubMed

Eng, J

2001-08-01

As computer networks become an integral part of the radiology practice, it is appropriate to raise concerns regarding their security. The purpose of this article is to present an overview of computer network security risks and preventive strategies as they pertain to the radiology enterprise. A number of technologies are available that provide strong deterrence against attacks on networks and networked computer systems in the radiology enterprise. While effective, these technologies must be supplemented with vigilant user and system management.

Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

ERIC Educational Resources Information Center

Buckman, Joel; Gold, Stephanie

2012-01-01

This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

Case Study: Creation of a Degree Program in Computer Security. White Paper.

ERIC Educational Resources Information Center

Belon, Barbara; Wright, Marie

This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

Understanding Mobile Apps

MedlinePlus

... share personal information let your kids spend real money — even if the app is free include ads link to social media What’s more, ... Money & Credit Homes & Mortgages Health & Fitness Jobs & Making ... Security "Free" Security Scans Computer Security Disposing of Old Computers ...

17 CFR 230.167 - Communications in connection with certain registered offerings of asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... § 230.415, ABS informational and computational material regarding such securities used after the... informational and computational material used in reliance on Securities Act Rule 167 (§ 230.167); and (iv) A...

17 CFR 230.167 - Communications in connection with certain registered offerings of asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... § 230.415, ABS informational and computational material regarding such securities used after the... informational and computational material used in reliance on Securities Act Rule 167 (§ 230.167); and (iv) A...

17 CFR 230.167 - Communications in connection with certain registered offerings of asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... § 230.415, ABS informational and computational material regarding such securities used after the... informational and computational material used in reliance on Securities Act Rule 167 (§ 230.167); and (iv) A...

17 CFR 230.167 - Communications in connection with certain registered offerings of asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... § 230.415, ABS informational and computational material regarding such securities used after the... informational and computational material used in reliance on Securities Act Rule 167 (§ 230.167); and (iv) A...

A Trusted Portable Computing Device

NASA Astrophysics Data System (ADS)

Ming-wei, Fang; Jun-jun, Wu; Peng-fei, Yu; Xin-fang, Zhang

A trusted portable computing device and its security mechanism were presented to solve the security issues, such as the attack of virus and Trojan horse, the lost and stolen of storage device, in mobile office. It used smart card to build a trusted portable security base, virtualization to create a secure virtual execution environment, two-factor authentication mechanism to identify legitimate users, and dynamic encryption to protect data privacy. The security environment described in this paper is characteristic of portability, security and reliability. It can meet the security requirement of mobile office.

The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

ERIC Educational Resources Information Center

Clarke, Marlon

2011-01-01

As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors…

A more secure parallel keyed hash function based on chaotic neural network

NASA Astrophysics Data System (ADS)

Huang, Zhongquan

2011-08-01

Although various hash functions based on chaos or chaotic neural network were proposed, most of them can not work efficiently in parallel computing environment. Recently, an algorithm for parallel keyed hash function construction based on chaotic neural network was proposed [13]. However, there is a strict limitation in this scheme that its secret keys must be nonce numbers. In other words, if the keys are used more than once in this scheme, there will be some potential security flaw. In this paper, we analyze the cause of vulnerability of the original one in detail, and then propose the corresponding enhancement measures, which can remove the limitation on the secret keys. Theoretical analysis and computer simulation indicate that the modified hash function is more secure and practical than the original one. At the same time, it can keep the parallel merit and satisfy the other performance requirements of hash function, such as good statistical properties, high message and key sensitivity, and strong collision resistance, etc.

21 CFR 1311.08 - Incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of Standards and Technology, Computer Security Division, Information Technology Laboratory, National... standards are available from the National Institute of Standards and Technology, Computer Security Division... 140-2, Security Requirements for Cryptographic Modules, May 25, 2001, as amended by Change Notices 2...

Interactive Synthesis of Code Level Security Rules

DTIC Science & Technology

2017-04-01

Interactive Synthesis of Code-Level Security Rules A Thesis Presented by Leo St. Amour to The Department of Computer Science in partial fulfillment...of the requirements for the degree of Master of Science in Computer Science Northeastern University Boston, Massachusetts April 2017 DISTRIBUTION...Abstract of the Thesis Interactive Synthesis of Code-Level Security Rules by Leo St. Amour Master of Science in Computer Science Northeastern University

Internet Geo-Location

DTIC Science & Technology

2017-12-01

space while absolutely refraining from issuing any measurement probes of its own, either before or after it is presented with the IP addresses... space , IP geolocation 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18. NUMBER OF PAGES 19a. NAME OF RESPONSIBLE PERSON ROBERT...since it computes predictions for the entire IP address space while absolutely refraining from issuing any measurement probes of its own, either

Secure distributed genome analysis for GWAS and sequence comparison computation.

PubMed

Zhang, Yihua; Blanton, Marina; Almashaqbeh, Ghada

2015-01-01

The rapid increase in the availability and volume of genomic data makes significant advances in biomedical research possible, but sharing of genomic data poses challenges due to the highly sensitive nature of such data. To address the challenges, a competition for secure distributed processing of genomic data was organized by the iDASH research center. In this work we propose techniques for securing computation with real-life genomic data for minor allele frequency and chi-squared statistics computation, as well as distance computation between two genomic sequences, as specified by the iDASH competition tasks. We put forward novel optimizations, including a generalization of a version of mergesort, which might be of independent interest. We provide implementation results of our techniques based on secret sharing that demonstrate practicality of the suggested protocols and also report on performance improvements due to our optimization techniques. This work describes our techniques, findings, and experimental results developed and obtained as part of iDASH 2015 research competition to secure real-life genomic computations and shows feasibility of securely computing with genomic data in practice.

Secure distributed genome analysis for GWAS and sequence comparison computation

PubMed Central

2015-01-01

Background The rapid increase in the availability and volume of genomic data makes significant advances in biomedical research possible, but sharing of genomic data poses challenges due to the highly sensitive nature of such data. To address the challenges, a competition for secure distributed processing of genomic data was organized by the iDASH research center. Methods In this work we propose techniques for securing computation with real-life genomic data for minor allele frequency and chi-squared statistics computation, as well as distance computation between two genomic sequences, as specified by the iDASH competition tasks. We put forward novel optimizations, including a generalization of a version of mergesort, which might be of independent interest. Results We provide implementation results of our techniques based on secret sharing that demonstrate practicality of the suggested protocols and also report on performance improvements due to our optimization techniques. Conclusions This work describes our techniques, findings, and experimental results developed and obtained as part of iDASH 2015 research competition to secure real-life genomic computations and shows feasibility of securely computing with genomic data in practice. PMID:26733307

A Security Monitoring Framework For Virtualization Based HEP Infrastructures

NASA Astrophysics Data System (ADS)

Gomez Ramirez, A.; Martinez Pedreira, M.; Grigoras, C.; Betev, L.; Lara, C.; Kebschull, U.; ALICE Collaboration

2017-10-01

High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware samples. This malware set was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

Non-developmental item computer systems and the malicious software threat

NASA Technical Reports Server (NTRS)

Bown, Rodney L.

1991-01-01

The following subject areas are covered: a DOD development system - the Army Secure Operating System; non-development commercial computer systems; security, integrity, and assurance of service (SI and A); post delivery SI and A and malicious software; computer system unique attributes; positive feedback to commercial computer systems vendors; and NDI (Non-Development Item) computers and software safety.

Securing the Data Storage and Processing in Cloud Computing Environment

ERIC Educational Resources Information Center

Owens, Rodney

2013-01-01

Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

Computer Virus Bibliography, 1988-1989.

ERIC Educational Resources Information Center

Bologna, Jack, Comp.

This bibliography lists 14 books, 154 journal articles, 34 newspaper articles, and 3 research papers published during 1988-1989 on the subject of computer viruses, software protection and 'cures', virus hackers, and other related issues. Some of the sources listed include Computers and Security, Computer Security Digest, PC Week, Time, the New…

Report: EPA’s Office of Environmental Information Should Improve Ariel Rios and Potomac Yard Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0879, September 26, 2012. The security posture and in-place environmental control review of the computer rooms in the Ariel Rios and Potomac Yard buildings revealed numerous security and environmental control deficiencies.

Design Principles and Guidelines for Security

DTIC Science & Technology

2007-11-21

Padula , Secure Computer Systems: Unified Exposition and Multics Interpretation. Electronic Systems Division, USAF. ESD-TR-75-306, MTR-2997 Rev.1...Hanscom AFB, MA. March 1976 [7] David Elliott Bell. “Looking Back at the Bell-La Padula Model,” Proc. Annual Computer Security Applications Conference

20 CFR 225.15 - Overall Minimum PIA.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Security Act based on combined railroad and social security earnings. The Overall Minimum PIA is used in computing the social security overall minimum guaranty amount. The overall minimum guaranty rate annuity... INSURANCE AMOUNT DETERMINATIONS PIA's Used in Computing Employee, Spouse and Divorced Spouse Annuities § 225...

National Computer Security Conference Proceedings (11th): A Postscript: Computer Security--Into the Future, 17-20 October 1988

DTIC Science & Technology

1988-10-20

The LOCK project , from its very beginnings as an implementation study for the Provably Secure Operating System in 1979...to the security field, can study to gain insight into the evaluation process. The project has developed an innovative format for the DTLS and FTLS...management tern becomes available, the Al Secure DBMS will be system (DBMS) that is currently being developed un- ported to it . der the Advanced

MODELING AND PERFORMANCE EVALUATION FOR AVIATION SECURITY CARGO INSPECTION QUEUING SYSTEM

DOE Office of Scientific and Technical Information (OSTI.GOV)

Allgood, Glenn O; Olama, Mohammed M; Rose, Terri A

Beginning in 2010, the U.S. will require that all cargo loaded in passenger aircraft be inspected. This will require more efficient processing of cargo and will have a significant impact on the inspection protocols and business practices of government agencies and the airlines. In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, and throughput. These metrics aremore » performance indicators of the system s ability to service current needs and response capacity to additional requests. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures will reduce the overall cost and shipping delays associated with the new inspection requirements.« less

Report: EPA’s Radiation and Indoor Environments National Laboratory Should Improve Its Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0847, September 21, 2012.Our review of the security posture and in-place environmental controls of EPA’s Radiation and Indoor Environments National Laboratory computer room disclosed an array of security and environmental control deficiencies.

Computing Legacy Software Behavior to Understand Functionality and Security Properties: An IBM/370 Demonstration

DOE Office of Scientific and Technical Information (OSTI.GOV)

Linger, Richard C; Pleszkoch, Mark G; Prowell, Stacy J

Organizations maintaining mainframe legacy software can benefit from code modernization and incorporation of security capabilities to address the current threat environment. Oak Ridge National Laboratory is developing the Hyperion system to compute the behavior of software as a means to gain understanding of software functionality and security properties. Computation of functionality is critical to revealing security attributes, which are in fact specialized functional behaviors of software. Oak Ridge is collaborating with MITRE Corporation to conduct a demonstration project to compute behavior of legacy IBM Assembly Language code for a federal agency. The ultimate goal is to understand functionality and securitymore » vulnerabilities as a basis for code modernization. This paper reports on the first phase, to define functional semantics for IBM Assembly instructions and conduct behavior computation experiments.« less

Test Administration Models

ERIC Educational Resources Information Center

Becker, Kirk A.; Bergstrom, Betty A.

2013-01-01

The need for increased exam security, improved test formats, more flexible scheduling, better measurement, and more efficient administrative processes has caused testing agencies to consider converting the administration of their exams from paper-and-pencil to computer-based testing (CBT). Many decisions must be made in order to provide an optimal…

Computers Launch Faster, Better Job Matching

ERIC Educational Resources Information Center

Stevenson, Gloria

1976-01-01

Employment Security Automation Project (ESAP), a five-year program sponsored by the Employment and Training Administration, features an innovative computer-assisted job matching system and instantaneous computer-assisted service for unemployment insurance claimants. ESAP will also consolidate existing automated employment security systems to…

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption

PubMed Central

2015-01-01

Background The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. Methods We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. Results The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Conclusions Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics. PMID:26733391

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption.

PubMed

Zhang, Yuchen; Dai, Wenrui; Jiang, Xiaoqian; Xiong, Hongkai; Wang, Shuang

2015-01-01

The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics.

Portable appliance security apparatus

NASA Technical Reports Server (NTRS)

Kerley, J. J. (Inventor)

1981-01-01

An apparatus for securing a small computer, or other portable appliance, against theft is described. It is comprised of a case having an open back through which the computer is installed or removed. Guide members in the form of slots are formed in a rear portion of opposite walls of the case for receiving a back plate to cover the opening and thereby secure the computer within the case. An opening formed in the top wall of the case exposes the keyboard and display of the computer. The back plate is locked in the closed position by a key-operated plug type lock. The lock is attached to one end of a hold down cable, the opposite end thereof being secured to a desk top or other stationary object. Thus, the lock simultaneously secures the back plate to the case and retains the case to the stationary object.

Optimizing Security of Cloud Computing within the DoD

DTIC Science & Technology

2010-12-01

information security governance and risk management; application security; cryptography; security architecture and design; operations security; business ...governance and risk management; application security; cryptography; security architecture and design; operations security; business continuity...20 7. Operational Security (OPSEC).........................................................20 8. Business Continuity Planning (BCP) and Disaster

Financial forecasts accuracy in Brazil's social security system.

PubMed

Silva, Carlos Patrick Alves da; Puty, Claudio Alberto Castelo Branco; Silva, Marcelino Silva da; Carvalho, Solon Venâncio de; Francês, Carlos Renato Lisboa

2017-01-01

Long-term social security statistical forecasts produced and disseminated by the Brazilian government aim to provide accurate results that would serve as background information for optimal policy decisions. These forecasts are being used as support for the government's proposed pension reform that plans to radically change the Brazilian Constitution insofar as Social Security is concerned. However, the reliability of official results is uncertain since no systematic evaluation of these forecasts has ever been published by the Brazilian government or anyone else. This paper aims to present a study of the accuracy and methodology of the instruments used by the Brazilian government to carry out long-term actuarial forecasts. We base our research on an empirical and probabilistic analysis of the official models. Our empirical analysis shows that the long-term Social Security forecasts are systematically biased in the short term and have significant errors that render them meaningless in the long run. Moreover, the low level of transparency in the methods impaired the replication of results published by the Brazilian Government and the use of outdated data compromises forecast results. In the theoretical analysis, based on a mathematical modeling approach, we discuss the complexity and limitations of the macroeconomic forecast through the computation of confidence intervals. We demonstrate the problems related to error measurement inherent to any forecasting process. We then extend this exercise to the computation of confidence intervals for Social Security forecasts. This mathematical exercise raises questions about the degree of reliability of the Social Security forecasts.

Financial forecasts accuracy in Brazil’s social security system

PubMed Central

2017-01-01

Long-term social security statistical forecasts produced and disseminated by the Brazilian government aim to provide accurate results that would serve as background information for optimal policy decisions. These forecasts are being used as support for the government’s proposed pension reform that plans to radically change the Brazilian Constitution insofar as Social Security is concerned. However, the reliability of official results is uncertain since no systematic evaluation of these forecasts has ever been published by the Brazilian government or anyone else. This paper aims to present a study of the accuracy and methodology of the instruments used by the Brazilian government to carry out long-term actuarial forecasts. We base our research on an empirical and probabilistic analysis of the official models. Our empirical analysis shows that the long-term Social Security forecasts are systematically biased in the short term and have significant errors that render them meaningless in the long run. Moreover, the low level of transparency in the methods impaired the replication of results published by the Brazilian Government and the use of outdated data compromises forecast results. In the theoretical analysis, based on a mathematical modeling approach, we discuss the complexity and limitations of the macroeconomic forecast through the computation of confidence intervals. We demonstrate the problems related to error measurement inherent to any forecasting process. We then extend this exercise to the computation of confidence intervals for Social Security forecasts. This mathematical exercise raises questions about the degree of reliability of the Social Security forecasts. PMID:28859172

75 FR 53005 - Privacy Act of 1974, as amended; Notice of Computer Matching Program (Railroad Retirement Board...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-30

... notice of its renewal of an ongoing computer-matching program with the Social Security Administration... computer-matching program with the Committee on Homeland Security and Governmental Affairs of the Senate... RAILROAD RETIREMENT BOARD Privacy Act of 1974, as amended; Notice of Computer Matching Program...

78 FR 34678 - Privacy Act of 1974, as Amended; Notice of Computer Matching Program (Railroad Retirement Board...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-10

... notice of its renewal of an ongoing computer-matching program with the Social Security Administration... computer-matching program with the Committee on Homeland Security and Governmental Affairs of the Senate... RAILROAD RETIREMENT BOARD Privacy Act of 1974, as Amended; Notice of Computer Matching Program...

76 FR 12397 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Bureau of the Public Debt (BPD...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-07

...; Computer Matching Program (SSA/ Bureau of the Public Debt (BPD))--Match Number 1038 AGENCY: Social Security... as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... containing SSNs extracted from the Supplemental Security Record database. Exchanges for this computer...

78 FR 12128 - Privacy Act of 1974; Computer Matching Program (SSA/Department of the Treasury, Internal Revenue...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0067] Privacy Act of 1974; Computer Matching... Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503...

New security infrastructure model for distributed computing systems

NASA Astrophysics Data System (ADS)

Dubenskaya, J.; Kryukov, A.; Demichev, A.; Prikhodko, N.

2016-02-01

At the paper we propose a new approach to setting up a user-friendly and yet secure authentication and authorization procedure in a distributed computing system. The security concept of the most heterogeneous distributed computing systems is based on the public key infrastructure along with proxy certificates which are used for rights delegation. In practice a contradiction between the limited lifetime of the proxy certificates and the unpredictable time of the request processing is a big issue for the end users of the system. We propose to use unlimited in time hashes which are individual for each request instead of proxy certificate. Our approach allows to avoid using of the proxy certificates. Thus the security infrastructure of distributed computing system becomes easier for development, support and use.

Application of Energy Function as a Measure of Error in the Numerical Solution for Online Transient Stability Assessment

NASA Astrophysics Data System (ADS)

Sarojkumar, K.; Krishna, S.

2016-08-01

Online dynamic security assessment (DSA) is a computationally intensive task. In order to reduce the amount of computation, screening of contingencies is performed. Screening involves analyzing the contingencies with the system described by a simpler model so that computation requirement is reduced. Screening identifies those contingencies which are sure to not cause instability and hence can be eliminated from further scrutiny. The numerical method and the step size used for screening should be chosen with a compromise between speed and accuracy. This paper proposes use of energy function as a measure of error in the numerical solution used for screening contingencies. The proposed measure of error can be used to determine the most accurate numerical method satisfying the time constraint of online DSA. Case studies on 17 generator system are reported.

Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

ERIC Educational Resources Information Center

Waguespack, Leslie J.

2014-01-01

With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

76 FR 30150 - Establishment of a New System of Records for Personal Information Collected by the Environmental...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-24

... the entire information system with respect to computer security, prohibition and detection of any.... Safeguards: --Computer-stored information is protected in accordance with the Agency's security requirements..., loaner car agreement, cash incentives agreement (includes social security number for mandatory tax...

Survey of methods for secure connection to the internet

NASA Astrophysics Data System (ADS)

Matsui, Shouichi

1994-04-01

This paper describes a study of a security method of protecting inside network computers against outside miscreants and unwelcome visitors and a control method when these computers are connected with the Internet. In the present Internet, a method to encipher all data cannot be used, so that it is necessary to utilize PEM (Privacy Enhanced Mail) capable of the encipherment and conversion of secret information. For preventing miscreant access by eavesdropping password, one-time password is effective. The most cost-effective method is a firewall system. This system lies between the outside and inside network. By limiting computers that directly communicate with the Internet, control is centralized and inside network security is protected. If the security of firewall systems is strictly controlled under correct setting, security within the network can be secured even in open networks such as the Internet.

Birds of a Feather: Supporting Secure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Braswell III, H V

2006-04-24

Over the past few years Lawrence Livermore National Laboratory has begun the process of moving to a diskless environment in the Secure Computer Support realm. This movement has included many moving targets and increasing support complexity. We would like to set up a forum for Security and Support professionals to get together from across the Complex and discuss current deployments, lessons learned, and next steps. This would include what hardware, software, and hard copy based solutions are being used to manage Secure Computing. The topics to be discussed include but are not limited to: Diskless computing, port locking and management,more » PC, Mac, and Linux/UNIX support and setup, system imaging, security setup documentation and templates, security documentation and management, customer tracking, ticket tracking, software download and management, log management, backup/disaster recovery, and mixed media environments.« less

Secure public cloud platform for medical images sharing.

PubMed

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

Computer simulation of functioning of elements of security systems

NASA Astrophysics Data System (ADS)

Godovykh, A. V.; Stepanov, B. P.; Sheveleva, A. A.

2017-01-01

The article is devoted to issues of development of the informational complex for simulation of functioning of the security system elements. The complex is described from the point of view of main objectives, a design concept and an interrelation of main elements. The proposed conception of the computer simulation provides an opportunity to simulate processes of security system work for training security staff during normal and emergency operation.

A rhythm-based authentication scheme for smart media devices.

PubMed

Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk

2014-01-01

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

A Rhythm-Based Authentication Scheme for Smart Media Devices

PubMed Central

Lee, Jae Dong; Park, Jong Hyuk

2014-01-01

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience. PMID:25110743

Detecting eavesdropping activity in fiber optic networks

NASA Astrophysics Data System (ADS)

MacDonald, Gregory G.

The secure transmission of data is critical to governments, military organizations, financial institutions, health care providers and other enterprises. The primary method of securing in-transit data is though data encryption. A number of encryption methods exist but the fundamental approach is to assume an eavesdropper has access to the encrypted message but does not have the computing capability to decrypt the message in a timely fashion. Essentially, the strength of security depends on the complexity of the encryption method and the resources available to the eavesdropper. The development of future technologies, most notably quantum computers and quantum computing, is often cited as a direct threat to traditional encryption schemes. It seems reasonable that additional effort should be placed on prohibiting the eavesdropper from coming into possession of the encrypted message in the first place. One strategy for denying possession of the encrypted message is to secure the physical layer of the communications path. Because the majority of transmitted information is over fiber-optic networks, it seems appropriate to consider ways of enhancing the integrity and security of the fiber-based physical layer. The purpose of this research is to investigate the properties of light, as they are manifested in single mode fiber, as a means of insuring the integrity and security of the physical layer of a fiber-optic based communication link. Specifically, the approach focuses on the behavior of polarization in single mode fiber, as it is shown to be especially sensitive to fiber geometry. Fiber geometry is necessarily modified during the placement of optical taps. The problem of detecting activity associated with the placement of an optical tap is herein approached as a supervised machine learning anomaly identification task. The inputs include raw polarization measurements along with additional features derived from various visualizations of the raw data (the inputs are collectively referred to as “features”). Extreme Value Theory (EVT) is proposed as a means of characterizing normal polarization fluctuations in optical fiber. New uses (as anomaly detectors) are proposed for some long-time statistics (Ripley’s K function, its variant the L function, and the Hopkins statistic). These metrics are shown to have good discriminating qualities when identifying anomalous polarization measurements. The metrics have such good performance only simple algorithms are necessary for identifying modifications to fiber geometry.

A secure file manager for UNIX

DOE Office of Scientific and Technical Information (OSTI.GOV)

DeVries, R.G.

1990-12-31

The development of a secure file management system for a UNIX-based computer facility with supercomputers and workstations is described. Specifically, UNIX in its usual form does not address: (1) Operation which would satisfy rigorous security requirements. (2) Online space management in an environment where total data demands would be many times the actual online capacity. (3) Making the file management system part of a computer network in which users of any computer in the local network could retrieve data generated on any other computer in the network. The characteristics of UNIX can be exploited to develop a portable, secure filemore » manager which would operate on computer systems ranging from workstations to supercomputers. Implementation considerations making unusual use of UNIX features, rather than requiring extensive internal system changes, are described, and implementation using the Cray Research Inc. UNICOS operating system is outlined.« less

Informatics in Radiology (infoRAD): personal computer security: part 2. Software Configuration and file protection.

PubMed

Caruso, Ronald D

2004-01-01

Proper configuration of software security settings and proper file management are necessary and important elements of safe computer use. Unfortunately, the configuration of software security options is often not user friendly. Safe file management requires the use of several utilities, most of which are already installed on the computer or available as freeware. Among these file operations are setting passwords, defragmentation, deletion, wiping, removal of personal information, and encryption. For example, Digital Imaging and Communications in Medicine medical images need to be anonymized, or "scrubbed," to remove patient identifying information in the header section prior to their use in a public educational or research environment. The choices made with respect to computer security may affect the convenience of the computing process. Ultimately, the degree of inconvenience accepted will depend on the sensitivity of the files and communications to be protected and the tolerance of the user. Copyright RSNA, 2004

A Dedicated Computational Platform for Cellular Monte Carlo T-CAD Software Tools

DTIC Science & Technology

2015-07-14

computer that establishes an encrypted Virtual Private Network ( OpenVPN [44]) based on the Secure Socket Layer (SSL) paradigm. Each user is given a...security certificate for each device used to connect to the computing nodes. Stable OpenVPN clients are available for Linux, Microsoft Windows, Apple OSX...platform is granted by an encrypted connection base on the Secure Socket Layer (SSL) protocol, and implemented in the OpenVPN Virtual Personal Network

The hack attack - Increasing computer system awareness of vulnerability threats

NASA Technical Reports Server (NTRS)

Quann, John; Belford, Peter

1987-01-01

The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).

76 FR 52353 - Assumption Buster Workshop: “Current Implementations of Cloud Computing Indicate a New Approach...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-22

... explored in this series is cloud computing. The workshop on this topic will be held in Gaithersburg, MD on October 21, 2011. Assertion: ``Current implementations of cloud computing indicate a new approach to security'' Implementations of cloud computing have provided new ways of thinking about how to secure data...

76 FR 43278 - Privacy Act; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-20

... computer (PC). The Security Management Officer's office remains locked when not in use. RETENTION AND... records to include names, addresses, social security numbers, service computation dates, leave usage data... that resides on a desktop computer. RETRIEVABILITY: Records maintained in file folders are indexed and...

78 FR 15730 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... 1974; Computer Matching Program AGENCY: U.S. Citizenship and Immigration Services, Department of... Matching Program between the Department of Homeland Security, U.S. Citizenship and Immigration Services and... computer matching program between the Department of Homeland Security, U.S. Citizenship and Immigration...

28 CFR 25.8 - System safeguards.

Code of Federal Regulations, 2012 CFR

2012-07-01

... justice agency computer site must have adequate physical security to protect against any unauthorized... Index is stored electronically for use in an FBI computer environment. The NICS central computer will... authorized personnel who have identified themselves and their need for access to a system security officer...

78 FR 15731 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0011] Privacy Act of 1974; Computer Matching Program AGENCY: Department of Homeland Security/U.S. Citizenship and Immigration Services. ACTION: Notice. Overview Information: Privacy Act of 1974; Computer Matching Program...

28 CFR 25.8 - System safeguards.

Code of Federal Regulations, 2010 CFR

2010-07-01

... justice agency computer site must have adequate physical security to protect against any unauthorized... Index is stored electronically for use in an FBI computer environment. The NICS central computer will... authorized personnel who have identified themselves and their need for access to a system security officer...

28 CFR 25.8 - System safeguards.

Code of Federal Regulations, 2013 CFR

2013-07-01

... justice agency computer site must have adequate physical security to protect against any unauthorized... Index is stored electronically for use in an FBI computer environment. The NICS central computer will... authorized personnel who have identified themselves and their need for access to a system security officer...

28 CFR 25.8 - System safeguards.

Code of Federal Regulations, 2011 CFR

2011-07-01

... justice agency computer site must have adequate physical security to protect against any unauthorized... Index is stored electronically for use in an FBI computer environment. The NICS central computer will... authorized personnel who have identified themselves and their need for access to a system security officer...

28 CFR 25.8 - System safeguards.

Code of Federal Regulations, 2014 CFR

2014-07-01

... justice agency computer site must have adequate physical security to protect against any unauthorized... Index is stored electronically for use in an FBI computer environment. The NICS central computer will... authorized personnel who have identified themselves and their need for access to a system security officer...

78 FR 15732 - Privacy Act of 1974; Computer Matching Program

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0007] Privacy Act of 1974; Computer Matching Program AGENCY: Department of Homeland Security/U.S. Citizenship and Immigration Services. ACTION: Notice. Overview Information: Privacy Act of 1974; Computer Matching Program...

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

The Role Of Moral Awareness In Computer Security

NASA Astrophysics Data System (ADS)

Stawinski, Arthur

1984-08-01

Maintaining security of databases and other computer systems requires constraining the behavior of those persons who are able to access these systems so that they do not obtain, alter, or abuse the information contained in these systems. Three types of constraints are available: Physical contraints are obstructions designed to prevent (or at least make difficult) access to data by unauthorized persons; external constraints restrict behavior through threat of detection and punishment; internal constraints are self-imposed limitations on behavior which are derived from a person's moral standards. This paper argues that an effective computer security program will require attention to internal constraints as well as physical and external ones. Recent developments in moral philosophy and the psychology of moral development have given us new understanding of how individuals grow in moral awareness and how this growth can be encouraged. These insights are the foundation for some practical proposals for encouraging morally responsible behavior by computer professionals and others with access to confidential data. The aim of this paper is to encourage computer security professionals to discuss, refine and incorporate systems of internal constraints in developing methods of maintaining security.

Department of Defense High Performance Computing Modernization Program. 2008 Annual Report

DTIC Science & Technology

2009-04-01

place to another on the network. Without it, a computer could only talk to itself - no email, no web browsing, and no iTunes . Most of the Internet...Your SecurID Card ), Ken Renard Secure Wireless, Rob Scott and Stephen Bowman Securing Today’s Networks, Rich Whittney, Juniper Networks, Federal

Telecommunications Policy Research Conference. Computer and Communications Security Section. Papers.

ERIC Educational Resources Information Center

Telecommunications Policy Research Conference, Inc., Washington, DC.

In his paper, "European Needs and Attitudes towards Information Security," Richard I. Polis notes that the needs for security in computer systems, telecommunications, and media are rather uniform throughout Western Europe, and are seen as being significantly different from the needs in the United States. Recognition of these needs is,…

Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

ERIC Educational Resources Information Center

Foltz, C. Bryan; Renwick, Janet S.

2011-01-01

The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

A Secure Framework for Location Verification in Pervasive Computing

NASA Astrophysics Data System (ADS)

Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

Tools for Administration of a UNIX-Based Network

NASA Technical Reports Server (NTRS)

LeClaire, Stephen; Farrar, Edward

2004-01-01

Several computer programs have been developed to enable efficient administration of a large, heterogeneous, UNIX-based computing and communication network that includes a variety of computers connected to a variety of subnetworks. One program provides secure software tools for administrators to create, modify, lock, and delete accounts of specific users. This program also provides tools for users to change their UNIX passwords and log-in shells. These tools check for errors. Another program comprises a client and a server component that, together, provide a secure mechanism to create, modify, and query quota levels on a network file system (NFS) mounted by use of the VERITAS File SystemJ software. The client software resides on an internal secure computer with a secure Web interface; one can gain access to the client software from any authorized computer capable of running web-browser software. The server software resides on a UNIX computer configured with the VERITAS software system. Directories where VERITAS quotas are applied are NFS-mounted. Another program is a Web-based, client/server Internet Protocol (IP) address tool that facilitates maintenance lookup of information about IP addresses for a network of computers.

A New Approach to Understanding Information Assurance

NASA Astrophysics Data System (ADS)

Blyth, Andrew; Williams, Colin; Bryant, Ian; Mattinson, Harvey

The growth of technologies such as ubiquitous and the mobile computing has resulted in the need for a rethinking of the security paradigm. Over the past forty years technology has made fast steps forward, yet most organisations still view security in terms of Confidentiality, Integrity and Availability (CIA). This model of security has expanded to include Non-Repudiation and Authentication. However this thinking fails to address the social, ethical and business requirements that the modern use of computing has generated. Today computing devices are integrated into every facet of business with the result that security technologies have struggled to keep pace with the rate of change. In this paper we will argue that the currently view that most organisations/stakeholders have of security is out-of-date, or in some cases wrong, and that the new view of security needs to be rooted in business impact and business function.

Survey on Security Issues in File Management in Cloud Computing Environment

NASA Astrophysics Data System (ADS)

Gupta, Udit

2015-06-01

Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Do You Lock Your Network Doors? Some Network Management Precautions.

ERIC Educational Resources Information Center

Neray, Phil

1997-01-01

Discusses security problems and solutions for networked organizations with Internet connections. Topics include access to private networks from electronic mail information; computer viruses; computer software; corporate espionage; firewalls, that is computers that stand between a local network and the Internet; passwords; and physical security.…

Analysis on the University’s Network Security Level System in the Big Data Era

NASA Astrophysics Data System (ADS)

Li, Tianli

2017-12-01

The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

Electronic patient data confidentiality practices among surgical trainees: questionnaire study.

PubMed

Mole, Damian J; Fox, Colin; Napolitano, Giulio

2006-10-01

The objective of this work was to evaluate the safeguards implemented by surgical trainees to protect the confidentiality of electronic patient data through a structured questionnaire sent to Northern Ireland surgical trainees. A group of 32 basic and higher surgical trainees attending a meeting of the Northern Ireland Association of Surgeons-in-Training were invited to complete a questionnaire regarding their computer use, UK Data Protection Act, 1988 registration and electronic data confidentiality practices. Of these 32 trainees, 29 returned completed questionnaires of whom 26 trainees regularly stored sensitive patient data for audit or research purposes on a computer. Only one person was registered under the Data Protection Act, 1988. Of the computers used to store and analyse sensitive data, only 3 of 14 desktops, 8 of 19 laptops and 3 of 14 hand-held computers forced a password logon. Of the 29 trainees, 16 used the same password for all machines, and 25 of 27 passwords were less than 8 characters long. Two respondents declined to reveal details of their secure passwords. Half of all trainees had never adjusted their internet security settings, despite all 14 desktops, 16 of 19 laptops and 5 of 14 hand-helds being routinely connected to the internet. Of the 29 trainees, 28 never encrypted their sensitive data files. Ten trainees had sent unencrypted sensitive patient data over the internet, using a non-secure server. Electronic data confidentiality practices amongst Northern Ireland surgical trainees are unsafe. Simple practical measures to safeguard confidentiality are recommended.

Theoretical Interpretation of the Fluorescence Spectra of Toluene and P- Cresol

DTIC Science & Technology

1994-07-01

NUMBER OF PAGES Toluene Geometrica 25 p-Cresol Fluorescence Is. PRICE CODE Spectra 17. SECURITY CLASSIFICATION 13. SECURITY CLASSIFICATION 19...State Frequencies of Toluene ................ 19 6 Computed and exp" Ground State Frequencies of p-Cresol ............... 20 7 Correction Factors for...Computed Ground State Vibrational Frequencies ....... 21 8 Computed and Corrected Excited State Frequencies of Toluene ............. 22 9 Computed and

An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

ERIC Educational Resources Information Center

Bergart, Jeffrey G.; And Others

This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

Marine Corps Private Cloud Computing Environment Strategy

DTIC Science & Technology

2012-05-15

leveraging economies of scale through the MCEITS PCCE, the Marine Corps will measure consumed IT resources more effectively, increase or decrease...flexible broad network access, resource pooling, elastic provisioning and measured services. By leveraging economies of scale the Marine Corps will be able...IaaS SaaS / IaaS 1 1 LCE I ACE Dets I I I I ------------------~ GIG / CJ Internet Security Boundary MCEN I DISN r :------------------ MCEN

Protecting software agents from malicious hosts using quantum computing

NASA Astrophysics Data System (ADS)

Reisner, John; Donkor, Eric

2000-07-01

We evaluate how quantum computing can be applied to security problems for software agents. Agent-based computing, which merges technological advances in artificial intelligence and mobile computing, is a rapidly growing domain, especially in applications such as electronic commerce, network management, information retrieval, and mission planning. System security is one of the more eminent research areas in agent-based computing, and the specific problem of protecting a mobile agent from a potentially hostile host is one of the most difficult of these challenges. In this work, we describe our agent model, and discuss the capabilities and limitations of classical solutions to the malicious host problem. Quantum computing may be extremely helpful in addressing the limitations of classical solutions to this problem. This paper highlights some of the areas where quantum computing could be applied to agent security.

17 CFR 171.4 - Computation of time.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Computation of time. 171.4 Section 171.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO... computing any period of time prescribed by these rules or allowed by the Commission, the day of the act...

17 CFR 12.5 - Computation of time.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Computation of time. 12.5 Section 12.5 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES RELATING TO... general. In computing any period of time prescribed by these rules or allowed by the Commission, the...

75 FR 43579 - Privacy Act of 1974; Computer Matching Program Between the Office of Personnel Management and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-26

... safeguards for disclosure of Social Security benefit information to OPM via direct computer link for the... OFFICE OF PERSONNEL MANAGEMENT Privacy Act of 1974; Computer Matching Program Between the Office of Personnel Management and Social Security Administration AGENCY: Office of Personnel Management...

78 FR 3474 - Privacy Act of 1974; Computer Matching Program Between the Office Of Personnel Management and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-16

... Security benefit information to OPM via direct computer link for the administration of certain programs by... OFFICE OF PERSONNEL MANAGEMENT Privacy Act of 1974; Computer Matching Program Between the Office Of Personnel Management and Social Security Administration AGENCY: Office of Personnel Management...

75 FR 68396 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Labor (DOL))-Match...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-05

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0052] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Labor (DOL))--Match Number 1003 AGENCY: Social Security... as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection...

78 FR 16564 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Personnel Management...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-15

... 1021 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of existing computer... above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0073] Privacy Act of 1974, as Amended...

78 FR 12127 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-21

... 1310 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer..., as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0007] Privacy Act of 1974, as Amended...

75 FR 51154 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-18

... 1310 AGENCY: Social Security Administration (SSA) ACTION: Notice of a renewal of an existing computer..., as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0035] Privacy Act of 1974, as Amended...

78 FR 69926 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Centers for Medicare & Medicaid...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0059] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Centers for Medicare & Medicaid Services (CMS))--Match Number 1076 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching...

76 FR 21091 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Centers for Medicare & Medicaid...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-14

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0022] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Centers for Medicare & Medicaid Services (CMS))--Match Number 1076 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching...

SPAN security policies and guidelines

NASA Technical Reports Server (NTRS)

Sisson, Patricia L.; Green, James L.

1989-01-01

A guide is provided to system security with emphasis on requirements and guidelines that are necessary to maintain an acceptable level of security on the network. To have security for the network, each node on the network must be secure. Therefore, each system manager, must strictly adhere to the requirements and must consider implementing the guidelines discussed. There are areas of vulnerability within the operating system that may not be addressed. However, when a requirement or guideline is discussed, implementation techniques are included. Information related to computer and data security is discussed to provide information on implementation options. The information is presented as it relates to a VAX computer environment.

Securing Secrets and Managing Trust in Modern Computing Applications

ERIC Educational Resources Information Center

Sayler, Andy

2016-01-01

The amount of digital data generated and stored by users increases every day. In order to protect this data, modern computing systems employ numerous cryptographic and access control solutions. Almost all of such solutions, however, require the keeping of certain secrets as the basis of their security models. How best to securely store and control…

Computer Security in the Introductory Business Information Systems Course: An Exploratory Study of Textbook Coverage

ERIC Educational Resources Information Center

Sousa, Kenneth J.; MacDonald, Laurie E.; Fougere, Kenneth T.

2005-01-01

The authors conducted an evaluation of Management Information Systems (MIS) textbooks and found that computer security receives very little in-depth coverage. The textbooks provide, at best, superficial treatment of security issues. The research results suggest that MIS faculty need to provide material to supplement the textbook to provide…

Security Meets Real-World Computing. Building Digital Libraries

ERIC Educational Resources Information Center

Huwe, Terence K.

2005-01-01

The author of this column describes several instances in which secure data on computers were compromised. In each of these instances, a different route was involved in gaining access to the secure data--one by office-based theft, one by hacking, and one by burglary. Is is proposed that the most difficult factor to guarantee in the protection of…

Information Technology Security and Human Risk: Exploring Factors of Unintended Insider Threat and Organizational Resilience

ERIC Educational Resources Information Center

Thompson, Eleanor Elizabeth

2014-01-01

That organizations face threats to the security of their computer systems from external hackers is well documented. Intentional or unintentional behaviors by organizational insiders can severely compromise computer security as well. Less is known, however, about the nature of this threat from insiders. The purpose of this study was to bridge this…

Database Design Methodology and Database Management System for Computer-Aided Structural Design Optimization.

DTIC Science & Technology

1984-12-01

52242 Prepared for the AIR FORCE OFFICE OF SCIENTIFIC RESEARCH Under Grant No. AFOSR 82-0322 December 1984 ~ " ’w Unclassified SECURITY CLASSIFICATION4...OF THIS PAGE REPORT DOCUMENTATION PAGE is REPORT SECURITY CLASSIFICATION lb. RESTRICTIVE MARKINGS Unclassified None 20 SECURITY CLASSIFICATION...designer .and computer- are 20 DIiRIBUTION/AVAILABI LIT Y 0P ABSTR4ACT 21 ABSTRACT SECURITY CLASSIFICA1ONr UNCLASSIFIED/UNLIMITED SAME AS APT OTIC USERS

Joint the Center for Applied Scientific Computing

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gamblin, Todd; Bremer, Timo; Van Essen, Brian

The Center for Applied Scientific Computing serves as Livermore Lab’s window to the broader computer science, computational physics, applied mathematics, and data science research communities. In collaboration with academic, industrial, and other government laboratory partners, we conduct world-class scientific research and development on problems critical to national security. CASC applies the power of high-performance computing and the efficiency of modern computational methods to the realms of stockpile stewardship, cyber and energy security, and knowledge discovery for intelligence applications.

Measurement-device-independent quantum digital signatures

NASA Astrophysics Data System (ADS)

Puthoor, Ittoop Vergheese; Amiri, Ryan; Wallden, Petros; Curty, Marcos; Andersson, Erika

2016-08-01

Digital signatures play an important role in software distribution, modern communication, and financial transactions, where it is important to detect forgery and tampering. Signatures are a cryptographic technique for validating the authenticity and integrity of messages, software, or digital documents. The security of currently used classical schemes relies on computational assumptions. Quantum digital signatures (QDS), on the other hand, provide information-theoretic security based on the laws of quantum physics. Recent work on QDS Amiri et al., Phys. Rev. A 93, 032325 (2016);, 10.1103/PhysRevA.93.032325 Yin, Fu, and Zeng-Bing, Phys. Rev. A 93, 032316 (2016), 10.1103/PhysRevA.93.032316 shows that such schemes do not require trusted quantum channels and are unconditionally secure against general coherent attacks. However, in practical QDS, just as in quantum key distribution (QKD), the detectors can be subjected to side-channel attacks, which can make the actual implementations insecure. Motivated by the idea of measurement-device-independent quantum key distribution (MDI-QKD), we present a measurement-device-independent QDS (MDI-QDS) scheme, which is secure against all detector side-channel attacks. Based on the rapid development of practical MDI-QKD, our MDI-QDS protocol could also be experimentally implemented, since it requires a similar experimental setup.

Energy Structure and Energy Security under Climate Mitigation Scenarios in China

PubMed Central

Matsumoto, Ken’ichi

2015-01-01

This study investigates how energy structure and energy security in China will change in the future under climate mitigation policy scenarios using Representative Concentration Pathways in a computable general equilibrium model. The findings suggest that to reduce greenhouse gas emissions, China needs to shift its energy structure from fossil fuel dominance to renewables and nuclear. The lower the allowable emissions, the larger the shifts required. Among fossil fuels, coal use particularly must significantly decrease. Such structural shifts will improve energy self-sufficiency, thus enhancing energy security. Under the policy scenarios, energy-source diversity as measured by the Herfindahl Index improves until 2050, after which diversity declines because of high dependence on a specific energy source (nuclear and biomass). Overall, however, it is revealed that energy security improves along with progress in climate mitigation. These improvements will also contribute to the economy by reducing energy procurement risks. PMID:26660094

Camouflaging in Digital Image for Secure Communication

NASA Astrophysics Data System (ADS)

Jindal, B.; Singh, A. P.

2013-06-01

The present paper reports on a new type of camouflaging in digital image for hiding crypto-data using moderate bit alteration in the pixel. In the proposed method, cryptography is combined with steganography to provide a two layer security to the hidden data. The novelty of the algorithm proposed in the present work lies in the fact that the information about hidden bit is reflected by parity condition in one part of the image pixel. The remaining part of the image pixel is used to perform local pixel adjustment to improve the visual perception of the cover image. In order to examine the effectiveness of the proposed method, image quality measuring parameters are computed. In addition to this, security analysis is also carried by comparing the histograms of cover and stego images. This scheme provides a higher security as well as robustness to intentional as well as unintentional attacks.

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-04-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-01-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

Physics of Information Assurance

DTIC Science & Technology

the United States Patent and Trademark Office on April 14, 2016. HfO memristor devices were measured over a range of temperatures up to 250C. They showed stability in performance at these elevated temperatures....Free Space Optical Data Transmission for Secure Computing patent application has a provisional application serial number 62/322,391 and was filed in

Protecting genomic data analytics in the cloud: state of the art and opportunities.

PubMed

Tang, Haixu; Jiang, Xiaoqian; Wang, Xiaofeng; Wang, Shuang; Sofia, Heidi; Fox, Dov; Lauter, Kristin; Malin, Bradley; Telenti, Amalio; Xiong, Li; Ohno-Machado, Lucila

2016-10-13

The outsourcing of genomic data into public cloud computing settings raises concerns over privacy and security. Significant advancements in secure computation methods have emerged over the past several years, but such techniques need to be rigorously evaluated for their ability to support the analysis of human genomic data in an efficient and cost-effective manner. With respect to public cloud environments, there are concerns about the inadvertent exposure of human genomic data to unauthorized users. In analyses involving multiple institutions, there is additional concern about data being used beyond agreed research scope and being prcoessed in untrused computational environments, which may not satisfy institutional policies. To systematically investigate these issues, the NIH-funded National Center for Biomedical Computing iDASH (integrating Data for Analysis, 'anonymization' and SHaring) hosted the second Critical Assessment of Data Privacy and Protection competition to assess the capacity of cryptographic technologies for protecting computation over human genomes in the cloud and promoting cross-institutional collaboration. Data scientists were challenged to design and engineer practical algorithms for secure outsourcing of genome computation tasks in working software, whereby analyses are performed only on encrypted data. They were also challenged to develop approaches to enable secure collaboration on data from genomic studies generated by multiple organizations (e.g., medical centers) to jointly compute aggregate statistics without sharing individual-level records. The results of the competition indicated that secure computation techniques can enable comparative analysis of human genomes, but greater efficiency (in terms of compute time and memory utilization) are needed before they are sufficiently practical for real world environments.

Secure Cloud Computing Implementation Study For Singapore Military Operations

DTIC Science & Technology

2016-09-01

COMPUTING IMPLEMENTATION STUDY FOR SINGAPORE MILITARY OPERATIONS by Lai Guoquan September 2016 Thesis Advisor: John D. Fulp Co-Advisor...DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE SECURE CLOUD COMPUTING IMPLEMENTATION STUDY FOR SINGAPORE MILITARY OPERATIONS 5. FUNDING NUMBERS...addition, from the military perspective, the benefits of cloud computing were analyzed from a study of the U.S. Department of Defense. Then, using

A security mechanism based on evolutionary game in fog computing.

PubMed

Sun, Yan; Lin, Fuhong; Zhang, Nan

2018-02-01

Fog computing is a distributed computing paradigm at the edge of the network and requires cooperation of users and sharing of resources. When users in fog computing open their resources, their devices are easily intercepted and attacked because they are accessed through wireless network and present an extensive geographical distribution. In this study, a credible third party was introduced to supervise the behavior of users and protect the security of user cooperation. A fog computing security mechanism based on human nervous system is proposed, and the strategy for a stable system evolution is calculated. The MATLAB simulation results show that the proposed mechanism can reduce the number of attack behaviors effectively and stimulate users to cooperate in application tasks positively.

Critical thinking traits of top-tier experts and implications for computer science education

NASA Astrophysics Data System (ADS)

Bushey, Dean E.

A documented shortage of technical leadership and top-tier performers in computer science jeopardizes the technological edge, security, and economic well-being of the nation. The 2005 President's Information and Technology Advisory Committee (PITAC) Report on competitiveness in computational sciences highlights the major impact of science, technology, and innovation in keeping America competitive in the global marketplace. It stresses the fact that the supply of science, technology, and engineering experts is at the core of America's technological edge, national competitiveness and security. However, recent data shows that both undergraduate and postgraduate production of computer scientists is falling. The decline is "a quiet crisis building in the United States," a crisis that, if allowed to continue unchecked, could endanger America's well-being and preeminence among the world's nations. Past research on expert performance has shown that the cognitive traits of critical thinking, creativity, and problem solving possessed by top-tier performers can be identified, observed and measured. The studies show that the identified attributes are applicable across many domains and disciplines. Companies have begun to realize that cognitive skills are important for high-level performance and are reevaluating the traditional academic standards they have used to predict success for their top-tier performers in computer science. Previous research in the computer science field has focused either on programming skills of its experts or has attempted to predict the academic success of students at the undergraduate level. This study, on the other hand, examines the critical-thinking skills found among experts in the computer science field in order to explore the questions, "What cognitive skills do outstanding performers possess that make them successful?" and "How do currently used measures of academic performance correlate to critical-thinking skills among students?" The results of this study suggest a need to examine how critical-thinking abilities are learned in the undergraduate computer science curriculum and the need to foster these abilities in order to produce the high-level, critical-thinking professionals necessary to fill the growing need for these experts. Due to the fact that current measures of academic performance do not adequately depict students' cognitive abilities, assessment of these skills must be incorporated into existing curricula.

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2013 CFR

2013-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2011 CFR

2011-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2014 CFR

2014-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2012 CFR

2012-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

Information Security in the Age of Cloud Computing

ERIC Educational Resources Information Center

Sims, J. Eric

2012-01-01

Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

77 FR 33547 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Centers for Medicare and Medicaid...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-06

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0015] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Centers for Medicare and Medicaid Services (CMS))--Match Number 1094 AGENCY: Social Security Administration (SSA). ACTION: Notice of a new computer matching program that will expire...

Business Administration and Computer Science Degrees: Earnings, Job Security, and Job Satisfaction

ERIC Educational Resources Information Center

Mehta, Kamlesh; Uhlig, Ronald

2017-01-01

This paper examines the potential of business administration vs. computer science degrees in terms of earnings, job security, and job satisfaction. The paper focuses on earnings potential five years and ten years after the completion of business administration and computer science degrees. Moreover, the paper presents the income changes with…

77 FR 62059 - Privacy Act of 1974, as Amended; Revisions to Existing Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-11

... and forms, microfilm or microfiche, and in computer processable storage media such as personnel system... 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986... apply: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer...

20 CFR 225.24 - SS Earnings PIA used in survivor annuities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Security Earnings PIA (SS Earnings PIA) used in survivor annuities may be used in computing the tier II... the Social Security Act as in effect on December 31, 1974. It is computed using the deceased employee... RETIREMENT ACT PRIMARY INSURANCE AMOUNT DETERMINATIONS PIA's Used in Computing Survivor Annuities and the...

Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria. Version 1.

DTIC Science & Technology

1987-07-01

for Secure Computer Systema, MTR-3153, The MITRE Corporation, Bedford, MA, June 1975. 1 See, for example, M. D. Abrams and H. J. Podell , Tutorial...References References Abrams, M. D. and H. J. Podell , Tutorial: Computer and Network Security, IEEE Com- puter Society Press, 1987. Addendum to the

17 CFR 10.5 - Computation of time.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Computation of time. 10.5 Section 10.5 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES OF PRACTICE... computed is to be included unless it is a Saturday, a Sunday, or a legal holiday; in which event the period...

77 FR 49849 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Child Support...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-17

...: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer-matching... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0021] Privacy Act of 1974, as Amended...

75 FR 32833 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Personnel Management...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-09

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2009-0077] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Office of Personnel Management (OPM))--Match 1307 AGENCY: Social Security... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503...

hPIN/hTAN: Low-Cost e-Banking Secure against Untrusted Computers

NASA Astrophysics Data System (ADS)

Li, Shujun; Sadeghi, Ahmad-Reza; Schmitz, Roland

We propose hPIN/hTAN, a low-cost token-based e-banking protection scheme when the adversary has full control over the user's computer. Compared with existing hardware-based solutions, hPIN/hTAN depends on neither second trusted channel, nor secure keypad, nor computationally expensive encryption module.

77 FR 38880 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Railroad Retirement Board (SSA...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-29

... Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that... regarding protections for such persons. The Privacy Act, as amended, regulates the use of computer matching... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0002] Privacy Act of 1974, as Amended...

77 FR 27108 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Child Support...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-08

...: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching... protections for such persons. The Privacy Act, as amended, regulates the use of computer matching by Federal... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0010] Privacy Act of 1974, as Amended...

78 FR 37647 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Railroad Retirement Board (RRB...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0010] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Railroad Retirement Board (RRB))--Match Number 1006 AGENCY: Social Security Administration. ACTION: Notice of a renewal of an existing computer matching program that will expire on...

78 FR 51264 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-20

... 1016 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer... above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0022] Privacy Act of 1974, as Amended...

77 FR 24756 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Labor (DOL))-Match...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-25

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0084] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Labor (DOL))--Match Number 1003 AGENCY: Social Security... above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988...

77 FR 6620 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/the States); Match 6000 and 6003

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-08

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0102] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ the States); Match 6000 and 6003 AGENCY: Social Security Administration..., as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection...

75 FR 18251 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Internal Revenue Service (IRS...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-09

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2009-0066] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Internal Revenue Service (IRS))--Match 1305 AGENCY: Social Security... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503...

76 FR 12398 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Bureau of the Public Debt (BPD...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-07

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0034] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Bureau of the Public Debt (BPD))--Match Number 1304 AGENCY: Social Security... as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection...

77 FR 24757 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Labor (DOL))-Match...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-25

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0083] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Labor (DOL))--Match Number 1015 AGENCY: Social Security... regarding protections for such persons. The Privacy Act, as amended, regulates the use of computer matching...

75 FR 62623 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Internal Revenue Service (IRS...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-12

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0015] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Internal Revenue Service (IRS))--Match Number 1016 AGENCY: Social Security... regarding protections for such persons. The Privacy Act, as amended, regulates the use of computer matching...

75 FR 59780 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Railroad Retirement Board (RRB...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-28

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0040] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Railroad Retirement Board (RRB))--Match Number 1006 AGENCY: Social Security...: A. General The Computer Matching and Privacy Protection Act of 1988 (Pub. L.) 100-503), amended the...

The 6th International Conference on Computer Science and Computational Mathematics (ICCSCM 2017)

NASA Astrophysics Data System (ADS)

2017-09-01

The ICCSCM 2017 (The 6th International Conference on Computer Science and Computational Mathematics) has aimed to provide a platform to discuss computer science and mathematics related issues including Algebraic Geometry, Algebraic Topology, Approximation Theory, Calculus of Variations, Category Theory; Homological Algebra, Coding Theory, Combinatorics, Control Theory, Cryptology, Geometry, Difference and Functional Equations, Discrete Mathematics, Dynamical Systems and Ergodic Theory, Field Theory and Polynomials, Fluid Mechanics and Solid Mechanics, Fourier Analysis, Functional Analysis, Functions of a Complex Variable, Fuzzy Mathematics, Game Theory, General Algebraic Systems, Graph Theory, Group Theory and Generalizations, Image Processing, Signal Processing and Tomography, Information Fusion, Integral Equations, Lattices, Algebraic Structures, Linear and Multilinear Algebra; Matrix Theory, Mathematical Biology and Other Natural Sciences, Mathematical Economics and Financial Mathematics, Mathematical Physics, Measure Theory and Integration, Neutrosophic Mathematics, Number Theory, Numerical Analysis, Operations Research, Optimization, Operator Theory, Ordinary and Partial Differential Equations, Potential Theory, Real Functions, Rings and Algebras, Statistical Mechanics, Structure Of Matter, Topological Groups, Wavelets and Wavelet Transforms, 3G/4G Network Evolutions, Ad-Hoc, Mobile, Wireless Networks and Mobile Computing, Agent Computing & Multi-Agents Systems, All topics related Image/Signal Processing, Any topics related Computer Networks, Any topics related ISO SC-27 and SC- 17 standards, Any topics related PKI(Public Key Intrastructures), Artifial Intelligences(A.I.) & Pattern/Image Recognitions, Authentication/Authorization Issues, Biometric authentication and algorithms, CDMA/GSM Communication Protocols, Combinatorics, Graph Theory, and Analysis of Algorithms, Cryptography and Foundation of Computer Security, Data Base(D.B.) Management & Information Retrievals, Data Mining, Web Image Mining, & Applications, Defining Spectrum Rights and Open Spectrum Solutions, E-Comerce, Ubiquitous, RFID, Applications, Fingerprint/Hand/Biometrics Recognitions and Technologies, Foundations of High-performance Computing, IC-card Security, OTP, and Key Management Issues, IDS/Firewall, Anti-Spam mail, Anti-virus issues, Mobile Computing for E-Commerce, Network Security Applications, Neural Networks and Biomedical Simulations, Quality of Services and Communication Protocols, Quantum Computing, Coding, and Error Controls, Satellite and Optical Communication Systems, Theory of Parallel Processing and Distributed Computing, Virtual Visions, 3-D Object Retrievals, & Virtual Simulations, Wireless Access Security, etc. The success of ICCSCM 2017 is reflected in the received papers from authors around the world from several countries which allows a highly multinational and multicultural idea and experience exchange. The accepted papers of ICCSCM 2017 are published in this Book. Please check http://www.iccscm.com for further news. A conference such as ICCSCM 2017 can only become successful using a team effort, so herewith we want to thank the International Technical Committee and the Reviewers for their efforts in the review process as well as their valuable advices. We are thankful to all those who contributed to the success of ICCSCM 2017. The Secretary

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

PubMed

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-07-24

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

A System Architecture to Support a Verifiably Secure Multilevel Security System.

DTIC Science & Technology

1980-06-01

4] Newmann, P.G., R. Fabry, K. Levitt, L. Robin - provide a tradeoff between cost and system secur- son, J. Wensley , "On the Design of a Provably ity...ICS-80/05 NL 112. 11W1 --1.25 1111 6 Mli,’O~ll Rl OIIION W AII .q3 0 School of Information and Computer Science S =GEORGIA INSTITUTE OF TECHNOLOGY 808...Multilevel Security Systemt (Extended Abstract) George I. Davida Department of Electical Engineering and Computer Science University of Wisconsin

Recommended Methodology for Inter-Service/Agency Automated Message Processing Exchange (I-S/A AMPE). Cost and Schedule Analysis of Security Alternatives.

DTIC Science & Technology

1982-02-23

segregate the computer and storage from the outside world 2. Administrative security to control access to secure computer facilities 3. Network security to...Classification Alternative A- 8 NETWORK KG GENSER DSSCS AMPE TERMINALS TP No. 022-4668-A Figure A-2. Dedicated Switching Architecture Alternative A- 9...communications protocol with the network and GENSER message transmission to the - I-S/A AMPE processor. 7. DSSCS TPU - Handles communications protocol with

75 FR 30411 - Privacy Act of 1974; Report of a Modified or Altered System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-01

... Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse... Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability... systems and data files necessary for compliance with Title XI, Part C of the Social Security Act because...

Complete Insecurity of Quantum Protocols for Classical Two-Party Computation

NASA Astrophysics Data System (ADS)

Buhrman, Harry; Christandl, Matthias; Schaffner, Christian

2012-10-01

A fundamental task in modern cryptography is the joint computation of a function which has two inputs, one from Alice and one from Bob, such that neither of the two can learn more about the other’s input than what is implied by the value of the function. In this Letter, we show that any quantum protocol for the computation of a classical deterministic function that outputs the result to both parties (two-sided computation) and that is secure against a cheating Bob can be completely broken by a cheating Alice. Whereas it is known that quantum protocols for this task cannot be completely secure, our result implies that security for one party implies complete insecurity for the other. Our findings stand in stark contrast to recent protocols for weak coin tossing and highlight the limits of cryptography within quantum mechanics. We remark that our conclusions remain valid, even if security is only required to be approximate and if the function that is computed for Bob is different from that of Alice.

Complete insecurity of quantum protocols for classical two-party computation.

PubMed

Buhrman, Harry; Christandl, Matthias; Schaffner, Christian

2012-10-19

A fundamental task in modern cryptography is the joint computation of a function which has two inputs, one from Alice and one from Bob, such that neither of the two can learn more about the other's input than what is implied by the value of the function. In this Letter, we show that any quantum protocol for the computation of a classical deterministic function that outputs the result to both parties (two-sided computation) and that is secure against a cheating Bob can be completely broken by a cheating Alice. Whereas it is known that quantum protocols for this task cannot be completely secure, our result implies that security for one party implies complete insecurity for the other. Our findings stand in stark contrast to recent protocols for weak coin tossing and highlight the limits of cryptography within quantum mechanics. We remark that our conclusions remain valid, even if security is only required to be approximate and if the function that is computed for Bob is different from that of Alice.

Near-IR photon number resolving detector design

NASA Astrophysics Data System (ADS)

Bogdanski, Jan; Huntington, Elanor H.

2013-05-01

Photon-Number-Resolving-Detection (PNRD) capability is crucial for many Quantum-Information (QI) applications, e.g. for Coherent-State-Quantum-Computing, Linear-Optics-Quantum-Computing. In Quantum-Key-Distribution and Quantum-Secret-Sharing over 1310/1550 nm fiber, two other important, defense and information security related, QI applications, it's crucial for the information transmission security to guarantee that the information carriers (photons) are single. Thus a PNRD can provide an additional security level against eavesdropping. Currently, there are at least a couple of promising PNRD technologies in the Near-Infrared, but all of them require cryogenic cooling. Thus a compact, portable PNRD, based on commercial Avalanche-Photo-Diodes (APDs), could be a very useful instrument for many QI experiments. For an APD-based PNRD, it is crucial to measure the APD-current in the beginning of the avalanche. Thus an efficient cancellation of the APD capacitive spikes is a necessary condition for the very weak APD current measurement. The detector's principle is based on two commercial, pair-matched InGaAs/InP APDs, connected in series. It leads to a great cancelation of the capacitive spikes caused by the narrow (300 ps), differential gate-pulses of maximum 4V amplitude assuming that both pulses are perfectly matched in regards to their phases, amplitudes, and shapes. The cancellation scheme could be used for other APD-technologies, e.g. Silicon, extending the detection spectrum from visible to NIR. The design distinguishes itself from other, APD-based, schemes by its scalability feature and its computer controlled cancellation of the capacitive spikes. Furthermore, both APDs could be equally used for the detection purpose, which opens a possibility for the odd-even photon number parity detection.

Hybrid cloud: bridging of private and public cloud computing

NASA Astrophysics Data System (ADS)

Aryotejo, Guruh; Kristiyanto, Daniel Y.; Mufadhol

2018-05-01

Cloud Computing is quickly emerging as a promising paradigm in the recent years especially for the business sector. In addition, through cloud service providers, cloud computing is widely used by Information Technology (IT) based startup company to grow their business. However, the level of most businesses awareness on data security issues is low, since some Cloud Service Provider (CSP) could decrypt their data. Hybrid Cloud Deployment Model (HCDM) has characteristic as open source, which is one of secure cloud computing model, thus HCDM may solve data security issues. The objective of this study is to design, deploy and evaluate a HCDM as Infrastructure as a Service (IaaS). In the implementation process, Metal as a Service (MAAS) engine was used as a base to build an actual server and node. Followed by installing the vsftpd application, which serves as FTP server. In comparison with HCDM, public cloud was adopted through public cloud interface. As a result, the design and deployment of HCDM was conducted successfully, instead of having good security, HCDM able to transfer data faster than public cloud significantly. To the best of our knowledge, Hybrid Cloud Deployment model is one of secure cloud computing model due to its characteristic as open source. Furthermore, this study will serve as a base for future studies about Hybrid Cloud Deployment model which may relevant for solving big security issues of IT-based startup companies especially in Indonesia.

Multi-Party Privacy-Preserving Set Intersection with Quasi-Linear Complexity

NASA Astrophysics Data System (ADS)

Cheon, Jung Hee; Jarecki, Stanislaw; Seo, Jae Hong

Secure computation of the set intersection functionality allows n parties to find the intersection between their datasets without revealing anything else about them. An efficient protocol for such a task could have multiple potential applications in commerce, health care, and security. However, all currently known secure set intersection protocols for n>2 parties have computational costs that are quadratic in the (maximum) number of entries in the dataset contributed by each party, making secure computation of the set intersection only practical for small datasets. In this paper, we describe the first multi-party protocol for securely computing the set intersection functionality with both the communication and the computation costs that are quasi-linear in the size of the datasets. For a fixed security parameter, our protocols require O(n2k) bits of communication and Õ(n2k) group multiplications per player in the malicious adversary setting, where k is the size of each dataset. Our protocol follows the basic idea of the protocol proposed by Kissner and Song, but we gain efficiency by using different representations of the polynomials associated with users' datasets and careful employment of algorithms that interpolate or evaluate polynomials on multiple points more efficiently. Moreover, the proposed protocol is robust. This means that the protocol outputs the desired result even if some corrupted players leave during the execution of the protocol.

State of the Art of Network Security Perspectives in Cloud Computing

NASA Astrophysics Data System (ADS)

Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

Bigdata Driven Cloud Security: A Survey

NASA Astrophysics Data System (ADS)

Raja, K.; Hanifa, Sabibullah Mohamed

2017-08-01

Cloud Computing (CC) is a fast-growing technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Recently, it has been observed that massive growth in the scale of data or big data generated through cloud computing. CC consists of a front-end, includes the users’ computers and software required to access the cloud network, and back-end consists of various computers, servers and database systems that create the cloud. In SaaS (Software as-a-Service - end users to utilize outsourced software), PaaS (Platform as-a-Service-platform is provided) and IaaS (Infrastructure as-a-Service-physical environment is outsourced), and DaaS (Database as-a-Service-data can be housed within a cloud), where leading / traditional cloud ecosystem delivers the cloud services become a powerful and popular architecture. Many challenges and issues are in security or threats, most vital barrier for cloud computing environment. The main barrier to the adoption of CC in health care relates to Data security. When placing and transmitting data using public networks, cyber attacks in any form are anticipated in CC. Hence, cloud service users need to understand the risk of data breaches and adoption of service delivery model during deployment. This survey deeply covers the CC security issues (covering Data Security in Health care) so as to researchers can develop the robust security application models using Big Data (BD) on CC (can be created / deployed easily). Since, BD evaluation is driven by fast-growing cloud-based applications developed using virtualized technologies. In this purview, MapReduce [12] is a good example of big data processing in a cloud environment, and a model for Cloud providers.

Securing While Sampling in Wireless Body Area Networks With Application to Electrocardiography.

PubMed

Dautov, Ruslan; Tsouri, Gill R

2016-01-01

Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources, and present an implementation obstacle in compact sensor nodes. This paper proposes a lightweight encryption framework augmenting compressed sensing with wireless physical layer security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key, and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm, as well as the predeployment of a key thereby conserving sensor node's limited resources. The proposed framework is evaluated using analysis, simulation, and experimentation applied to a wireless electrocardiogram setup consisting of a sensor node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor node and the access point.

An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing.

PubMed

Kumar, Vinod; Jangirala, Srinivas; Ahmad, Musheer

2018-06-28

The increasing role of Telecare Medicine Information Systems (TMIS) makes its accessibility for patients to explore medical treatment, accumulate and approach medical data through internet connectivity. Security and privacy preservation is necessary for medical data of the patient in TMIS because of the very perceptive purpose. Recently, Mohit et al.'s proposed a mutual authentication protocol for TMIS in the cloud computing environment. In this work, we reviewed their protocol and found that it is not secure against stolen verifier attack, many logged in patient attack, patient anonymity, impersonation attack, and fails to protect session key. For enhancement of security level, we proposed a new mutual authentication protocol for the similar environment. The presented framework is also more capable in terms of computation cost. In addition, the security evaluation of the protocol protects resilience of all possible security attributes, and we also explored formal security evaluation based on random oracle model. The performance of the proposed protocol is much better in comparison to the existing protocol.

Security and privacy issues in implantable medical devices: A comprehensive survey.

PubMed

Camara, Carmen; Peris-Lopez, Pedro; Tapiador, Juan E

2015-06-01

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015 Elsevier Inc. All rights reserved.

Bootstrapping and Maintaining Trust in the Cloud

DTIC Science & Technology

2016-12-01

proliferation and popularity of infrastructure-as-a- service (IaaS) cloud computing services such as Amazon Web Services and Google Compute Engine means...IaaS trusted computing system: • Secure Bootstrapping – the system should enable the tenant to securely install an initial root secret into each cloud ...elastically instantiated and terminated. Prior cloud trusted computing solutions address a subset of these features, but none achieve all. Excalibur [31] sup

78 FR 40541 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA)-Match Number 1014

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-05

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0019] Privacy Act of 1974, as Amended; Computer Matching Program (SSA)--Match Number 1014 AGENCY: Social Security Administration (SSA). [[Page 40542

Trusted computing strengthens cloud authentication.

PubMed

Ghazizadeh, Eghbal; Zamani, Mazdak; Ab Manan, Jamalul-lail; Alizadeh, Mojtaba

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.

Trusted Computing Strengthens Cloud Authentication

PubMed Central

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model. PMID:24701149

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo

2006-01-01

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglectedmore » or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .« less

Meeting the security requirements of electronic medical records in the ERA of high-speed computing.

PubMed

Alanazi, H O; Zaidan, A A; Zaidan, B B; Kiah, M L Mat; Al-Bakri, S H

2015-01-01

This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.

Security and privacy qualities of medical devices: an analysis of FDA postmarket surveillance.

PubMed

Kramer, Daniel B; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R

2012-01-01

Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients' stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware.

Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance

PubMed Central

Kramer, Daniel B.; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R.

2012-01-01

Background Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware. PMID:22829874

A Novel Fast and Secure Approach for Voice Encryption Based on DNA Computing

NASA Astrophysics Data System (ADS)

Kakaei Kate, Hamidreza; Razmara, Jafar; Isazadeh, Ayaz

2018-06-01

Today, in the world of information communication, voice information has a particular importance. One way to preserve voice data from attacks is voice encryption. The encryption algorithms use various techniques such as hashing, chaotic, mixing, and many others. In this paper, an algorithm is proposed for voice encryption based on three different schemes to increase flexibility and strength of the algorithm. The proposed algorithm uses an innovative encoding scheme, the DNA encryption technique and a permutation function to provide a secure and fast solution for voice encryption. The algorithm is evaluated based on various measures including signal to noise ratio, peak signal to noise ratio, correlation coefficient, signal similarity and signal frequency content. The results demonstrate applicability of the proposed method in secure and fast encryption of voice files

MCloud: Secure Provenance for Mobile Cloud Users

DTIC Science & Technology

2016-10-03

Feasibility of Smartphone Clouds , 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid). 04-MAY- 15, Shenzhen, China...final decision. MCloud: Secure Provenance for Mobile Cloud Users Final Report Bogdan Carbunar Florida International University Computing and...Release; Distribution Unlimited UU UU UU UU 03-10-2016 31-May-2013 30-May-2016 Final Report: MCloud: Secure Provenance for Mobile Cloud Users The views

Computing Game-Theoretic Solutions for Security in the Medium Term

DTIC Science & Technology

This project concerns the design of algorithms for computing game- theoretic solutions . (Game theory concerns how to act in a strategically optimal...way in environments with other agents who also seek to act optimally but have different , and possibly opposite, interests .) Such algorithms have...recently found application in a number of real-world security applications, including among others airport security, scheduling Federal Air Marshals, and

Securing SIFT: Privacy-preserving Outsourcing Computation of Feature Extractions Over Encrypted Image Data.

PubMed

Hu, Shengshan; Wang, Qian; Wang, Jingjun; Qin, Zhan; Ren, Kui

2016-05-13

Advances in cloud computing have greatly motivated data owners to outsource their huge amount of personal multimedia data and/or computationally expensive tasks onto the cloud by leveraging its abundant resources for cost saving and flexibility. Despite the tremendous benefits, the outsourced multimedia data and its originated applications may reveal the data owner's private information, such as the personal identity, locations or even financial profiles. This observation has recently aroused new research interest on privacy-preserving computations over outsourced multimedia data. In this paper, we propose an effective and practical privacy-preserving computation outsourcing protocol for the prevailing scale-invariant feature transform (SIFT) over massive encrypted image data. We first show that previous solutions to this problem have either efficiency/security or practicality issues, and none can well preserve the important characteristics of the original SIFT in terms of distinctiveness and robustness. We then present a new scheme design that achieves efficiency and security requirements simultaneously with the preservation of its key characteristics, by randomly splitting the original image data, designing two novel efficient protocols for secure multiplication and comparison, and carefully distributing the feature extraction computations onto two independent cloud servers. We both carefully analyze and extensively evaluate the security and effectiveness of our design. The results show that our solution is practically secure, outperforms the state-of-theart, and performs comparably to the original SIFT in terms of various characteristics, including rotation invariance, image scale invariance, robust matching across affine distortion, addition of noise and change in 3D viewpoint and illumination.

PRESAGE: PRivacy-preserving gEnetic testing via SoftwAre Guard Extension.

PubMed

Chen, Feng; Wang, Chenghong; Dai, Wenrui; Jiang, Xiaoqian; Mohammed, Noman; Al Aziz, Md Momin; Sadat, Md Nazmus; Sahinalp, Cenk; Lauter, Kristin; Wang, Shuang

2017-07-26

Advances in DNA sequencing technologies have prompted a wide range of genomic applications to improve healthcare and facilitate biomedical research. However, privacy and security concerns have emerged as a challenge for utilizing cloud computing to handle sensitive genomic data. We present one of the first implementations of Software Guard Extension (SGX) based securely outsourced genetic testing framework, which leverages multiple cryptographic protocols and minimal perfect hash scheme to enable efficient and secure data storage and computation outsourcing. We compared the performance of the proposed PRESAGE framework with the state-of-the-art homomorphic encryption scheme, as well as the plaintext implementation. The experimental results demonstrated significant performance over the homomorphic encryption methods and a small computational overhead in comparison to plaintext implementation. The proposed PRESAGE provides an alternative solution for secure and efficient genomic data outsourcing in an untrusted cloud by using a hybrid framework that combines secure hardware and multiple crypto protocols.

Use of Computer-Generated Holograms in Security Hologram Applications

NASA Astrophysics Data System (ADS)

Bulanovs, A.; Bakanas, R.

2016-10-01

The article discusses the use of computer-generated holograms (CGHs) for the application as one of the security features in the relief-phase protective holograms. An improved method of calculating CGHs is presented, based on ray-tracing approach in the case of interference of parallel rays. Software is developed for the calculation of multilevel phase CGHs and their integration in the application of security holograms. Topology of calculated computer-generated phase holograms was recorded on the photoresist by the optical greyscale lithography. Parameters of the recorded microstructures were investigated with the help of the atomic-force microscopy (AFM) and scanning electron microscopy (SEM) methods. The results of the research have shown highly protective properties of the security elements based on CGH microstructures. In our opinion, a wide use of CGHs is very promising in the structure of complex security holograms for increasing the level of protection against counterfeit.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Solis, John Hector

In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a securemore » program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.« less

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

PubMed

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

Bibliography for computer security, integrity, and safety

NASA Technical Reports Server (NTRS)

Bown, Rodney L.

1991-01-01

A bibliography of computer security, integrity, and safety issues is given. The bibliography is divided into the following sections: recent national publications; books; journal, magazine articles, and miscellaneous reports; conferences, proceedings, and tutorials; and government documents and contractor reports.

Evolution of Internet addiction in Greek adolescent students over a two-year period: the impact of parental bonding.

PubMed

Siomos, Konstantinos; Floros, Georgios; Fisoun, Virginia; Evaggelia, Dafouli; Farkonas, Nikiforos; Sergentani, Elena; Lamprou, Maria; Geroukalis, Dimitrios

2012-04-01

We present results from a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet abuse, parental bonding and parental online security practices. We also compared the level of over involvement with personal computers of the adolescents to the respective estimates of their parents. Our results indicate that Internet addiction is increased in this population where no preventive attempts were made to combat the phenomenon from the initial survey, 2 years ago. This increase is parallel to an increase in Internet availability. The best predictor variables for Internet and computer addiction were parental bonding variables and not parental security practices. Parents tend to underestimate the level of computer involvement when compared to their own children estimates. Parental safety measures on Internet browsing have only a small preventive role and cannot protect adolescents from Internet addiction. The three online activities most associated with Internet addiction were watching online pornography, online gambling and online gaming. © Springer-Verlag 2012

A review and a framework of handheld computer adoption in healthcare.

PubMed

Lu, Yen-Chiao; Xiao, Yan; Sears, Andrew; Jacko, Julie A

2005-06-01

Wide adoption of mobile computing technology can potentially improve information access, enhance workflow, and promote evidence-based practice to make informed and effective decisions at the point of care. Handheld computers or personal digital assistants (PDAs) offer portable and unobtrusive access to clinical data and relevant information at the point of care. This article reviews the literature on issues related to adoption of PDAs in health care and barriers to PDA adoption. Studies showed that PDAs were used widely in health care providers' practice, and the level of use is expected to rise rapidly. Most care providers found PDAs to be functional and useful in areas of documentation, medical reference, and access to patient data. Major barriers to adoption were identified as usability, security concerns, and lack of technical and organizational support. PDAs offer health care practitioners advantages to enhance their clinical practice. However, better designed PDA hardware and software applications, more institutional support, seamless integration of PDA technology with hospital information systems, and satisfactory security measures are necessary to increase acceptance and wide use of PDAs in healthcare.

Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

NASA Astrophysics Data System (ADS)

Pathak, Rohit; Joshi, Satyadhar

With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP and with the use of Anonymizers we have covered the identity of true source of data. Modifier tokens are generated along encryption of data which are distributed among virtual parties, then sent to TTP and finally used in the computation. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have also given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved.

DOE's Computer Incident Advisory Capability (CIAC)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schultz, E.

1990-09-01

Computer security is essential in maintaining quality in the computing environment. Computer security incidents, however, are becoming more sophisticated. The DOE Computer Incident Advisory Capability (CIAC) team was formed primarily to assist DOE sites in responding to computer security incidents. Among CIAC's other responsibilities are gathering and distributing information to DOE sites, providing training workshops, coordinating with other agencies, response teams, and vendors, creating guidelines for incident handling, and developing software tools. CIAC has already provided considerable assistance to DOE sites faced with virus infections and worm and hacker attacks, has issued over 40 information bulletins, and has developed andmore » presented a workshop on incident handling. CIAC's experience in helping sites has produced several lessons learned, including the need to follow effective procedures to avoid virus infections in small systems and the need for sound password management and system administration in networked systems. CIAC's activity and scope will expand in the future. 4 refs.« less

Electronic Patient Data Confidentiality Practices Among Surgical Trainees: Questionnaire Study

PubMed Central

Mole, Damian J; Fox, Colin; Napolitano, Giulio

2006-01-01

INTRODUCTION The objective of this work was to evaluate the safeguards implemented by surgical trainees to protect the confidentiality of electronic patient data through a structured questionnaire sent to Northern Ireland surgical trainees. PARTICIPANTS AND METHODS A group of 32 basic and higher surgical trainees attending a meeting of the Northern Ireland Association of Surgeons-in-Training were invited to complete a questionnaire regarding their computer use, UK Data Protection Act, 1988 registration and electronic data confidentiality practices. RESULTS Of these 32 trainees, 29 returned completed questionnaires of whom 26 trainees regularly stored sensitive patient data for audit or research purposes on a computer. Only one person was registered under the Data Protection Act, 1988. Of the computers used to store and analyse sensitive data, only 3 of 14 desktops, 8 of 19 laptops and 3 of 14 hand-held computers forced a password logon. Of the 29 trainees, 16 used the same password for all machines, and 25 of 27 passwords were less than 8 characters long. Two respondents declined to reveal details of their secure passwords. Half of all trainees had never adjusted their internet security settings, despite all 14 desktops, 16 of 19 laptops and 5 of 14 hand-helds being routinely connected to the internet. Of the 29 trainees, 28 never encrypted their sensitive data files. Ten trainees had sent unencrypted sensitive patient data over the internet, using a non-secure server. CONCLUSIONS Electronic data confidentiality practices amongst Northern Ireland surgical trainees are unsafe. Simple practical measures to safeguard confidentiality are recommended. PMID:17059715

A new data collaboration service based on cloud computing security

NASA Astrophysics Data System (ADS)

Ying, Ren; Li, Hua-Wei; Wang, Li na

2017-09-01

With the rapid development of cloud computing, the storage and usage of data have undergone revolutionary changes. Data owners can store data in the cloud. While bringing convenience, it also brings many new challenges to cloud data security. A key issue is how to support a secure data collaboration service that supports access and updates to cloud data. This paper proposes a secure, efficient and extensible data collaboration service, which prevents data leaks in cloud storage, supports one to many encryption mechanisms, and also enables cloud data writing and fine-grained access control.

Secure Multiparty AES

NASA Astrophysics Data System (ADS)

Damgård, Ivan; Keller, Marcel

We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

System and method for secure group transactions

DOEpatents

Goldsmith, Steven Y [Rochester, MN

2006-04-25

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

Guidelines for Network Security in the Learning Environment.

ERIC Educational Resources Information Center

Littman, Marlyn Kemper

1996-01-01

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

A Simple Technique for Securing Data at Rest Stored in a Computing Cloud

NASA Astrophysics Data System (ADS)

Sedayao, Jeff; Su, Steven; Ma, Xiaohao; Jiang, Minghao; Miao, Kai

"Cloud Computing" offers many potential benefits, including cost savings, the ability to deploy applications and services quickly, and the ease of scaling those application and services once they are deployed. A key barrier for enterprise adoption is the confidentiality of data stored on Cloud Computing Infrastructure. Our simple technique implemented with Open Source software solves this problem by using public key encryption to render stored data at rest unreadable by unauthorized personnel, including system administrators of the cloud computing service on which the data is stored. We validate our approach on a network measurement system implemented on PlanetLab. We then use it on a service where confidentiality is critical - a scanning application that validates external firewall implementations.

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified physical and logical process model of the CPS. Specifically, three main tasks are discussed in this presentation: (i) we first investigate diverse granularity of the interactions inside the CPS and propose feasible cyber attack models to characterize the compromised behavior of the CPS with various measures, from its severity to detectability; (ii) based on this risk information, our approach to securing the CPS addresses both monitoring of and high assurance control design against cyber attacks by developing on-line safety assessment and mitigation algorithms; and (iii) by extending the developed theories and methods from a single CPS to multiple CPSs, we examine the security and safety of multi-CPS network that are strongly dependent on the network topology, cooperation protocols between individual CPSs, etc. The effectiveness of the analytical findings is demonstrated and validated with illustrative examples, especially unmanned aircraft system (UAS) applications.

75 FR 57904 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-23

... Office, --Update of NIST Computer Security Division, and --Information Security and Privacy Advisory... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

High-Performance Secure Database Access Technologies for HEP Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysismore » capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure authorization is pushed into the database engine will eliminate inefficient data transfer bottlenecks. Furthermore, traditionally separated database and security layers provide an extra vulnerability, leaving a weak clear-text password authorization as the only protection on the database core systems. Due to the legacy limitations of the systems’ security models, the allowed passwords often can not even comply with the DOE password guideline requirements. We see an opportunity for the tight integration of the secure authorization layer with the database server engine resulting in both improved performance and improved security. Phase I has focused on the development of a proof-of-concept prototype using Argonne National Laboratory’s (ANL) Argonne Tandem-Linac Accelerator System (ATLAS) project as a test scenario. By developing a grid-security enabled version of the ATLAS project’s current relation database solution, MySQL, PIOCON Technologies aims to offer a more efficient solution to secure database access.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despitemore » much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.« less

Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation

PubMed Central

Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

2018-01-01

Background Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Objective Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Methods Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Results Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. Conclusions To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. PMID:29506966

Secure and Efficient Regression Analysis Using a Hybrid Cryptographic Framework: Development and Evaluation.

PubMed

Sadat, Md Nazmus; Jiang, Xiaoqian; Aziz, Md Momin Al; Wang, Shuang; Mohammed, Noman

2018-03-05

Machine learning is an effective data-driven tool that is being widely used to extract valuable patterns and insights from data. Specifically, predictive machine learning models are very important in health care for clinical data analysis. The machine learning algorithms that generate predictive models often require pooling data from different sources to discover statistical patterns or correlations among different attributes of the input data. The primary challenge is to fulfill one major objective: preserving the privacy of individuals while discovering knowledge from data. Our objective was to develop a hybrid cryptographic framework for performing regression analysis over distributed data in a secure and efficient way. Existing secure computation schemes are not suitable for processing the large-scale data that are used in cutting-edge machine learning applications. We designed, developed, and evaluated a hybrid cryptographic framework, which can securely perform regression analysis, a fundamental machine learning algorithm using somewhat homomorphic encryption and a newly introduced secure hardware component of Intel Software Guard Extensions (Intel SGX) to ensure both privacy and efficiency at the same time. Experimental results demonstrate that our proposed method provides a better trade-off in terms of security and efficiency than solely secure hardware-based methods. Besides, there is no approximation error. Computed model parameters are exactly similar to plaintext results. To the best of our knowledge, this kind of secure computation model using a hybrid cryptographic framework, which leverages both somewhat homomorphic encryption and Intel SGX, is not proposed or evaluated to this date. Our proposed framework ensures data security and computational efficiency at the same time. ©Md Nazmus Sadat, Xiaoqian Jiang, Md Momin Al Aziz, Shuang Wang, Noman Mohammed. Originally published in JMIR Medical Informatics (http://medinform.jmir.org), 05.03.2018.

Quantum And Relativistic Protocols For Secure Multi-Party Computation

NASA Astrophysics Data System (ADS)

Colbeck, Roger

2009-11-01

After a general introduction, the thesis is divided into four parts. In the first, we discuss the task of coin tossing, principally in order to highlight the effect different physical theories have on security in a straightforward manner, but, also, to introduce a new protocol for non-relativistic strong coin tossing. This protocol matches the security of the best protocol known to date while using a conceptually different approach to achieve the task. In the second part variable bias coin tossing is introduced. This is a variant of coin tossing in which one party secretly chooses one of two biased coins to toss. It is shown that this can be achieved with unconditional security for a specified range of biases, and with cheat-evident security for any bias. We also discuss two further protocols which are conjectured to be unconditionally secure for any bias. The third section looks at other two-party secure computations for which, prior to our work, protocols and no-go theorems were unknown. We introduce a general model for such computations, and show that, within this model, a wide range of functions are impossible to compute securely. We give explicit cheating attacks for such functions. In the final chapter we discuss the task of expanding a private random string, while dropping the usual assumption that the protocol's user trusts her devices. Instead we assume that all quantum devices are supplied by an arbitrarily malicious adversary. We give two protocols that we conjecture securely perform this task. The first allows a private random string to be expanded by a finite amount, while the second generates an arbitrarily large expansion of such a string.

Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

PubMed Central

Wen, Qiaoyan; Zhang, Hua; Jin, Zhengping; Li, Wenmin

2014-01-01

We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function. PMID:24982949

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

PubMed Central

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-01-01

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

Two-cloud-servers-assisted secure outsourcing multiparty computation.

PubMed

Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Zhang, Hua; Jin, Zhengping; Li, Wenmin

2014-01-01

We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

Continuous-variable quantum computing on encrypted data.

PubMed

Marshall, Kevin; Jacobsen, Christian S; Schäfermeier, Clemens; Gehring, Tobias; Weedbrook, Christian; Andersen, Ulrik L

2016-12-14

The ability to perform computations on encrypted data is a powerful tool for protecting a client's privacy, especially in today's era of cloud and distributed computing. In terms of privacy, the best solutions that classical techniques can achieve are unfortunately not unconditionally secure in the sense that they are dependent on a hacker's computational power. Here we theoretically investigate, and experimentally demonstrate with Gaussian displacement and squeezing operations, a quantum solution that achieves the security of a user's privacy using the practical technology of continuous variables. We demonstrate losses of up to 10 km both ways between the client and the server and show that security can still be achieved. Our approach offers a number of practical benefits (from a quantum perspective) that could one day allow the potential widespread adoption of this quantum technology in future cloud-based computing networks.

Continuous-variable quantum computing on encrypted data

PubMed Central

Marshall, Kevin; Jacobsen, Christian S.; Schäfermeier, Clemens; Gehring, Tobias; Weedbrook, Christian; Andersen, Ulrik L.

2016-01-01

The ability to perform computations on encrypted data is a powerful tool for protecting a client's privacy, especially in today's era of cloud and distributed computing. In terms of privacy, the best solutions that classical techniques can achieve are unfortunately not unconditionally secure in the sense that they are dependent on a hacker's computational power. Here we theoretically investigate, and experimentally demonstrate with Gaussian displacement and squeezing operations, a quantum solution that achieves the security of a user's privacy using the practical technology of continuous variables. We demonstrate losses of up to 10 km both ways between the client and the server and show that security can still be achieved. Our approach offers a number of practical benefits (from a quantum perspective) that could one day allow the potential widespread adoption of this quantum technology in future cloud-based computing networks. PMID:27966528

Continuous-variable quantum computing on encrypted data

NASA Astrophysics Data System (ADS)

Marshall, Kevin; Jacobsen, Christian S.; Schäfermeier, Clemens; Gehring, Tobias; Weedbrook, Christian; Andersen, Ulrik L.

2016-12-01

The ability to perform computations on encrypted data is a powerful tool for protecting a client's privacy, especially in today's era of cloud and distributed computing. In terms of privacy, the best solutions that classical techniques can achieve are unfortunately not unconditionally secure in the sense that they are dependent on a hacker's computational power. Here we theoretically investigate, and experimentally demonstrate with Gaussian displacement and squeezing operations, a quantum solution that achieves the security of a user's privacy using the practical technology of continuous variables. We demonstrate losses of up to 10 km both ways between the client and the server and show that security can still be achieved. Our approach offers a number of practical benefits (from a quantum perspective) that could one day allow the potential widespread adoption of this quantum technology in future cloud-based computing networks.

A review of automated image understanding within 3D baggage computed tomography security screening.

PubMed

Mouton, Andre; Breckon, Toby P

2015-01-01

Baggage inspection is the principal safeguard against the transportation of prohibited and potentially dangerous materials at airport security checkpoints. Although traditionally performed by 2D X-ray based scanning, increasingly stringent security regulations have led to a growing demand for more advanced imaging technologies. The role of X-ray Computed Tomography is thus rapidly expanding beyond the traditional materials-based detection of explosives. The development of computer vision and image processing techniques for the automated understanding of 3D baggage-CT imagery is however, complicated by poor image resolutions, image clutter and high levels of noise and artefacts. We discuss the recent and most pertinent advancements and identify topics for future research within the challenging domain of automated image understanding for baggage security screening CT.

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2012 CFR

2012-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2013 CFR

2013-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2011 CFR

2011-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2014 CFR

2014-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

Organization of the secure distributed computing based on multi-agent system

NASA Astrophysics Data System (ADS)

Khovanskov, Sergey; Rumyantsev, Konstantin; Khovanskova, Vera

2018-04-01

Nowadays developing methods for distributed computing is received much attention. One of the methods of distributed computing is using of multi-agent systems. The organization of distributed computing based on the conventional network computers can experience security threats performed by computational processes. Authors have developed the unified agent algorithm of control system of computing network nodes operation. Network PCs is used as computing nodes. The proposed multi-agent control system for the implementation of distributed computing allows in a short time to organize using of the processing power of computers any existing network to solve large-task by creating a distributed computing. Agents based on a computer network can: configure a distributed computing system; to distribute the computational load among computers operated agents; perform optimization distributed computing system according to the computing power of computers on the network. The number of computers connected to the network can be increased by connecting computers to the new computer system, which leads to an increase in overall processing power. Adding multi-agent system in the central agent increases the security of distributed computing. This organization of the distributed computing system reduces the problem solving time and increase fault tolerance (vitality) of computing processes in a changing computing environment (dynamic change of the number of computers on the network). Developed a multi-agent system detects cases of falsification of the results of a distributed system, which may lead to wrong decisions. In addition, the system checks and corrects wrong results.

A compressive sensing based secure watermark detection and privacy preserving storage framework.

PubMed

Qia Wang; Wenjun Zeng; Jun Tian

2014-03-01

Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service, such as the cloud. In this paper, we identify a cloud computing application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We then propose a compressive sensing (CS)-based framework using secure multiparty computation (MPC) protocols to address such a requirement. In our framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a CS domain to protect the privacy. During CS transformation, the privacy of the CS matrix and the watermark pattern is protected by the MPC protocols under the semi-honest security model. We derive the expected watermark detection performance in the CS domain, given the target image, watermark pattern, and the size of the CS matrix (but without the CS matrix itself). The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the CS domain is feasible. Our framework can also be extended to other collaborative secure signal processing and data-mining applications in the cloud.

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

20 CFR 404.240 - Old-start method-general.

Code of Federal Regulations, 2010 CFR

2010-04-01

....240 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Computing Primary Insurance Amounts Old-Start Method of Computing Primary Insurance Amounts § 404.240 Old-start method—general. If you had all or substantially all your social security...

Safeguarding Databases Basic Concepts Revisited.

ERIC Educational Resources Information Center

Cardinali, Richard

1995-01-01

Discusses issues of database security and integrity, including computer crime and vandalism, human error, computer viruses, employee and user access, and personnel policies. Suggests some precautions to minimize system vulnerability such as careful personnel screening, audit systems, passwords, and building and software security systems. (JKP)

Lock It Up! Computer Security.

ERIC Educational Resources Information Center

Wodarz, Nan

1997-01-01

The data contained on desktop computer systems and networks pose security issues for virtually every district. Sensitive information can be protected by educating users, altering the physical layout, using password protection, designating access levels, backing up data, reformatting floppy disks, using antivirus software, and installing encryption…

78 FR 57839 - Request for Information on Computer Security Incident Coordination (CSIC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-20

... Institute of Standards and Technology (NIST), United States Department of Commerce. ACTION: Notice, extension of comment period. SUMMARY: NIST is extending the deadline for submitting comments relating to Computer Security Incident Coordination. NIST experienced technical difficulties with receiving email...

An overview of computer viruses in a research environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1991-01-01

The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically threats aimed at subverting computer security. Here, computer viruses are examined as a malicious logic in a research and development environment. A relation is drawn between the viruses and various models of security and integrity. Current research techniques aimed at controlling the threats posed to computer systems by threatening viruses in particular and malicious logic in general are examined. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken.

14 CFR 1274.936 - Breach of safety or security.

Code of Federal Regulations, 2013 CFR

2013-01-01

.... (a) Security is the condition of safeguarding against espionage, sabotage, crime (including computer... 14 Aeronautics and Space 5 2013-01-01 2013-01-01 false Breach of safety or security. 1274.936... security. Breach of Safety or Security July 2002 Safety is the freedom from those conditions that can cause...

14 CFR 1274.936 - Breach of safety or security.

Code of Federal Regulations, 2010 CFR

2010-01-01

.... (a) Security is the condition of safeguarding against espionage, sabotage, crime (including computer... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Breach of safety or security. 1274.936... security. Breach of Safety or Security July 2002 Safety is the freedom from those conditions that can cause...

14 CFR 1274.936 - Breach of safety or security.

Code of Federal Regulations, 2011 CFR

2011-01-01

.... (a) Security is the condition of safeguarding against espionage, sabotage, crime (including computer... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Breach of safety or security. 1274.936... security. Breach of Safety or Security July 2002 Safety is the freedom from those conditions that can cause...

Identifying the Key Weaknesses in Network Security at Colleges.

ERIC Educational Resources Information Center

Olsen, Florence

2000-01-01

A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

A Security Checklist for ERP Implementations

ERIC Educational Resources Information Center

Hughes, Joy R.; Beer, Robert

2007-01-01

The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

PubMed

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

NASA Astrophysics Data System (ADS)

Mahmadi, FN; Zaaba, ZF; Osman, A.

2016-11-01

Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

Security Verification of Secure MANET Routing Protocols

DTIC Science & Technology

2012-03-22

SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Matthew F. Steele, Captain, USAF AFIT/GCS/ ENG /12-03 DEPARTMENT OF THE AIR FORCE AIR...States AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Presented to the Faculty Department of Electrical and Computer...DISTRIBUTION UNLIMITED AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS Matthew F. Steele, B.S.E.E. Captain, USAF

Orthogonal-state-based cryptography in quantum mechanics and local post-quantum theories

NASA Astrophysics Data System (ADS)

Aravinda, S.; Banerjee, Anindita; Pathak, Anirban; Srikanth, R.

2014-02-01

We introduce the concept of cryptographic reduction, in analogy with a similar concept in computational complexity theory. In this framework, class A of crypto-protocols reduces to protocol class B in a scenario X, if for every instance a of A, there is an instance b of B and a secure transformation X that reproduces a given b, such that the security of b guarantees the security of a. Here we employ this reductive framework to study the relationship between security in quantum key distribution (QKD) and quantum secure direct communication (QSDC). We show that replacing the streaming of independent qubits in a QKD scheme by block encoding and transmission (permuting the order of particles block by block) of qubits, we can construct a QSDC scheme. This forms the basis for the block reduction from a QSDC class of protocols to a QKD class of protocols, whereby if the latter is secure, then so is the former. Conversely, given a secure QSDC protocol, we can of course construct a secure QKD scheme by transmitting a random key as the direct message. Then the QKD class of protocols is secure, assuming the security of the QSDC class which it is built from. We refer to this method of deduction of security for this class of QKD protocols, as key reduction. Finally, we propose an orthogonal-state-based deterministic key distribution (KD) protocol which is secure in some local post-quantum theories. Its security arises neither from geographic splitting of a code state nor from Heisenberg uncertainty, but from post-measurement disturbance.

Towards An Engineering Discipline of Computational Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mili, Ali; Sheldon, Frederick T; Jilani, Lamia Labed

2007-01-01

George Boole ushered the era of modern logic by arguing that logical reasoning does not fall in the realm of philosophy, as it was considered up to his time, but in the realm of mathematics. As such, logical propositions and logical arguments are modeled using algebraic structures. Likewise, we submit that security attributes must be modeled as formal mathematical propositions that are subject to mathematical analysis. In this paper, we approach this problem by attempting to model security attributes in a refinement-like framework that has traditionally been used to represent reliability and safety claims. Keywords: Computable security attributes, survivability, integrity,more » dependability, reliability, safety, security, verification, testing, fault tolerance.« less

An Infrastructure for Multi-Level Secure Service-Oriented Architecture (MLS-SOA) Using the Multiple Single-Level Approach

DTIC Science & Technology

2009-12-17

IEEE TDKE, 1996. 8( 1). 14. Garvey, T.D., The inference Problem for Computer Security. 1992, SRI International. 15. Chaum , D ., Blind Signatures for...Pervasive Computing Environments. IEEE Transactions on Vehicular Technology, 2006. 55(4). 17. Chaum , D ., Security without Identification: Transaction...Systems to make Big Brother Obsolete. Communications of the ACM 1985. 28(10). 18. Chaum , D ., Untraceable Electronic Mail, Return Addresses, and Digital

Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan.

PubMed

Sahi, Aqeel; Lai, David; Li, Yan

2016-11-01

Cloud computing was introduced as an alternative storage and computing model in the health sector as well as other sectors to handle large amounts of data. Many healthcare companies have moved their electronic data to the cloud in order to reduce in-house storage, IT development and maintenance costs. However, storing the healthcare records in a third-party server may cause serious storage, security and privacy issues. Therefore, many approaches have been proposed to preserve security as well as privacy in cloud computing projects. Cryptographic-based approaches were presented as one of the best ways to ensure the security and privacy of healthcare data in the cloud. Nevertheless, the cryptographic-based approaches which are used to transfer health records safely remain vulnerable regarding security, privacy, or the lack of any disaster recovery strategy. In this paper, we review the related work on security and privacy preserving as well as disaster recovery in the eHealth cloud domain. Then we propose two approaches, the Security-Preserving approach and the Privacy-Preserving approach, and a disaster recovery plan. The Security-Preserving approach is a robust means of ensuring the security and integrity of Electronic Health Records, and the Privacy-Preserving approach is an efficient authentication approach which protects the privacy of Personal Health Records. Finally, we discuss how the integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects. Copyright © 2016 Elsevier Ltd. All rights reserved.

Computer science security research and human subjects: emerging considerations for research ethics boards.

PubMed

Buchanan, Elizabeth; Aycock, John; Dexter, Scott; Dittrich, David; Hvizdak, Erin

2011-06-01

This paper explores the growing concerns with computer science research, and in particular, computer security research and its relationship with the committees that review human subjects research. It offers cases that review boards are likely to confront, and provides a context for appropriate consideration of such research, as issues of bots, clouds, and worms enter the discourse of human subjects review.

Diamond High Assurance Security Program: Trusted Computing Exemplar

DTIC Science & Technology

2002-09-01

computing component, the Embedded MicroKernel Prototype. A third-party evaluation of the component will be initiated during development (e.g., once...target technologies and larger projects is a topic for future research. Trusted Computing Reference Component – The Embedded MicroKernel Prototype We...Kernel The primary security function of the Embedded MicroKernel will be to enforce process and data-domain separation, while providing primitive

Security Certification Challenges in a Cloud Computing Delivery Model

DTIC Science & Technology

2010-04-27

Relevant Security Standards, Certifications, and Guidance  NIST SP 800 series  ISO /IEC 27001 framework  Cloud Security Alliance  Statement of...CSA Domains / Cloud Features ISO 27001 Cloud Service Provider Responsibility Government Agency Responsibility Analyze Security gaps Compensating

Quantum Attack-Resistent Certificateless Multi-Receiver Signcryption Scheme

PubMed Central

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards. PMID:23967037

OpenID connect as a security service in Cloud-based diagnostic imaging systems

NASA Astrophysics Data System (ADS)

Ma, Weina; Sartipi, Kamran; Sharghi, Hassan; Koff, David; Bak, Peter

2015-03-01

The evolution of cloud computing is driving the next generation of diagnostic imaging (DI) systems. Cloud-based DI systems are able to deliver better services to patients without constraining to their own physical facilities. However, privacy and security concerns have been consistently regarded as the major obstacle for adoption of cloud computing by healthcare domains. Furthermore, traditional computing models and interfaces employed by DI systems are not ready for accessing diagnostic images through mobile devices. RESTful is an ideal technology for provisioning both mobile services and cloud computing. OpenID Connect, combining OpenID and OAuth together, is an emerging REST-based federated identity solution. It is one of the most perspective open standards to potentially become the de-facto standard for securing cloud computing and mobile applications, which has ever been regarded as "Kerberos of Cloud". We introduce OpenID Connect as an identity and authentication service in cloud-based DI systems and propose enhancements that allow for incorporating this technology within distributed enterprise environment. The objective of this study is to offer solutions for secure radiology image sharing among DI-r (Diagnostic Imaging Repository) and heterogeneous PACS (Picture Archiving and Communication Systems) as well as mobile clients in the cloud ecosystem. Through using OpenID Connect as an open-source identity and authentication service, deploying DI-r and PACS to private or community clouds should obtain equivalent security level to traditional computing model.

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

32 CFR 806b.35 - Balancing protection.

Code of Federal Regulations, 2014 CFR

2014-07-01

..., Computer Security, 5 for procedures on safeguarding personal information in automated records. 5 http://www... automated system with a log-on protocol. Others may require more sophisticated security protection based on the sensitivity of the information. Classified computer systems or those with established audit and...

32 CFR 806b.35 - Balancing protection.

Code of Federal Regulations, 2013 CFR

2013-07-01

..., Computer Security, 5 for procedures on safeguarding personal information in automated records. 5 http://www... automated system with a log-on protocol. Others may require more sophisticated security protection based on the sensitivity of the information. Classified computer systems or those with established audit and...

32 CFR 806b.35 - Balancing protection.

Code of Federal Regulations, 2012 CFR

2012-07-01

..., Computer Security, 5 for procedures on safeguarding personal information in automated records. 5 http://www... automated system with a log-on protocol. Others may require more sophisticated security protection based on the sensitivity of the information. Classified computer systems or those with established audit and...

32 CFR 806b.35 - Balancing protection.

Code of Federal Regulations, 2011 CFR

2011-07-01

..., Computer Security, 5 for procedures on safeguarding personal information in automated records. 5 http://www... automated system with a log-on protocol. Others may require more sophisticated security protection based on the sensitivity of the information. Classified computer systems or those with established audit and...

32 CFR 806b.35 - Balancing protection.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., Computer Security, 5 for procedures on safeguarding personal information in automated records. 5 http://www... automated system with a log-on protocol. Others may require more sophisticated security protection based on the sensitivity of the information. Classified computer systems or those with established audit and...

Security and Cloud Outsourcing Framework for Economic Dispatch

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sarker, Mushfiqur R.; Wang, Jianhui; Li, Zuyi

The computational complexity and problem sizes of power grid applications have increased significantly with the advent of renewable resources and smart grid technologies. The current paradigm of solving these issues consist of inhouse high performance computing infrastructures, which have drawbacks of high capital expenditures, maintenance, and limited scalability. Cloud computing is an ideal alternative due to its powerful computational capacity, rapid scalability, and high cost-effectiveness. A major challenge, however, remains in that the highly confidential grid data is susceptible for potential cyberattacks when outsourced to the cloud. In this work, a security and cloud outsourcing framework is developed for themore » Economic Dispatch (ED) linear programming application. As a result, the security framework transforms the ED linear program into a confidentiality-preserving linear program, that masks both the data and problem structure, thus enabling secure outsourcing to the cloud. Results show that for large grid test cases the performance gain and costs outperforms the in-house infrastructure.« less

Security and Cloud Outsourcing Framework for Economic Dispatch

DOE PAGES

Sarker, Mushfiqur R.; Wang, Jianhui; Li, Zuyi; ...

2017-04-24

The computational complexity and problem sizes of power grid applications have increased significantly with the advent of renewable resources and smart grid technologies. The current paradigm of solving these issues consist of inhouse high performance computing infrastructures, which have drawbacks of high capital expenditures, maintenance, and limited scalability. Cloud computing is an ideal alternative due to its powerful computational capacity, rapid scalability, and high cost-effectiveness. A major challenge, however, remains in that the highly confidential grid data is susceptible for potential cyberattacks when outsourced to the cloud. In this work, a security and cloud outsourcing framework is developed for themore » Economic Dispatch (ED) linear programming application. As a result, the security framework transforms the ED linear program into a confidentiality-preserving linear program, that masks both the data and problem structure, thus enabling secure outsourcing to the cloud. Results show that for large grid test cases the performance gain and costs outperforms the in-house infrastructure.« less

Implementation of a High-Speed FPGA and DSP Based FFT Processor for Improving Strain Demodulation Performance in a Fiber-Optic-Based Sensing System

NASA Technical Reports Server (NTRS)

Farley, Douglas L.

2005-01-01

NASA's Aviation Safety and Security Program is pursuing research in on-board Structural Health Management (SHM) technologies for purposes of reducing or eliminating aircraft accidents due to system and component failures. Under this program, NASA Langley Research Center (LaRC) is developing a strain-based structural health-monitoring concept that incorporates a fiber optic-based measuring system for acquiring strain values. This fiber optic-based measuring system provides for the distribution of thousands of strain sensors embedded in a network of fiber optic cables. The resolution of strain value at each discrete sensor point requires a computationally demanding data reduction software process that, when hosted on a conventional processor, is not suitable for near real-time measurement. This report describes the development and integration of an alternative computing environment using dedicated computing hardware for performing the data reduction. Performance comparison between the existing and the hardware-based system is presented.

OpenID Connect as a security service in cloud-based medical imaging systems.

PubMed

Ma, Weina; Sartipi, Kamran; Sharghigoorabi, Hassan; Koff, David; Bak, Peter

2016-04-01

The evolution of cloud computing is driving the next generation of medical imaging systems. However, privacy and security concerns have been consistently regarded as the major obstacles for adoption of cloud computing by healthcare domains. OpenID Connect, combining OpenID and OAuth together, is an emerging representational state transfer-based federated identity solution. It is one of the most adopted open standards to potentially become the de facto standard for securing cloud computing and mobile applications, which is also regarded as "Kerberos of cloud." We introduce OpenID Connect as an authentication and authorization service in cloud-based diagnostic imaging (DI) systems, and propose enhancements that allow for incorporating this technology within distributed enterprise environments. The objective of this study is to offer solutions for secure sharing of medical images among diagnostic imaging repository (DI-r) and heterogeneous picture archiving and communication systems (PACS) as well as Web-based and mobile clients in the cloud ecosystem. The main objective is to use OpenID Connect open-source single sign-on and authorization service and in a user-centric manner, while deploying DI-r and PACS to private or community clouds should provide equivalent security levels to traditional computing model.

KSOS Computer Program Development Specifications (Type B-5). (Kernelized Secure Operating System). I. Security Kernel (CDRL 0002AF). II. UNIX Emulator (CDRL 0002AG). III. Security-Related Software (CDRL 0002AH).

DTIC Science & Technology

1980-12-01

Commun- ications Corporation, Palo Alto, CA (March 1978). g. [Walter at al. 74] Walter, K.G. et al., " Primitive Models for Computer .. Security", ESD-TR...discussion is followed by a presenta- tion of the Kernel primitive operations upon these objects. All Kernel objects shall be referenced by a common...set of sizes. All process segments, regardless of domain, shall be manipulated by the same set of Kernel segment primitives . User domain segments

CompGC: Efficient Offline/Online Semi-Honest Two-Party Computation

DTIC Science & Technology

2016-07-06

negligible function µ(·) such that for every κ ∈ N : Pr [ ExptprivA,S(κ) = 1 ] ≤ 12 + µ(κ) 4.1 Component-Based Secure Two-Party Computation We now...automating secure two-party computations. In Ehab Al-Shaer, Angelos D. Keromytis, and Vitaly Shmatikov, editors, ACM CCS 10, pages 451–462. ACM Press...computation. In Yan Chen, George Danezis, and Vitaly Shmatikov, editors, ACM CCS 11, pages 715–724. ACM Press, October 2011. [MGBF14] Benjamin Mood, Debayan

Research on Influence of Cloud Environment on Traditional Network Security

NASA Astrophysics Data System (ADS)

Ming, Xiaobo; Guo, Jinhua

2018-02-01

Cloud computing is a symbol of the progress of modern information network, cloud computing provides a lot of convenience to the Internet users, but it also brings a lot of risk to the Internet users. Second, one of the main reasons for Internet users to choose cloud computing is that the network security performance is great, it also is the cornerstone of cloud computing applications. This paper briefly explores the impact on cloud environment on traditional cybersecurity, and puts forward corresponding solutions.

Whale Hearing Models

DTIC Science & Technology

2005-06-20

methodologies and partnership projects developed under the ONR Effect of Sound in the Marine Environment (ESME) Program. The effort involved an integration...computational models to predict audiograms for these species. National Security These data will assist in designing effective noise mitigation measures and...includes marine species for which there are reliable hearing data as well as sample sources with appropriate distance effects in their renditions, including

A Strategy for Improved System Assurance

DTIC Science & Technology

2007-06-20

Quality (Measurements Life Cycle Safety, Security & Others) ISO /IEC 12207 * Software Life Cycle Processes ISO 9001 Quality Management System...14598 Software Product Evaluation Related ISO /IEC 90003 Guidelines for the Application of ISO 9001:2000 to Computer Software IEEE 12207 Industry...Implementation of International Standard ISO /IEC 12207 IEEE 1220 Standard for Application and Management of the System Engineering Process Use in

HiFi-MBQC High Fidelitiy Measurement-Based Quantum Computing using Superconducting Detectors

DTIC Science & Technology

2016-04-04

superconducting nanowire single photon detectors (SNSPDs) which allowed support of quantum photonics experiments leading to 14 peer-reviewed...sampling, and several other areas. 15. SUBJECT TERMS EOARD, photonics, cryostat, superconducting nanowire , SNSPD 16. SECURITY CLASSIFICATION OF: 17...quantum simulations. The main budget contribution was dedicated to develop superconducting nanowire detectors with efficiencies above 93% at telecom

Data-Based Detection of Potential Terrorist Attacks: Statistical and Graphical Methods

DTIC Science & Technology

2010-06-01

Naren; Vasquez-Robinet, Cecilia; Watkinson, Jonathan: "A General Probabilistic Model of the PCR Process," Applied Mathematics and Computation 182(1...September 2006. Seminar, Measuring the effect of Length biased sampling, Mathematical Sciences Section, National Security Agency, 19 September 2006...Committee on National Statistics, 9 February 2007. Invited seminar, Statistical Tests for Bullet Lead Comparisons, Department of Mathematics , Butler

Protecting Location Privacy for Outsourced Spatial Data in Cloud Storage

PubMed Central

Gui, Xiaolin; An, Jian; Zhao, Jianqiang; Zhang, Xuejun

2014-01-01

As cloud computing services and location-aware devices are fully developed, a large amount of spatial data needs to be outsourced to the cloud storage provider, so the research on privacy protection for outsourced spatial data gets increasing attention from academia and industry. As a kind of spatial transformation method, Hilbert curve is widely used to protect the location privacy for spatial data. But sufficient security analysis for standard Hilbert curve (SHC) is seldom proceeded. In this paper, we propose an index modification method for SHC (SHC∗) and a density-based space filling curve (DSC) to improve the security of SHC; they can partially violate the distance-preserving property of SHC, so as to achieve better security. We formally define the indistinguishability and attack model for measuring the privacy disclosure risk of spatial transformation methods. The evaluation results indicate that SHC∗ and DSC are more secure than SHC, and DSC achieves the best index generation performance. PMID:25097865

Effect of source tampering in the security of quantum cryptography

NASA Astrophysics Data System (ADS)

Sun, Shi-Hai; Xu, Feihu; Jiang, Mu-Sheng; Ma, Xiang-Chun; Lo, Hoi-Kwong; Liang, Lin-Mei

2015-08-01

The security of source has become an increasingly important issue in quantum cryptography. Based on the framework of measurement-device-independent quantum key distribution (MDI-QKD), the source becomes the only region exploitable by a potential eavesdropper (Eve). Phase randomization is a cornerstone assumption in most discrete-variable (DV) quantum communication protocols (e.g., QKD, quantum coin tossing, weak-coherent-state blind quantum computing, and so on), and the violation of such an assumption is thus fatal to the security of those protocols. In this paper, we show a simple quantum hacking strategy, with commercial and homemade pulsed lasers, by Eve that allows her to actively tamper with the source and violate such an assumption, without leaving a trace afterwards. Furthermore, our attack may also be valid for continuous-variable (CV) QKD, which is another main class of QKD protocol, since, excepting the phase random assumption, other parameters (e.g., intensity) could also be changed, which directly determine the security of CV-QKD.

Secure uniform random-number extraction via incoherent strategies

NASA Astrophysics Data System (ADS)

Hayashi, Masahito; Zhu, Huangjun

2018-01-01

To guarantee the security of uniform random numbers generated by a quantum random-number generator, we study secure extraction of uniform random numbers when the environment of a given quantum state is controlled by the third party, the eavesdropper. Here we restrict our operations to incoherent strategies that are composed of the measurement on the computational basis and incoherent operations (or incoherence-preserving operations). We show that the maximum secure extraction rate is equal to the relative entropy of coherence. By contrast, the coherence of formation gives the extraction rate when a certain constraint is imposed on the eavesdropper's operations. The condition under which the two extraction rates coincide is then determined. Furthermore, we find that the exponential decreasing rate of the leaked information is characterized by Rényi relative entropies of coherence. These results clarify the power of incoherent strategies in random-number generation, and can be applied to guarantee the quality of random numbers generated by a quantum random-number generator.

Protecting location privacy for outsourced spatial data in cloud storage.

PubMed

Tian, Feng; Gui, Xiaolin; An, Jian; Yang, Pan; Zhao, Jianqiang; Zhang, Xuejun

2014-01-01

As cloud computing services and location-aware devices are fully developed, a large amount of spatial data needs to be outsourced to the cloud storage provider, so the research on privacy protection for outsourced spatial data gets increasing attention from academia and industry. As a kind of spatial transformation method, Hilbert curve is widely used to protect the location privacy for spatial data. But sufficient security analysis for standard Hilbert curve (SHC) is seldom proceeded. In this paper, we propose an index modification method for SHC (SHC(∗)) and a density-based space filling curve (DSC) to improve the security of SHC; they can partially violate the distance-preserving property of SHC, so as to achieve better security. We formally define the indistinguishability and attack model for measuring the privacy disclosure risk of spatial transformation methods. The evaluation results indicate that SHC(∗) and DSC are more secure than SHC, and DSC achieves the best index generation performance.

A Theoretical Analysis: Physical Unclonable Functions and The Software Protection Problem

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nithyanand, Rishab; Solis, John H.

2011-09-01

Physical Unclonable Functions (PUFs) or Physical One Way Functions (P-OWFs) are physical systems whose responses to input stimuli (i.e., challenges) are easy to measure (within reasonable error bounds) but hard to clone. This property of unclonability is due to the accepted hardness of replicating the multitude of uncontrollable manufacturing characteristics and makes PUFs useful in solving problems such as device authentication, software protection, licensing, and certified execution. In this paper, we focus on the effectiveness of PUFs for software protection and show that traditional non-computational (black-box) PUFs cannot solve the problem against real world adversaries in offline settings. Our contributionsmore » are the following: We provide two real world adversary models (weak and strong variants) and present definitions for security against the adversaries. We continue by proposing schemes secure against the weak adversary and show that no scheme is secure against a strong adversary without the use of trusted hardware. Finally, we present a protection scheme secure against strong adversaries based on trusted hardware.« less

Semi-quantum Secure Direct Communication Scheme Based on Bell States

NASA Astrophysics Data System (ADS)

Xie, Chen; Li, Lvzhou; Situ, Haozhen; He, Jianhao

2018-06-01

Recently, the idea of semi-quantumness has been often used in designing quantum cryptographic schemes, which allows some of the participants of a quantum cryptographic scheme to remain classical. One of the reasons why this idea is popular is that it allows a quantum information processing task to be accomplished by using quantum resources as few as possible. In this paper, we extend the idea to quantum secure direct communication(QSDC) by proposing a semi-quantum secure direct communication scheme. In the scheme, the message sender, Alice, encodes each bit into a Bell state |φ+> = 1/{√2}(|00> +|11> ) or |{Ψ }+> = 1/{√ 2}(|01> +|10> ), and the message receiver, Bob, who is classical in the sense that he can either let the qubit he received reflect undisturbed, or measure the qubit in the computational basis |0>, |1> and then resend it in the state he found. Moreover, the security analysis of our scheme is also given.

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aderholdt, Ferrol; Caldwell, Blake A.; Hicks, Susan Elaine

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges formore » the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.« less

Health information security: a case study of three selected medical centers in iran.

PubMed

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-03-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients' electronic records and health information systems have become a source for hackers. This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts' points of view. Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of "verification and system design, user access management, access control system", Al Zahra Hospital in two indicators of "access management and network access control" and Amin Hospital in "equipment safety and system design". In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place.

Health Information Security: A Case Study of Three Selected Medical Centers in Iran

PubMed Central

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-01-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients’ electronic records and health information systems have become a source for hackers. Methods This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts’ points of view. Results and discussion Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of “verification and system design, user access management, access control system”, Al Zahra Hospital in two indicators of “access management and network access control” and Amin Hospital in “equipment safety and system design”. In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place. PMID:23572861

Open source system OpenVPN in a function of Virtual Private Network

NASA Astrophysics Data System (ADS)

Skendzic, A.; Kovacic, B.

2017-05-01

Using of Virtual Private Networks (VPN) can establish high security level in network communication. VPN technology enables high security networking using distributed or public network infrastructure. VPN uses different security and managing rules inside networks. It can be set up using different communication channels like Internet or separate ISP communication infrastructure. VPN private network makes security communication channel over public network between two endpoints (computers). OpenVPN is an open source software product under GNU General Public License (GPL) that can be used to establish VPN communication between two computers inside business local network over public communication infrastructure. It uses special security protocols and 256-bit Encryption and it is capable of traversing network address translators (NATs) and firewalls. It allows computers to authenticate each other using a pre-shared secret key, certificates or username and password. This work gives review of VPN technology with a special accent on OpenVPN. This paper will also give comparison and financial benefits of using open source VPN software in business environment.

77 FR 14525 - Statement of Organization, Functions, and Delegations of Authority

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-12

... maintains the CDC Computer Security Incident Response Team; (4) performs cyber security incident reporting... systems planning and support; internal security and emergency preparedness; and management analysis and... security; education, training, and workforce development in information and IT disciplines; development and...

Security Metrics: A Solution in Search of a Problem

ERIC Educational Resources Information Center

Rosenblatt, Joel

2008-01-01

Computer security is one of the most complicated and challenging fields in technology today. A security metrics program provides a major benefit: looking at the metrics on a regular basis offers early clues to changes in attack patterns or environmental factors that may require changes in security strategy. The term "security metrics"…

Information Security Awareness On-Line Materials Design with Knowledge Maps

ERIC Educational Resources Information Center

Shaw, Ruey-Shiang; Keh, Huan-Chao; Huang, Nan-Ching; Huang, Tien-Chuan

2011-01-01

Information Security Awareness, though known as a primary and important issue in the domain of Information Security, CSI computer crime and security survey showed poor security awareness training in public and private sectors. In many studies, the authors have found that the usage of knowledge maps helps the process of learning and conception…

The HEPiX Virtualisation Working Group: Towards a Grid of Clouds

NASA Astrophysics Data System (ADS)

Cass, Tony

2012-12-01

The use of virtual machine images, as for example with Cloud services such as Amazon's Elastic Compute Cloud, is attractive for users as they have a guaranteed execution environment, something that cannot today be provided across sites participating in computing grids such as the Worldwide LHC Computing Grid. However, Grid sites often operate within computer security frameworks which preclude the use of remotely generated images. The HEPiX Virtualisation Working Group was setup with the objective to enable use of remotely generated virtual machine images at Grid sites and, to this end, has introduced the idea of trusted virtual machine images which are guaranteed to be secure and configurable by sites such that security policy commitments can be met. This paper describes the requirements and details of these trusted virtual machine images and presents a model for their use to facilitate the integration of Grid- and Cloud-based computing environments for High Energy Physics.

Beyond grid security

NASA Astrophysics Data System (ADS)

Hoeft, B.; Epting, U.; Koenig, T.

2008-07-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

17 CFR 1.32 - Segregated account; daily computation and record.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Segregated account; daily computation and record. 1.32 Section 1.32 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION GENERAL REGULATIONS UNDER THE COMMODITY EXCHANGE ACT Recordkeeping § 1.32 Segregated account...

Community Colleges and Cybersecurity Education.

ERIC Educational Resources Information Center

Teles, Elizabeth J.; Hovis, R. Corby

2002-01-01

Describes recent federal legislation (H.R. 3394) that charges the National Science Foundation with offering more grants to colleges and universities for degree programs in computer and network security, and to establish trainee programs for graduate students who pursue doctoral degrees in computer and network security. Discusses aspects of…

Proceedings of National Computer Security Conference Held in Washington, DC on 15-18 September 1986 (Computer Security - for Today and for Tomorrow

DTIC Science & Technology

1986-09-18

physical and administrativo security tech- These methods are, on the whole, at an early 163 • -- I I " • I I I II I ,I U niques. As in many other areas...o,t) I o member-of 0, t member-of (data;files;pgmstsubjects;i/o T and o maps-completely-to t) devices) S :- set of all subjects ( procesoes ;pgms

Privacy-preserving genome-wide association studies on cloud environment using fully homomorphic encryption.

PubMed

Lu, Wen-Jie; Yamada, Yoshiji; Sakuma, Jun

2015-01-01

Developed sequencing techniques are yielding large-scale genomic data at low cost. A genome-wide association study (GWAS) targeting genetic variations that are significantly associated with a particular disease offers great potential for medical improvement. However, subjects who volunteer their genomic data expose themselves to the risk of privacy invasion; these privacy concerns prevent efficient genomic data sharing. Our goal is to presents a cryptographic solution to this problem. To maintain the privacy of subjects, we propose encryption of all genotype and phenotype data. To allow the cloud to perform meaningful computation in relation to the encrypted data, we use a fully homomorphic encryption scheme. Noting that we can evaluate typical statistics for GWAS from a frequency table, our solution evaluates frequency tables with encrypted genomic and clinical data as input. We propose to use a packing technique for efficient evaluation of these frequency tables. Our solution supports evaluation of the D' measure of linkage disequilibrium, the Hardy-Weinberg Equilibrium, the χ2 test, etc. In this paper, we take χ2 test and linkage disequilibrium as examples and demonstrate how we can conduct these algorithms securely and efficiently in an outsourcing setting. We demonstrate with experimentation that secure outsourcing computation of one χ2 test with 10, 000 subjects requires about 35 ms and evaluation of one linkage disequilibrium with 10, 000 subjects requires about 80 ms. With appropriate encoding and packing technique, cryptographic solutions based on fully homomorphic encryption for secure computations of GWAS can be practical.

Debugging Techniques Used by Experienced Programmers to Debug Their Own Code.

DTIC Science & Technology

1990-09-01

IS. NUMBER OF PAGES code debugging 62 computer programmers 16. PRICE CODE debug programming 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 119...Davis, and Schultz (1987) also compared experts and novices, but focused on the way a computer program is represented cognitively and how that...of theories in the emerging computer programming domain (Fisher, 1987). In protocol analysis, subjects are asked to talk/think aloud as they solve

Threats at Our Threshold: Homeland Defense and Homeland Security in the New Century

DTIC Science & Technology

2006-10-21

evacuation. Meanwhile, DoD C4ISR (Command, Control, Communications, Computers , Intelligence, Surveillance and Reconnaissance) assets can provide state-of...hurricane and flooding. In addition, he challenged the company to find a way to track all supplies even though the computer systems were down...relevant to the homeland security realm. In general terms, individuals empowered with computing and communications technology and connected by

The myth of secure computing.

PubMed

Austin, Robert D; Darby, Christopher A

2003-06-01

Few senior executives pay a whole lot of attention to computer security. They either hand off responsibility to their technical people or bring in consultants. But given the stakes involved, an arm's-length approach is extremely unwise. According to industry estimates, security breaches affect 90% of all businesses every year and cost some $17 billion. Fortunately, the authors say, senior executives don't need to learn about the more arcane aspects of their company's IT systems in order to take a hands-on approach. Instead, they should focus on the familiar task of managing risk. Their role should be to assess the business value of their information assets, determine the likelihood that those assets will be compromised, and then tailor a set of risk abatement processes to their company's particular vulnerabilities. This approach, which views computer security as an operational rather than a technical challenge, is akin to a classic quality assurance program in that it attempts to avoid problems rather than fix them and involves all employees, not just IT staffers. The goal is not to make computer systems completely secure--that's impossible--but to reduce the business risk to an acceptable level. This article looks at the types of threats a company is apt to face. It also examines the processes a general manager should spearhead to lessen the likelihood of a successful attack. The authors recommend eight processes in all, ranging from deciding how much protection each digital asset deserves to insisting on secure software to rehearsing a response to a security breach. The important thing to realize, they emphasize, is that decisions about digital security are not much different from other cost-benefit decisions. The tools general managers bring to bear on other areas of the business are good models for what they need to do in this technical space.

48 CFR 3452.239-72 - Department security requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... contracting officer or the COR, the Department personnel security officer, and the Department computer... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Department security... Clauses 3452.239-72 Department security requirements. As prescribed in 3439.702, include the following...

48 CFR 3452.239-72 - Department security requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... contracting officer or the COR, the Department personnel security officer, and the Department computer... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false Department security... Clauses 3452.239-72 Department security requirements. As prescribed in 3439.702, include the following...

48 CFR 3452.239-72 - Department security requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... contracting officer or the COR, the Department personnel security officer, and the Department computer... 48 Federal Acquisition Regulations System 7 2011-10-01 2011-10-01 false Department security... Clauses 3452.239-72 Department security requirements. As prescribed in 3439.702, include the following...

48 CFR 3452.239-72 - Department security requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... contracting officer or the COR, the Department personnel security officer, and the Department computer... 48 Federal Acquisition Regulations System 7 2013-10-01 2012-10-01 true Department security... Clauses 3452.239-72 Department security requirements. As prescribed in 3439.702, include the following...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true IT security requirements... security requirements. These IT security requirements cover all NASA contracts in which IT plays a role in...-63, Electronic Authentication Guideline) access to NASA's computer systems, networks, or IT...

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

NASA Astrophysics Data System (ADS)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

The application of data encryption technology in computer network communication security

NASA Astrophysics Data System (ADS)

Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-04-01

With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

20 CFR 416.421 - Determination of benefits; computation of prorated benefits.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Determination of benefits; computation of prorated benefits. 416.421 Section 416.421 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Amount of Benefits § 416.421 Determination of benefits...

20 CFR 416.421 - Determination of benefits; computation of prorated benefits.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Determination of benefits; computation of prorated benefits. 416.421 Section 416.421 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Amount of Benefits § 416.421 Determination of benefits...

Energy and technology review

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quirk, W.J.; Canada, J.; de Vore, L.

1994-04-01

This issue highlights the Lawrence Livermore National Laboratory`s 1993 accomplishments in our mission areas and core programs: economic competitiveness, national security, energy, the environment, lasers, biology and biotechnology, engineering, physics, chemistry, materials science, computers and computing, and science and math education. Secondary topics include: nonproliferation, arms control, international security, environmental remediation, and waste management.

48 CFR 352.239-70 - Standard for security configurations.

Code of Federal Regulations, 2010 CFR

2010-10-01

... configure its computers that contain HHS data with the applicable Federal Desktop Core Configuration (FDCC) (see http://nvd.nist.gov/fdcc/index.cfm) and ensure that its computers have and maintain the latest... technology (IT) that is used to process information on behalf of HHS. The following security configuration...

48 CFR 352.239-70 - Standard for security configurations.

Code of Federal Regulations, 2011 CFR

2011-10-01

... configure its computers that contain HHS data with the applicable Federal Desktop Core Configuration (FDCC) (see http://nvd.nist.gov/fdcc/index.cfm) and ensure that its computers have and maintain the latest... technology (IT) that is used to process information on behalf of HHS. The following security configuration...

20 CFR 416.421 - Determination of benefits; computation of prorated benefits.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Determination of benefits; computation of prorated benefits. 416.421 Section 416.421 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Amount of Benefits § 416.421 Determination of benefits...

20 CFR 416.421 - Determination of benefits; computation of prorated benefits.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Determination of benefits; computation of prorated benefits. 416.421 Section 416.421 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Amount of Benefits § 416.421 Determination of benefits...

20 CFR 416.421 - Determination of benefits; computation of prorated benefits.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Determination of benefits; computation of prorated benefits. 416.421 Section 416.421 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Amount of Benefits § 416.421 Determination of benefits...

78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-28

... information as part of the research needed to write a NIST Special Publication (SP) to help Computer Security.... The NIST SP will identify technical standards, methodologies, procedures, and processes that facilitate prompt and effective response. This RFI requests information regarding technical best practices...

48 CFR 352.239-70 - Standard for security configurations.

Code of Federal Regulations, 2013 CFR

2013-10-01

... configure its computers that contain HHS data with the applicable Federal Desktop Core Configuration (FDCC) (see http://nvd.nist.gov/fdcc/index.cfm) and ensure that its computers have and maintain the latest... technology (IT) that is used to process information on behalf of HHS. The following security configuration...