Dynamic Attack Tree Tool for Risk Assessments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Black, Karl

2012-03-13

DATT enables interactive visualization, qualitative analysis and recording of cyber and other forms of risk. It facilitates dynamic risk-based approaches (as opposed to static compliance-based) to security and risk management in general. DATT allows decision makers to consistently prioritize risk mitigation strategies and quickly see where attention is most needed across the enterprise.

Organizing to Understand: How to Operate Effectively in the Human Domain

DTIC Science & Technology

2015-05-21

study of ethno- cultural dynamics. Instead of culture-specific training, intercultural learning seeks to develop the skills at bridging communication ...national security community and military practitioners. To deal with the increasingly important human aspects, the US military has proposed the...studies of the early years of Operation Iraqi Freedom provide sufficient material with which to analyze how the security community has approached issues

Sliding Mode Approaches for Robust Control, State Estimation, Secure Communication, and Fault Diagnosis in Nuclear Systems

NASA Astrophysics Data System (ADS)

Ablay, Gunyaz

Using traditional control methods for controller design, parameter estimation and fault diagnosis may lead to poor results with nuclear systems in practice because of approximations and uncertainties in the system models used, possibly resulting in unexpected plant unavailability. This experience has led to an interest in development of robust control, estimation and fault diagnosis methods. One particularly robust approach is the sliding mode control methodology. Sliding mode approaches have been of great interest and importance in industry and engineering in the recent decades due to their potential for producing economic, safe and reliable designs. In order to utilize these advantages, sliding mode approaches are implemented for robust control, state estimation, secure communication and fault diagnosis in nuclear plant systems. In addition, a sliding mode output observer is developed for fault diagnosis in dynamical systems. To validate the effectiveness of the methodologies, several nuclear plant system models are considered for applications, including point reactor kinetics, xenon concentration dynamics, an uncertain pressurizer model, a U-tube steam generator model and a coupled nonlinear nuclear reactor model.

Dynamic, stochastic models for congestion pricing and congestion securities.

DOT National Transportation Integrated Search

2010-12-01

This research considers congestion pricing under demand uncertainty. In particular, a robust optimization (RO) approach is applied to optimal congestion pricing problems under user equilibrium. A mathematical model is developed and an analysis perfor...

A fast key generation method based on dynamic biometrics to secure wireless body sensor networks for p-health.

PubMed

Zhang, G H; Poon, Carmen C Y; Zhang, Y T

2010-01-01

Body sensor networks (BSNs) have emerged as a new technology for healthcare applications, but the security of communication in BSNs remains a formidable challenge yet to be resolved. The paper discusses the typical attacks faced by BSNs and proposes a fast biometric based approach to generate keys for ensuing confidentiality and authentication in BSN communications. The approach was tested on 900 segments of electrocardiogram. Each segment was 4 seconds long and used to generate a 128-bit key. The results of the study found that entropy of 96% of the keys were above 0.95 and 99% of the hamming distances calculated from any two keys were above 50 bits. Based on the randomness and distinctiveness of these keys, it is concluded that the fast biometric based approach has great potential to be used to secure communication in BSNs for health applications.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

PubMed

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

Calibration of Reduced Dynamic Models of Power Systems using Phasor Measurement Unit (PMU) Data

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zhou, Ning; Lu, Shuai; Singh, Ruchi

2011-09-23

Accuracy of a power system dynamic model is essential to the secure and efficient operation of the system. Lower confidence on model accuracy usually leads to conservative operation and lowers asset usage. To improve model accuracy, identification algorithms have been developed to calibrate parameters of individual components using measurement data from staged tests. To facilitate online dynamic studies for large power system interconnections, this paper proposes a model reduction and calibration approach using phasor measurement unit (PMU) data. First, a model reduction method is used to reduce the number of dynamic components. Then, a calibration algorithm is developed to estimatemore » parameters of the reduced model. This approach will help to maintain an accurate dynamic model suitable for online dynamic studies. The performance of the proposed method is verified through simulation studies.« less

Whole Building Design Objectives for Campus Safety and Security: A System Dynamics Approach

ERIC Educational Resources Information Center

Oakes, Charles G.

2010-01-01

The May/June 2009 issue of "Facilities Manager" introduced APPA readers to the Whole Building Design Guide (WBDG)--today's most comprehensive Internet-based depository of resources contributing to a systems approach for everything of a building nature. The emphasis in that article was on Operations and Maintenance (O&M) issues and procedures. In…

An analytic approach to cyber adversarial dynamics

NASA Astrophysics Data System (ADS)

Sweeney, Patrick; Cybenko, George

2012-06-01

To date, cyber security investment by both the government and commercial sectors has been largely driven by the myopic best response of players to the actions of their adversaries and their perception of the adversarial environment. However, current work in applying traditional game theory to cyber operations typically assumes that games exist with prescribed moves, strategies, and payos. This paper presents an analytic approach to characterizing the more realistic cyber adversarial metagame that we believe is being played. Examples show that understanding the dynamic metagame provides opportunities to exploit an adversary's anticipated attack strategy. A dynamic version of a graph-based attack-defend game is introduced, and a simulation shows how an optimal strategy can be selected for success in the dynamic environment.

Moving Target Techniques: Leveraging Uncertainty for CyberDefense

DTIC Science & Technology

2015-12-15

cyberattacks is a continual struggle for system managers. Attackers often need only find one vulnerability (a flaw or bug that an attacker can exploit...additional parsing code itself could have security-relevant software bugs . Dynamic  Network   Techniques in the dynamic network domain change the...evaluation of MT techniques can benefit from a variety of evaluation approaches, including abstract analysis, modeling and simulation, test bed

The Dynamics of Relationships: A Guide for Developing Self-Esteem and Coping Skills for Teens and Young Adults. Teacher Manual Books 1 and 2.

ERIC Educational Resources Information Center

Kramer, Patricia; Hockman, Fyllis, Ed.

The "Dynamics of Relationships" program was originally designed as a preventive approach to the many social ills affecting young people and families today. This teacher's manual for the program provides objectives and activities for helping students develop and maintain a strong and secure self-image, effective communication and coping…

A Dynamic Intrusion Detection System Based on Multivariate Hotelling's T2 Statistics Approach for Network Environments

PubMed Central

Avalappampatty Sivasamy, Aneetha; Sundan, Bose

2015-01-01

The ever expanding communication requirements in today's world demand extensive and efficient network systems with equally efficient and reliable security features integrated for safe, confident, and secured communication and data transfer. Providing effective security protocols for any network environment, therefore, assumes paramount importance. Attempts are made continuously for designing more efficient and dynamic network intrusion detection models. In this work, an approach based on Hotelling's T2 method, a multivariate statistical analysis technique, has been employed for intrusion detection, especially in network environments. Components such as preprocessing, multivariate statistical analysis, and attack detection have been incorporated in developing the multivariate Hotelling's T2 statistical model and necessary profiles have been generated based on the T-square distance metrics. With a threshold range obtained using the central limit theorem, observed traffic profiles have been classified either as normal or attack types. Performance of the model, as evaluated through validation and testing using KDD Cup'99 dataset, has shown very high detection rates for all classes with low false alarm rates. Accuracy of the model presented in this work, in comparison with the existing models, has been found to be much better. PMID:26357668

A Dynamic Intrusion Detection System Based on Multivariate Hotelling's T2 Statistics Approach for Network Environments.

PubMed

Sivasamy, Aneetha Avalappampatty; Sundan, Bose

2015-01-01

The ever expanding communication requirements in today's world demand extensive and efficient network systems with equally efficient and reliable security features integrated for safe, confident, and secured communication and data transfer. Providing effective security protocols for any network environment, therefore, assumes paramount importance. Attempts are made continuously for designing more efficient and dynamic network intrusion detection models. In this work, an approach based on Hotelling's T(2) method, a multivariate statistical analysis technique, has been employed for intrusion detection, especially in network environments. Components such as preprocessing, multivariate statistical analysis, and attack detection have been incorporated in developing the multivariate Hotelling's T(2) statistical model and necessary profiles have been generated based on the T-square distance metrics. With a threshold range obtained using the central limit theorem, observed traffic profiles have been classified either as normal or attack types. Performance of the model, as evaluated through validation and testing using KDD Cup'99 dataset, has shown very high detection rates for all classes with low false alarm rates. Accuracy of the model presented in this work, in comparison with the existing models, has been found to be much better.

a Statistical Dynamic Approach to Structural Evolution of Complex Capital Market Systems

NASA Astrophysics Data System (ADS)

Shao, Xiao; Chai, Li H.

As an important part of modern financial systems, capital market has played a crucial role on diverse social resource allocations and economical exchanges. Beyond traditional models and/or theories based on neoclassical economics, considering capital markets as typical complex open systems, this paper attempts to develop a new approach to overcome some shortcomings of the available researches. By defining the generalized entropy of capital market systems, a theoretical model and nonlinear dynamic equation on the operations of capital market are proposed from statistical dynamic perspectives. The US security market from 1995 to 2001 is then simulated and analyzed as a typical case. Some instructive results are discussed and summarized.

Security and Dependability Solutions for Web Services and Workflows

NASA Astrophysics Data System (ADS)

Kokolakis, Spyros; Rizomiliotis, Panagiotis; Benameur, Azzedine; Sinha, Smriti Kumar

In this chapter we present an innovative approach towards the design and application of Security and Dependability (S&D) solutions for Web services and service-based workflows. Recently, several standards have been published that prescribe S&D solutions for Web services, e.g. OASIS WS-Security. However,the application of these solutions in specific contexts has been proven problematic. We propose a new framework for the application of such solutions based on the SERENITY S&D Pattern concept. An S&D Pattern comprises all the necessary information for the implementation, verification, deployment, and active monitoring of an S&D Solution. Thus, system developers may rely on proven solutions that are dynamically deployed and monitored by the Serenity Runtime Framework. Finally, we further extend this approach to cover the case of executable workflows which are realised through the orchestration of Web services.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

PubMed Central

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

Network gateway security method for enterprise Grid: a literature review

NASA Astrophysics Data System (ADS)

Sujarwo, A.; Tan, J.

2017-03-01

The computational Grid has brought big computational resources closer to scientists. It enables people to do a large computational job anytime and anywhere without any physical border anymore. However, the massive and spread of computer participants either as user or computational provider arise problems in security. The challenge is on how the security system, especially the one which filters data in the gateway could works in flexibility depends on the registered Grid participants. This paper surveys what people have done to approach this challenge, in order to find the better and new method for enterprise Grid. The findings of this paper is the dynamically controlled enterprise firewall to secure the Grid resources from unwanted connections with a new firewall controlling method and components.

Bio-inspired secure data mules for medical sensor network

NASA Astrophysics Data System (ADS)

Muraleedharan, Rajani; Gao, Weihua; Osadciw, Lisa A.

2010-04-01

Medical sensor network consist of heterogeneous nodes, wireless, mobile and wired with varied functionality. The resources at each sensor require to be exploited minimally while sensitive information is sensed and communicated to its access points using secure data mules. In this paper, we analyze the flat architecture, where different functionality and priority information require varied resources forms a non-deterministic polynomial-time hard problem. Hence, a bio-inspired data mule that helps to obtain dynamic multi-objective solution with minimal resource and secure path is applied. The performance of the proposed approach is based on reduced latency, data delivery rate and resource cost.

Security in MANETs using reputation-adjusted routing

NASA Astrophysics Data System (ADS)

Ondi, Attila; Hoffman, Katherine; Perez, Carlos; Ford, Richard; Carvalho, Marco; Allen, William

2009-04-01

Mobile Ad-Hoc Networks enable communication in various dynamic environments, including military combat operations. Their open and shared communication medium enables new forms of attack that are not applicable for traditional wired networks. Traditional security mechanisms and defense techniques are not prepared to cope with the new attacks and the lack of central authorities make identity verifications difficult. This work extends our previous work in the Biologically Inspired Tactical Security Infrastructure to provide a reputation-based weighing mechanism for linkstate routing protocols to protect the network from attackers that are corrupting legitimate network traffic. Our results indicate that the approach is successful in routing network traffic around compromised computers.

Random Time Identity Based Firewall In Mobile Ad hoc Networks

NASA Astrophysics Data System (ADS)

Suman, Patel, R. B.; Singh, Parvinder

2010-11-01

A mobile ad hoc network (MANET) is a self-organizing network of mobile routers and associated hosts connected by wireless links. MANETs are highly flexible and adaptable but at the same time are highly prone to security risks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized control. Firewall is an effective means of protecting a local network from network-based security threats and forms a key component in MANET security architecture. This paper presents a review of firewall implementation techniques in MANETs and their relative merits and demerits. A new approach is proposed to select MANET nodes at random for firewall implementation. This approach randomly select a new node as firewall after fixed time and based on critical value of certain parameters like power backup. This approach effectively balances power and resource utilization of entire MANET because responsibility of implementing firewall is equally shared among all the nodes. At the same time it ensures improved security for MANETs from outside attacks as intruder will not be able to find out the entry point in MANET due to the random selection of nodes for firewall implementation.

Information Security Analysis Using Game Theory and Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schlicher, Bob G; Abercrombie, Robert K

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions aremore » always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.« less

ID201202961, DOE S-124,539, Information Security Analysis Using Game Theory and Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G

Information security analysis can be performed using game theory implemented in dynamic simulations of Agent Based Models (ABMs). Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. Our approach addresses imperfect information and scalability that allows us to also address previous limitations of current stochastic game models. Such models only consider perfect information assuming that the defender is always able to detect attacks; assuming that the state transition probabilities are fixed before the game assuming that the players actions aremore » always synchronous; and that most models are not scalable with the size and complexity of systems under consideration. Our use of ABMs yields results of selected experiments that demonstrate our proposed approach and provides a quantitative measure for realistic information systems and their related security scenarios.« less

Emerging Agricultural Biotechnologies for Sustainable Agriculture and Food Security.

PubMed

Anderson, Jennifer A; Gipmans, Martijn; Hurst, Susan; Layton, Raymond; Nehra, Narender; Pickett, John; Shah, Dilip M; Souza, Thiago Lívio P O; Tripathi, Leena

2016-01-20

As global populations continue to increase, agricultural productivity will be challenged to keep pace without overtaxing important environmental resources. A dynamic and integrated approach will be required to solve global food insecurity and position agriculture on a trajectory toward sustainability. Genetically modified (GM) crops enhanced through modern biotechnology represent an important set of tools that can promote sustainable agriculture and improve food security. Several emerging biotechnology approaches were discussed in a recent symposium organized at the 13th IUPAC International Congress of Pesticide Chemistry meeting in San Francisco, CA, USA. This paper summarizes the innovative research and several of the new and emerging technologies within the field of agricultural biotechnology that were presented during the symposium. This discussion highlights how agricultural biotechnology fits within the context of sustainable agriculture and improved food security and can be used in support of further development and adoption of beneficial GM crops.

Safely Enabling UAS Operations in Low-Altitude Airspace

NASA Technical Reports Server (NTRS)

Kopardekar, Parimal H.

2016-01-01

Flexibility where possible, and structure where necessary. Consider the needs of national security, safe airspace operations, economic opportunities, and emerging technologies. Risk-based approach based on population density, assets on the ground, density of operations, etc. Digital, virtual, dynamic, and as needed UTM services to manage operations.

MulVAL Extensions for Dynamic Asset Protection

DTIC Science & Technology

2006-04-01

called Skybox Security and an AI-based project called CycSecure were identified as interesting and relatively mature projects, which deserve closer...dynamic asset protection solution. A critique of the Skybox Security and CycSecure solutions, with respect to the requirements of dynamic asset...particulièrement, un produit du commerce appelé Skybox Security et un projet d’IA appelé CycSecure ont été désignés comme étant des projets

Novel secret key generation techniques using memristor devices

NASA Astrophysics Data System (ADS)

Abunahla, Heba; Shehada, Dina; Yeun, Chan Yeob; Mohammad, Baker; Jaoude, Maguy Abi

2016-02-01

This paper proposes novel secret key generation techniques using memristor devices. The approach depends on using the initial profile of a memristor as a master key. In addition, session keys are generated using the master key and other specified parameters. In contrast to existing memristor-based security approaches, the proposed development is cost effective and power efficient since the operation can be achieved with a single device rather than a crossbar structure. An algorithm is suggested and demonstrated using physics based Matlab model. It is shown that the generated keys can have dynamic size which provides perfect security. Moreover, the proposed encryption and decryption technique using the memristor based generated keys outperforms Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) in terms of processing time. This paper is enriched by providing characterization results of a fabricated microscale Al/TiO2/Al memristor prototype in order to prove the concept of the proposed approach and study the impacts of process variations. The work proposed in this paper is a milestone towards System On Chip (SOC) memristor based security.

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

Comparison Between Self-Guided Langevin Dynamics and Molecular Dynamics Simulations for Structure Refinement of Protein Loop Conformations

DTIC Science & Technology

2011-01-01

SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT Same as Report (SAR) 18 . NUMBER OF PAGES 9 19a. NAME OF RESPONSIBLE PERSON a. REPORT...unclassified b. ABSTRACT unclassified c. THIS PAGE unclassified Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39- 18 sampling is based on...atom distance-scaled ideal-gas reference state (DFIRE-AA) statistical potential func- tion.[ 18 ] The third approach is the Rosetta all-atom energy func

Practice brief. Securing wireless technology for healthcare.

PubMed

Retterer, John; Casto, Brian W

2004-05-01

Wireless networking can be a very complex science, requiring an understanding of physics and the electromagnetic spectrum. While the radio theory behind the technology can be challenging, a basic understanding of wireless networking can be sufficient for small-scale deployment. Numerous security mechanisms are available to wireless technologies, making it practical, scalable, and affordable for healthcare organizations. The decision on the selected security model should take into account the needs for additional server hardware and administrative costs. Where wide area network connections exist between cooperative organizations, deployment of a distributed security model can be considered to reduce administrative overhead. The wireless approach chosen should be dynamic and concentrate on the organization's specific environmental needs. Aspects of organizational mission, operations, service level, and budget allotment as well as an organization's risk tolerance are all part of the balance in the decision to deploy wireless technology.

Type-Based Access Control in Data-Centric Systems

NASA Astrophysics Data System (ADS)

Caires, Luís; Pérez, Jorge A.; Seco, João Costa; Vieira, Hugo Torres; Ferrão, Lúcio

Data-centric multi-user systems, such as web applications, require flexible yet fine-grained data security mechanisms. Such mechanisms are usually enforced by a specially crafted security layer, which adds extra complexity and often leads to error prone coding, easily causing severe security breaches. In this paper, we introduce a programming language approach for enforcing access control policies to data in data-centric programs by static typing. Our development is based on the general concept of refinement type, but extended so as to address realistic and challenging scenarios of permission-based data security, in which policies dynamically depend on the database state, and flexible combinations of column- and row-level protection of data are necessary. We state and prove soundness and safety of our type system, stating that well-typed programs never break the declared data access control policies.

Ecosystem and Food Security in a Changing Climate

NASA Astrophysics Data System (ADS)

Field, C. B.

2011-12-01

Observed and projected impacts of climate change for ecosystem and food security tend to appear as changes in the risk of both desirable and undesirable outcomes. As a consequence, it is useful to frame the challenge of adaptation to a changing climate as a problem in risk management. For some kinds of impacts, the risks are relatively well characterized. For others, they are poorly known. Especially for the cases where the risks are poorly known, effective adaptation will need to consider approaches that build dynamic portfolios of options, based on learning from experience. Effective adaptation approaches also need to consider the risks of threshold-type responses, where opportunities for gradual adaptation based on learning may be limited. Finally, effective adaptation should build on the understanding that negative impacts on ecosystems and food security often result from extreme events, where a link to climate change may be unclear now and far into the future. Ecosystem and food security impacts that potentially require adaptation to a changing climate vary from region to region and interact strongly with actions not related to climate. In many ecosystems, climate change shifts the risk profile to increase risks of wildfire and biological invasions. Higher order risks from factors like pests and pathogens remain difficult to quantify. For food security, observational evidence highlights threshold-like behavior to high temperature in yields of a number of crops. But the risks to food security may be much broader, encompassing risks to availability of irrigation, degradation of topsoil, and challenges of storage and distribution. A risk management approach facilitates consideration of all these challenges with a unified framework.

A dynamic process of health risk assessment for business continuity management during the World Exposition Shanghai, China, 2010.

PubMed

Sun, Xiaodong; Keim, Mark; Dong, Chen; Mahany, Mollie; Guo, Xiang

2014-01-01

Reports of health issues related to mass gatherings around the world have indicated a potential for public health and medical emergencies to occur on a scale that could place a significant impact on business continuity for national and international organisations. This paper describes a risk assessment process for business continuity management that was performed as part of the planning efforts related to the World Expo 2010 Shanghai China (Expo), the world's largest mass gathering to date. Altogether, 73 million visitors attended the Expo, generating over US$2bn of revenue. During 2008 to 2010, the Shanghai Municipal Center for Disease Control and Prevention performed a dynamic series of four disaster risk assessments before and during the Expo. The purpose of this assessment process was to identify, analyse and evaluate risks for public health security during different stages of the Expo. This paper describes an overview of the novel approach for this multiple and dynamic process of assessment of health security risk for ensuring business continuity.

Unmanned Aerial Systems Traffic Management (UTM): Safely Enabling UAS Operations in Low-Altitude Airspace

NASA Technical Reports Server (NTRS)

Jung, Jaewoo; Kopardekar, Parimal H.

2016-01-01

Flexibility where possible, and structure where necessary. Consider the needs of national security, safe airspace operations, economic opportunities, and emerging technologies. Risk-based approach based on population density, assets on the ground, density of operations, etc. Digital, virtual, dynamic, and as needed UTM services to manage operations.

Unmanned Aerial Systems Traffic Management (UTM): Safely Enabling UAS Operations in Low-Altitude Airspace

NASA Technical Reports Server (NTRS)

Kopardekar, Parimal H.; Cavolowsky, John

2015-01-01

Flexibility where possible, and structure where necessary. Consider the needs of national security, safe airspace operations, economic opportunities, and emerging technologies. Risk-based approach based on population density, assets on the ground, density of operations, etc. Digital, virtual, dynamic, and as needed UTM services to manage operations.

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

XNsim: Internet-Enabled Collaborative Distributed Simulation via an Extensible Network

NASA Technical Reports Server (NTRS)

Novotny, John; Karpov, Igor; Zhang, Chendi; Bedrossian, Nazareth S.

2007-01-01

In this paper, the XNsim approach to achieve Internet-enabled, dynamically scalable collaborative distributed simulation capabilities is presented. With this approach, a complete simulation can be assembled from shared component subsystems written in different formats, that run on different computing platforms, with different sampling rates, in different geographic locations, and over singlelmultiple networks. The subsystems interact securely with each other via the Internet. Furthermore, the simulation topology can be dynamically modified. The distributed simulation uses a combination of hub-and-spoke and peer-topeer network topology. A proof-of-concept demonstrator is also presented. The XNsim demonstrator can be accessed at http://www.jsc.draver.corn/xn that hosts various examples of Internet enabled simulations.

A Game Theory Based Solution for Security Challenges in CRNs

NASA Astrophysics Data System (ADS)

Poonam; Nagpal, Chander Kumar

2018-03-01

Cognitive radio networks (CRNs) are being envisioned to drive the next generation Ad hoc wireless networks due to their ability to provide communications resilience in continuously changing environments through the use of dynamic spectrum access. Conventionally CRNs are dependent upon the information gathered by other secondary users to ensure the accuracy of spectrum sensing making them vulnerable to security attacks leading to the need of security mechanisms like cryptography and trust. However, a typical cryptography based solution is not a viable security solution for CRNs owing to their limited resources. Effectiveness of trust based approaches has always been, in question, due to credibility of secondary trust resources. Game theory with its ability to optimize in an environment of conflicting interests can be quite a suitable tool to manage an ad hoc network in the presence of autonomous selfish/malevolent/malicious and attacker nodes. The literature contains several theoretical proposals for augmenting game theory in the ad hoc networks without explicit/detailed implementation. This paper implements a game theory based solution in MATLAB-2015 to secure the CRN environment and compares the obtained results with the traditional approaches of trust and cryptography. The simulation result indicates that as the time progresses the game theory performs much better with higher throughput, lower jitter and better identification of selfish/malicious nodes.

Biomechanical analysis of occupant kinematics in rollover motor vehicle accidents: dynamic spit test.

PubMed

Sances, Anthony; Kumaresan, Srirangam; Clarke, Richard; Herbst, Brian; Meyer, Steve

2005-01-01

A better understanding of occupant kinematics in rollover accidents helps to advance biomechanical knowledge and to enhance the safety features of motor vehicles. While many rollover accident simulation studies have adopted the static approach to delineate the occupant kinematics in rollover accidents, very few studies have attempted the dynamic approach. The present work was designed to study the biomechanics of restrained occupants during rollover accidents using the steady-state dynamic spit test and to address the importance of keeping the lap belt fastened. Experimental tests were conducted using an anthropometric 50% Hybrid III dummy in a vehicle. The vehicle was rotated at 180 degrees/second and the dummy was restrained using a standard three-point restraint system. The lap belt of the dummy was fastened either by using the cinching latch plate or by locking the retractor. Three configurations of shoulder belt harness were simulated: shoulder belt loose on chest with cinch plate, shoulder belt under the left arm and shoulder belt behind the chest. In all tests, the dummy stayed within the confinement of the vehicle indicating that the securely fastened lap belt holds the dummy with dynamic movement of 3 1/2" to 4". The results show that occupant movement in rollover accidents is least affected by various shoulder harness positions with a securely fastened lap belt. The present study forms a first step in delineating the biomechanics of occupants in rollover accidents.

Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

PubMed Central

Paramasivan, B.; Kaliappan, M.

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP. PMID:25143986

Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

PubMed

Paramasivan, B; Kaliappan, M

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

Modeling of Pedestrian Flows Using Hybrid Models of Euler Equations and Dynamical Systems

NASA Astrophysics Data System (ADS)

Bärwolff, Günter; Slawig, Thomas; Schwandt, Hartmut

2007-09-01

In the last years various systems have been developed for controlling, planning and predicting the traffic of persons and vehicles, in particular under security aspects. Going beyond pure counting and statistical models, approaches were found to be very adequate and accurate which are based on well-known concepts originally developed in very different research areas, namely continuum mechanics and computer science. In the present paper, we outline a continuum mechanical approach for the description of pedestrain flow.

Control and Communication for a Secure and Reconfigurable Power Distribution System

NASA Astrophysics Data System (ADS)

Giacomoni, Anthony Michael

A major transformation is taking place throughout the electric power industry to overlay existing electric infrastructure with advanced sensing, communications, and control system technologies. This transformation to a smart grid promises to enhance system efficiency, increase system reliability, support the electrification of transportation, and provide customers with greater control over their electricity consumption. Upgrading control and communication systems for the end-to-end electric power grid, however, will present many new security challenges that must be dealt with before extensive deployment and implementation of these technologies can begin. In this dissertation, a comprehensive systems approach is taken to minimize and prevent cyber-physical disturbances to electric power distribution systems using sensing, communications, and control system technologies. To accomplish this task, an intelligent distributed secure control (IDSC) architecture is presented and validated in silico for distribution systems to provide greater adaptive protection, with the ability to proactively reconfigure, and rapidly respond to disturbances. Detailed descriptions of functionalities at each layer of the architecture as well as the whole system are provided. To compare the performance of the IDSC architecture with that of other control architectures, an original simulation methodology is developed. The simulation model integrates aspects of cyber-physical security, dynamic price and demand response, sensing, communications, intermittent distributed energy resources (DERs), and dynamic optimization and reconfiguration. Applying this comprehensive systems approach, performance results for the IEEE 123 node test feeder are simulated and analyzed. The results show the trade-offs between system reliability, operational constraints, and costs for several control architectures and optimization algorithms. Additional simulation results are also provided. In particular, the advantages of an IDSC architecture are highlighted when an intermittent DER is present on the system.

Dynamic and adaptive policy models for coalition operations

NASA Astrophysics Data System (ADS)

Verma, Dinesh; Calo, Seraphin; Chakraborty, Supriyo; Bertino, Elisa; Williams, Chris; Tucker, Jeremy; Rivera, Brian; de Mel, Geeth R.

2017-05-01

It is envisioned that the success of future military operations depends on the better integration, organizationally and operationally, among allies, coalition members, inter-agency partners, and so forth. However, this leads to a challenging and complex environment where the heterogeneity and dynamism in the operating environment intertwines with the evolving situational factors that affect the decision-making life cycle of the war fighter. Therefore, the users in such environments need secure, accessible, and resilient information infrastructures where policy-based mechanisms adopt the behaviours of the systems to meet end user goals. By specifying and enforcing a policy based model and framework for operations and security which accommodates heterogeneous coalitions, high levels of agility can be enabled to allow rapid assembly and restructuring of system and information resources. However, current prevalent policy models (e.g., rule based event-condition-action model and its variants) are not sufficient to deal with the highly dynamic and plausibly non-deterministic nature of these environments. Therefore, to address the above challenges, in this paper, we present a new approach for policies which enables managed systems to take more autonomic decisions regarding their operations.

Diffractive optical variable image devices generated by maskless interferometric lithography for optical security

NASA Astrophysics Data System (ADS)

Cabral, Alexandre; Rebordão, José M.

2011-05-01

In optical security (protection against forgery and counterfeit of products and documents) the problem is not exact reproduction but the production of something sufficiently similar to the original. Currently, Diffractive Optically Variable Image Devices (DOVID), that create dynamic chromatic effects which may be easily recognized but are difficult to reproduce, are often used to protect important products and documents. Well known examples of DOVID for security are 3D or 2D/3D holograms in identity documents and credit cards. Others are composed of shapes with different types of microstructures yielding by diffraction to chromatic dynamic effects. A maskless interferometric lithography technique to generate DOVIDs for optical security is presented and compared to traditional techniques. The approach can be considered as a self-masking focused holography on planes tilted with respect to the reference optical axes of the system, and is based on the Scheimpflug and Hinge rules. No physical masks are needed to ensure optimum exposure of the photosensitive film. The system built to demonstrate the technique relies on the digital mirrors device MOEMS technology from Texas Instruments' Digital Light Processing. The technique is linear on the number of specified colors and does not depend either on the area of the device or the number of pixels, factors that drive the complexity of dot-matrix based systems. The results confirmed the technique innovation and capabilities in the creation of diffractive optical elements for security against counterfeiting and forgery.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aderholdt, Ferrol; Caldwell, Blake A.; Hicks, Susan Elaine

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges formore » the use of shared infrastructure in HPC environments. This report details current state-of-the-art in reconfigurable network enclaving through Software Defined Networking (SDN) and Network Function Virtualization (NFV) and their applicability to secure enclaves in HPC environments. SDN and NFV methods are based on a solid foundation of system wide virtualization. The purpose of which is very straight forward, the system administrator can deploy networks that are more amenable to customer needs, and at the same time achieve increased scalability making it easier to increase overall capacity as needed without negatively affecting functionality. The network administration of both the server system and the virtual sub-systems is simplified allowing control of the infrastructure through well-defined APIs (Application Programming Interface). While SDN and NFV technologies offer significant promise in meeting these goals, they also provide the ability to address a significant component of the multi-tenant challenge in HPC environments, namely resource isolation. Traditional HPC systems are built upon scalable high-performance networking technologies designed to meet specific application requirements. Dynamic isolation of resources within these environments has remained difficult to achieve. SDN and NFV methodology provide us with relevant concepts and available open standards based APIs that isolate compute and storage resources within an otherwise common networking infrastructure. Additionally, the integration of the networking APIs within larger system frameworks such as OpenStack provide the tools necessary to establish isolated enclaves dynamically allowing the benefits of HPC while providing a controlled security structure surrounding these systems.« less

Information Security: A Scientometric Study of the Profile, Structure, and Dynamics of an Emerging Scholarly Specialty

ERIC Educational Resources Information Center

Olijnyk, Nicholas Victor

2014-01-01

The central aim of the current research is to explore and describe the profile, dynamics, and structure of the information security specialty. This study's objectives are guided by four research questions: 1. What are the salient features of information security as a specialty? 2. How has the information security specialty emerged and evolved from…

Freshwater as shared between society and ecosystems: from divided approaches to integrated challenges.

PubMed

Falkenmark, Malin

2003-12-29

The paper has its focus on water's key functions behind ecosystem dynamics and the water-related balancing involved in a catchment-based ecosystem approach. A conceptual framework is being developed to address fundamental trade-offs between humans and ecosystems. This is done by paying attention to society's unavoidable landscape modifications and their unavoidable ecological effects mediated by water processes. Because the coevolution of societal and environmental processes indicates resonance rather than a cause-effect relationship, humanity will have to learn to live with change while securing ecosystem resilience. In view of the partial incompatibility of the social imperative of the millennium goals and its environmental sustainability goal, human activities and ecosystems have to be orchestrated for compatibility. To this end a catchment-based approach has to be taken by integrating water, land use and ecosystems. It is being suggested that ecosystem protection has to be thought of in two scales: site-specific biotic landscape components to be protected for their social value, and a catchment-based ecosystem approach to secure sustainable supply of crucial ecosystem goods and services on which social and economic development depends.

An energy-efficient and secure hybrid algorithm for wireless sensor networks using a mobile data collector

NASA Astrophysics Data System (ADS)

Dayananda, Karanam Ravichandran; Straub, Jeremy

2017-05-01

This paper proposes a new hybrid algorithm for security, which incorporates both distributed and hierarchal approaches. It uses a mobile data collector (MDC) to collect information in order to save energy of sensor nodes in a wireless sensor network (WSN) as, in most networks, these sensor nodes have limited energy. Wireless sensor networks are prone to security problems because, among other things, it is possible to use a rogue sensor node to eavesdrop on or alter the information being transmitted. To prevent this, this paper introduces a security algorithm for MDC-based WSNs. A key use of this algorithm is to protect the confidentiality of the information sent by the sensor nodes. The sensor nodes are deployed in a random fashion and form group structures called clusters. Each cluster has a cluster head. The cluster head collects data from the other nodes using the time-division multiple access protocol. The sensor nodes send their data to the cluster head for transmission to the base station node for further processing. The MDC acts as an intermediate node between the cluster head and base station. The MDC, using its dynamic acyclic graph path, collects the data from the cluster head and sends it to base station. This approach is useful for applications including warfighting, intelligent building and medicine. To assess the proposed system, the paper presents a comparison of its performance with other approaches and algorithms that can be used for similar purposes.

Ecological and evolutionary approaches to managing honeybee disease.

PubMed

Brosi, Berry J; Delaplane, Keith S; Boots, Michael; de Roode, Jacobus C

2017-09-01

Honeybee declines are a serious threat to global agricultural security and productivity. Although multiple factors contribute to these declines, parasites are a key driver. Disease problems in honeybees have intensified in recent years, despite increasing attention to addressing them. Here we argue that we must focus on the principles of disease ecology and evolution to understand disease dynamics, assess the severity of disease threats, and control these threats via honeybee management. We cover the ecological context of honeybee disease, including both host and parasite factors driving current transmission dynamics, and then discuss evolutionary dynamics including how beekeeping management practices may drive selection for more virulent parasites. We then outline how ecological and evolutionary principles can guide disease mitigation in honeybees, including several practical management suggestions for addressing short- and long-term disease dynamics and consequences.

An effective and secure key-management scheme for hierarchical access control in E-medicine system.

PubMed

Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

2013-04-01

Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

Aviation Security Cooperation: Advancing Global Vigilance, Global Reach, and Global Power in a Dynamic World

DTIC Science & Technology

2014-10-01

Views September–October 2014 Air & Space Power Journal | 92 Aviation Security Cooperation Advancing Global Vigilance, Global Reach, and Global Power...2014 to 00-00-2014 4. TITLE AND SUBTITLE Aviation Security Cooperation: Advancing Global Vigilance, Global Reach, and Global Power in a Dynamic

Prospective in-patient cohort study of moves between levels of therapeutic security: the DUNDRUM-1 triage security, DUNDRUM-3 programme completion and DUNDRUM-4 recovery scales and the HCR-20.

PubMed

Davoren, Mary; O'Dwyer, Sarah; Abidin, Zareena; Naughton, Leena; Gibbons, Olivia; Doyle, Elaine; McDonnell, Kim; Monks, Stephen; Kennedy, Harry G

2012-07-13

We examined whether new structured professional judgment instruments for assessing need for therapeutic security, treatment completion and recovery in forensic settings were related to moves from higher to lower levels of therapeutic security and added anything to assessment of risk. This was a prospective naturalistic twelve month observational study of a cohort of patients in a forensic hospital placed according to their need for therapeutic security along a pathway of moves from high to progressively less secure units in preparation for discharge. Patients were assessed using the DUNDRUM-1 triage security scale, the DUNDRUM-3 programme completion scale and the DUNDRUM-4 recovery scale and assessments of risk of violence, self harm and suicide, symptom severity and global function. Patients were subsequently observed for positive moves to less secure units and negative moves to more secure units. There were 86 male patients at baseline with mean follow-up 0.9 years, 11 positive and 9 negative moves. For positive moves, logistic regression indicated that along with location at baseline, the DUNDRUM-1, HCR-20 dynamic and PANSS general symptom scores were associated with subsequent positive moves. The receiver operating characteristic was significant for the DUNDRUM-1 while ANOVA co-varying for both location at baseline and HCR-20 dynamic score was significant for DUNDRUM-1. For negative moves, logistic regression showed DUNDRUM-1 and HCR-20 dynamic scores were associated with subsequent negative moves, along with DUNDRUM-3 and PANSS negative symptoms in some models. The receiver operating characteristic was significant for the DUNDRUM-4 recovery and HCR-20 dynamic scores with DUNDRUM-1, DUNDRUM-3, PANSS general and GAF marginal. ANOVA co-varying for both location at baseline and HCR-20 dynamic scores showed only DUNDRUM-1 and PANSS negative symptoms associated with subsequent negative moves. Clinicians appear to decide moves based on combinations of current and imminent (dynamic) risk measured by HCR-20 dynamic score and historical seriousness of risk as measured by need for therapeutic security (DUNDRUM-1) in keeping with Scott's formulation of risk and seriousness. The DUNDRUM-3 programme completion and DUNDRUM-4 recovery scales have utility as dynamic measures that can off-set perceived 'dangerousness'.

Prospective in-patient cohort study of moves between levels of therapeutic security: the DUNDRUM-1 triage security, DUNDRUM-3 programme completion and DUNDRUM-4 recovery scales and the HCR-20

PubMed Central

2012-01-01

Background We examined whether new structured professional judgment instruments for assessing need for therapeutic security, treatment completion and recovery in forensic settings were related to moves from higher to lower levels of therapeutic security and added anything to assessment of risk. Methods This was a prospective naturalistic twelve month observational study of a cohort of patients in a forensic hospital placed according to their need for therapeutic security along a pathway of moves from high to progressively less secure units in preparation for discharge. Patients were assessed using the DUNDRUM-1 triage security scale, the DUNDRUM-3 programme completion scale and the DUNDRUM-4 recovery scale and assessments of risk of violence, self harm and suicide, symptom severity and global function. Patients were subsequently observed for positive moves to less secure units and negative moves to more secure units. Results There were 86 male patients at baseline with mean follow-up 0.9 years, 11 positive and 9 negative moves. For positive moves, logistic regression indicated that along with location at baseline, the DUNDRUM-1, HCR-20 dynamic and PANSS general symptom scores were associated with subsequent positive moves. The receiver operating characteristic was significant for the DUNDRUM-1 while ANOVA co-varying for both location at baseline and HCR-20 dynamic score was significant for DUNDRUM-1. For negative moves, logistic regression showed DUNDRUM-1 and HCR-20 dynamic scores were associated with subsequent negative moves, along with DUNDRUM-3 and PANSS negative symptoms in some models. The receiver operating characteristic was significant for the DUNDRUM-4 recovery and HCR-20 dynamic scores with DUNDRUM-1, DUNDRUM-3, PANSS general and GAF marginal. ANOVA co-varying for both location at baseline and HCR-20 dynamic scores showed only DUNDRUM-1 and PANSS negative symptoms associated with subsequent negative moves. Conclusions Clinicians appear to decide moves based on combinations of current and imminent (dynamic) risk measured by HCR-20 dynamic score and historical seriousness of risk as measured by need for therapeutic security (DUNDRUM-1) in keeping with Scott's formulation of risk and seriousness. The DUNDRUM-3 programme completion and DUNDRUM-4 recovery scales have utility as dynamic measures that can off-set perceived 'dangerousness'. PMID:22794187

Spatio-temporal dynamics of security investments in an interdependent risk environment

NASA Astrophysics Data System (ADS)

Shafi, Kamran; Bender, Axel; Zhong, Weicai; Abbass, Hussein A.

2012-10-01

In a globalised world where risks spread through contagion, the decision of an entity to invest in securing its premises from stochastic risks no longer depends solely on its own actions but also on the actions of other interacting entities in the system. This phenomenon is commonly seen in many domains including airline, logistics and computer security and is referred to as Interdependent Security (IDS). An IDS game models this decision problem from a game-theoretic perspective and deals with the behavioural dynamics of risk-reduction investments in such settings. This paper enhances this model and investigates the spatio-temporal aspects of the IDS games. The spatio-temporal dynamics are studied using simple replicator dynamics on a variety of network structures and for various security cost tradeoffs that lead to different Nash equilibria in an IDS game. The simulation results show that the neighbourhood configuration has a greater effect on the IDS game dynamics than network structure. An in-depth empirical analysis of game dynamics is carried out on regular graphs, which leads to the articulation of necessary and sufficient conditions for dominance in IDS games under spatial constraints.

Security policies and trust in ubiquitous computing.

PubMed

Joshi, Anupam; Finin, Tim; Kagal, Lalana; Parker, Jim; Patwardhan, Anand

2008-10-28

Ubiquitous environments comprise resource-constrained mobile and wearable devices and computational elements embedded in everyday artefacts. These are connected to each other using both infrastructure-based as well as short-range ad hoc networks. Limited Internet connectivity limits the use of conventional security mechanisms such as public key infrastructures and other forms of server-centric authentication. Under these circumstances, peer-to-peer interactions are well suited for not just information interchange, but also managing security and privacy. However, practical solutions for protecting mobile devices, preserving privacy, evaluating trust and determining the reliability and accuracy of peer-provided data in such interactions are still in their infancy. Our research is directed towards providing stronger assurances of the reliability and trustworthiness of information and services, and the use of declarative policy-driven approaches to handle the open and dynamic nature of such systems. This paper provides an overview of some of the challenges and issues, and points out directions for progress.

Ecological and evolutionary approaches to managing honey bee disease

PubMed Central

Brosi, Berry J.; Delaplane, Keith S.; Boots, Michael; de Roode, Jacobus C.

2017-01-01

Honey bee declines are a serious threat to global agricultural security and productivity. While multiple factors contribute to these declines, parasites are a key driver. Disease problems in honey bees have intensified in recent years, despite increasing attention to addressing them. Here we argue that we must focus on the principles of disease ecology and evolution to understand disease dynamics, assess the severity of disease threats, and manage these threats via honey bee management. We cover the ecological context of honey bee disease, including both host and parasite factors driving current transmission dynamics, and then discuss evolutionary dynamics including how beekeeping management practices may drive selection for more virulent parasites. We then outline how ecological and evolutionary principles can guide disease mitigation in honey bees, including several practical management suggestions for addressing short- and long-term disease dynamics and consequences. PMID:29046562

A Secure and Robust Approach to Software Tamper Resistance

NASA Astrophysics Data System (ADS)

Ghosh, Sudeep; Hiser, Jason D.; Davidson, Jack W.

Software tamper-resistance mechanisms have increasingly assumed significance as a technique to prevent unintended uses of software. Closely related to anti-tampering techniques are obfuscation techniques, which make code difficult to understand or analyze and therefore, challenging to modify meaningfully. This paper describes a secure and robust approach to software tamper resistance and obfuscation using process-level virtualization. The proposed techniques involve novel uses of software check summing guards and encryption to protect an application. In particular, a virtual machine (VM) is assembled with the application at software build time such that the application cannot run without the VM. The VM provides just-in-time decryption of the program and dynamism for the application's code. The application's code is used to protect the VM to ensure a level of circular protection. Finally, to prevent the attacker from obtaining an analyzable snapshot of the code, the VM periodically discards all decrypted code. We describe a prototype implementation of these techniques and evaluate the run-time performance of applications using our system. We also discuss how our system provides stronger protection against tampering attacks than previously described tamper-resistance approaches.

Final Report for Bio-Inspired Approaches to Moving-Target Defense Strategies

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Oehmen, Christopher S.

This report records the work and contributions of the NITRD-funded Bio-Inspired Approaches to Moving-Target Defense Strategies project performed by Pacific Northwest National Laboratory under the technical guidance of the National Security Agency’s R6 division. The project has incorporated a number of bio-inspired cyber defensive technologies within an elastic framework provided by the Digital Ants. This project has created the first scalable, real-world prototype of the Digital Ants Framework (DAF)[11] and integrated five technologies into this flexible, decentralized framework: (1) Ant-Based Cyber Defense (ABCD), (2) Behavioral Indicators, (3) Bioinformatic Clas- sification, (4) Moving-Target Reconfiguration, and (5) Ambient Collaboration. The DAF canmore » be used operationally to decentralize many such data intensive applications that normally rely on collection of large amounts of data in a central repository. In this work, we have shown how these component applications may be decentralized and may perform analysis at the edge. Operationally, this will enable analytics to scale far beyond current limitations while not suffering from the bandwidth or computational limitations of centralized analysis. This effort has advanced the R6 Cyber Security research program to secure digital infrastructures by developing a dynamic means to adaptively defend complex cyber systems. We hope that this work will benefit both our client’s efforts in system behavior modeling and cyber security to the overall benefit of the nation.« less

Privacy and security in teleradiology.

PubMed

Ruotsalainen, Pekka

2010-01-01

Teleradiology is probably the most successful eHealth service available today. Its business model is based on the remote transmission of radiological images (e.g. X-ray and CT-images) over electronic networks, and on the interpretation of the transmitted images for diagnostic purpose. Two basic service models are commonly used teleradiology today. The most common approach is based on the message paradigm (off-line model), but more developed teleradiology systems are based on the interactive use of PACS/RIS systems. Modern teleradiology is also more and more cross-organisational or even cross-border service between service providers having different jurisdictions and security policies. This paper defines the requirements needed to make different teleradiology models trusted. Those requirements include a common security policy that covers all partners and entities, common security and privacy protection principles and requirements, controlled contracts between partners, and the use of security controls and tools that supporting the common security policy. The security and privacy protection of any teleradiology system must be planned in advance, and the necessary security and privacy enhancing tools should be selected (e.g. strong authentication, data encryption, non-repudiation services and audit-logs) based on the risk analysis and requirements set by the legislation. In any case the teleradiology system should fulfil ethical and regulatory requirements. Certification of the whole teleradiology service system including security and privacy is also proposed. In the future, teleradiology services will be an integrated part of pervasive eHealth. Security requirements for this environment including dynamic and context aware security services are also discussed in this paper. Copyright (c) 2009 Elsevier Ireland Ltd. All rights reserved.

Freshwater as shared between society and ecosystems: from divided approaches to integrated challenges.

PubMed Central

Falkenmark, Malin

2003-01-01

The paper has its focus on water's key functions behind ecosystem dynamics and the water-related balancing involved in a catchment-based ecosystem approach. A conceptual framework is being developed to address fundamental trade-offs between humans and ecosystems. This is done by paying attention to society's unavoidable landscape modifications and their unavoidable ecological effects mediated by water processes. Because the coevolution of societal and environmental processes indicates resonance rather than a cause-effect relationship, humanity will have to learn to live with change while securing ecosystem resilience. In view of the partial incompatibility of the social imperative of the millennium goals and its environmental sustainability goal, human activities and ecosystems have to be orchestrated for compatibility. To this end a catchment-based approach has to be taken by integrating water, land use and ecosystems. It is being suggested that ecosystem protection has to be thought of in two scales: site-specific biotic landscape components to be protected for their social value, and a catchment-based ecosystem approach to secure sustainable supply of crucial ecosystem goods and services on which social and economic development depends. PMID:14728797

Resilience to leaking--dynamic systems modeling of information security.

PubMed

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack 'unjust' systems or 'conspiracies'. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for 'just' and 'unjust' entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the 'conspiracy'). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean' in direct adversary relations, but do not necessarily increase public benefit and societal immunization to 'conspiracies'. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here.

Valuating Indonesian upstream oil management scenario through system dynamics modelling

NASA Astrophysics Data System (ADS)

Ketut Gunarta, I.; Putri, F. A.

2018-04-01

Under the existing regulation in Constitution Number 22 Year 2001 (UU No 22 Tahun 2001), Production Sharing Contract (PSC) continues to be the scenario in conducting oil and gas upstream mining activities as the previous regulation (UU No. 8 Tahun 1971). Because of the high costs and risks in upstream mining activities, the contractors are dominated by foreign companies, meanwhile National Oil Company (NOC) doesn’t act much. The domination of foreign contractor companies also warned Indonesia in several issues addressing to energy independence and energy security. Therefore, to achieve the goals of energy which is independence and security, there need to be a revision in upstream oil activities regulating scenario. The scenarios will be comparing the current scenario, which is PSC, with the “full concession” scenario for National Oil Company (NOC) in managing oil upstream mining activities. Both scenario will be modelled using System Dynamics methodology and assessed furthermore using financial valuation method of income approach. Under the 2 scenarios, the author will compare which scenario is better for upstream oil management in reaching the goals mentioned before and more profitable in financial aspect. From the simulation, it is gathered that concession scenario offers better option than PSC in reaching energy independence and energy security.

Exploring the meaning of health security for disaster resilience through people's perspectives in Bangladesh.

PubMed

Ray-Bennett, Nibedita S; Collins, Andrew; Bhuiya, Abbas; Edgeworth, Ross; Nahar, Papreen; Alamgir, Fariba

2010-05-01

There has been significant interest in the rhetoric of health security in recent years from both global and local perspectives. Understanding health in the context of disaster vulnerability presents an opportunity to examine how improved health might reduce the effects of environmental disasters and other crises. To this end, a project was implemented in Bangladesh to establish the potential of a health security approach for disaster resilience amongst people living in high risk environments. This paper explores what we might mean by health security through engaging community level perspectives in the southeast coastal belt of Bangladesh, an area prone to cyclone and flood. This has been examined with respect to variation in gender and wealth of households. Household surveys, interviews and focus group discussions were some of the methods used to collect data. The findings show that health related coping strategies and agentive capabilities in the context of impending crises vary from one micro-context to the next. This suggests a dynamic and integrative resilience that could be built on further, but one which remains remote from wider discourses on health security. Copyright 2010 Elsevier Ltd. All rights reserved.

Three tenets for secure cyber-physical system design and assessment

NASA Astrophysics Data System (ADS)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

PubMed

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-11-30

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

Firewall systems: the next generation

NASA Astrophysics Data System (ADS)

McGhie, Lynda L.

1996-01-01

To be competitive in today's globally connected marketplace, a company must ensure that their internal network security methodologies and supporting policies are current and reflect an overall understanding of today's technology and its resultant threats. Further, an integrated approach to information security should ensure that new ways of sharing information and doing business are accommodated; such as electronic commerce, high speed public broadband network services, and the federally sponsored National Information Infrastructure. There are many challenges, and success is determined by the establishment of a solid and firm baseline security architecture that accommodate today's external connectivity requirements, provides transitional solutions that integrate with evolving and dynamic technologies, and ultimately acknowledges both the strategic and tactical goals of an evolving network security architecture and firewall system. This paper explores the evolution of external network connectivity requirements, the associated challenges and the subsequent development and evolution of firewall security systems. It makes the assumption that a firewall is a set of integrated and interoperable components, coming together to form a `SYSTEM' and must be designed, implement and managed as such. A progressive firewall model will be utilized to illustrates the evolution of firewall systems from earlier models utilizing separate physical networks, to today's multi-component firewall systems enabling secure heterogeneous and multi-protocol interfaces.

MAGMA: A Liquid Software Approach to Fault Tolerance, Computer Network Security, and Survivable Networking

DTIC Science & Technology

2001-12-01

and Lieutenant Namik Kaplan , Turkish Navy. Maj Tiefert’s thesis, “Modeling Control Channel Dynamics of SAAM using NS Network Simulation”, helped lay...DEC99] Deconinck , Dr. ir. Geert, Fault Tolerant Systems, ESAT / Division ACCA , Katholieke Universiteit Leuven, October 1999. [FRE00] Freed...Systems”, Addison-Wesley, 1989. [KAP99] Kaplan , Namik, “Prototyping of an Active and Lightweight Router,” March 1999 [KAT99] Kati, Effraim

Secure remote synchronization and secure key distribution in electro-optic networks revealed by symmetries

NASA Astrophysics Data System (ADS)

Xu, Mingfeng; Pan, Wei; Zhang, Liyue

2018-07-01

Despite the intuition that synchronization of different nodes in coupled oscillator networks results from information exchange between them, it has recently been shown that remote nodes could be partially synchronous even when they are separated by intermediately unsynchronized nodes. Here based on electro-optic system, we report on a more stronger form of such synchronization pattern that is termed as secure remote synchronization, in which two remotely separated nodes could have identically synchronized dynamical behaviors while the rest of the network are both statistically and information-theoretically incoherent relative to the two synchronized nodes. The generalized form of mirror symmetry in the network structure is identified to be a key mechanism allowing for secure remote synchronization. Moreover, this synchronization mode is robust against a wild range of system parameters and noise perturbing the intermediary dynamics. The lack of information about the synchronized dynamics in the rest of the network suggests that our results could potentially lead to network-based solutions for secure key distribution and secure communication.

Minimum Requirements for Taxicab Security Cameras.

PubMed

Zeng, Shengke; Amandus, Harlan E; Amendola, Alfred A; Newbraugh, Bradley H; Cantis, Douglas M; Weaver, Darlene

2014-07-01

The homicide rate of taxicab-industry is 20 times greater than that of all workers. A NIOSH study showed that cities with taxicab-security cameras experienced significant reduction in taxicab driver homicides. Minimum technical requirements and a standard test protocol for taxicab-security cameras for effective taxicab-facial identification were determined. The study took more than 10,000 photographs of human-face charts in a simulated-taxicab with various photographic resolutions, dynamic ranges, lens-distortions, and motion-blurs in various light and cab-seat conditions. Thirteen volunteer photograph-evaluators evaluated these face photographs and voted for the minimum technical requirements for taxicab-security cameras. Five worst-case scenario photographic image quality thresholds were suggested: the resolution of XGA-format, highlight-dynamic-range of 1 EV, twilight-dynamic-range of 3.3 EV, lens-distortion of 30%, and shutter-speed of 1/30 second. These minimum requirements will help taxicab regulators and fleets to identify effective taxicab-security cameras, and help taxicab-security camera manufacturers to improve the camera facial identification capability.

Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications.

PubMed

Gangadari, Bhoopal Rao; Rafi Ahamed, Shaik

2016-09-01

In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA 2 ) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA 2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA 2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA 2 based S-Box have comparatively better performance than that of conventional LUT based S-Box.

Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications

PubMed Central

Rafi Ahamed, Shaik

2016-01-01

In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA2) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA2 based S-Box have comparatively better performance than that of conventional LUT based S-Box. PMID:27733924

Security and privacy preserving approaches in the eHealth clouds with disaster recovery plan.

PubMed

Sahi, Aqeel; Lai, David; Li, Yan

2016-11-01

Cloud computing was introduced as an alternative storage and computing model in the health sector as well as other sectors to handle large amounts of data. Many healthcare companies have moved their electronic data to the cloud in order to reduce in-house storage, IT development and maintenance costs. However, storing the healthcare records in a third-party server may cause serious storage, security and privacy issues. Therefore, many approaches have been proposed to preserve security as well as privacy in cloud computing projects. Cryptographic-based approaches were presented as one of the best ways to ensure the security and privacy of healthcare data in the cloud. Nevertheless, the cryptographic-based approaches which are used to transfer health records safely remain vulnerable regarding security, privacy, or the lack of any disaster recovery strategy. In this paper, we review the related work on security and privacy preserving as well as disaster recovery in the eHealth cloud domain. Then we propose two approaches, the Security-Preserving approach and the Privacy-Preserving approach, and a disaster recovery plan. The Security-Preserving approach is a robust means of ensuring the security and integrity of Electronic Health Records, and the Privacy-Preserving approach is an efficient authentication approach which protects the privacy of Personal Health Records. Finally, we discuss how the integrated approaches and the disaster recovery plan can ensure the reliability and security of cloud projects. Copyright © 2016 Elsevier Ltd. All rights reserved.

Design tools for complex dynamic security systems.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson

2007-01-01

The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systemsmore » are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.« less

Verifying the secure setup of UNIX client/servers and detection of network intrusion

NASA Astrophysics Data System (ADS)

Feingold, Richard; Bruestle, Harry R.; Bartoletti, Tony; Saroyan, R. A.; Fisher, John M.

1996-03-01

This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today's global `Infosphere' presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to check on their security configuration. SPI's broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI's use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on the Ethernet broadcast Local Area Network segment and product transcripts of suspicious user connections. NID's retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

A new security model for collaborative environments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Agarwal, Deborah; Lorch, Markus; Thompson, Mary

Prevalent authentication and authorization models for distributed systems provide for the protection of computer systems and resources from unauthorized use. The rules and policies that drive the access decisions in such systems are typically configured up front and require trust establishment before the systems can be used. This approach does not work well for computer software that moderates human-to-human interaction. This work proposes a new model for trust establishment and management in computer systems supporting collaborative work. The model supports the dynamic addition of new users to a collaboration with very little initial trust placed into their identity and supportsmore » the incremental building of trust relationships through endorsements from established collaborators. It also recognizes the strength of a users authentication when making trust decisions. By mimicking the way humans build trust naturally the model can support a wide variety of usage scenarios. Its particular strength lies in the support for ad-hoc and dynamic collaborations and the ubiquitous access to a Computer Supported Collaboration Workspace (CSCW) system from locations with varying levels of trust and security.« less

Power system security enhancement through direct non-disruptive load control

NASA Astrophysics Data System (ADS)

Ramanathan, Badri Narayanan

The transition to a competitive market structure raises significant concerns regarding reliability of the power grid. A need to build tools for security assessment that produce operating limit boundaries for both static and dynamic contingencies is recognized. Besides, an increase in overall uncertainty in operating conditions makes corrective actions at times ineffective leaving the system vulnerable to instability. The tools that are in place for stability enhancement are mostly corrective and suffer from lack of robustness to operating condition changes. They often pose serious coordination challenges. With deregulation, there have also been ownership and responsibility issues associated with stability controls. However, the changing utility business model and the developments in enabling technologies such as two-way communication, metering, and control open up several new possibilities for power system security enhancement. This research proposes preventive modulation of selected loads through direct control for power system security enhancement. Two main contributions of this research are the following: development of an analysis framework and two conceptually different analysis approaches for load modulation to enhance oscillatory stability, and the development and study of algorithms for real-time modulation of thermostatic loads. The underlying analysis framework is based on the Structured Singular Value (SSV or mu) theory. Based on the above framework, two fundamentally different approaches towards analysis of the amount of load modulation for desired stability performance have been developed. Both the approaches have been tested on two different test systems: CIGRE Nordic test system and an equivalent of the Western Electric Coordinating Council test system. This research also develops algorithms for real-time modulation of thermostatic loads that use the results of the analysis. In line with some recent load management programs executed by utilities, two different algorithms based on dynamic programming are proposed for air-conditioner loads, while a decision-tree based algorithm is proposed for water-heater loads. An optimization framework has been developed employing the above algorithms. Monte Carlo simulations have been performed using this framework with the objective of studying the impact of different parameters and constraints on the effectiveness as well as the effect of control. The conclusions drawn from this research strongly advocate direct load control for stability enhancement from the perspectives of robustness and coordination, as well as economic viability and the developments towards availability of the institutional framework for load participation in providing system reliability services.

Minimum Requirements for Taxicab Security Cameras*

PubMed Central

Zeng, Shengke; Amandus, Harlan E.; Amendola, Alfred A.; Newbraugh, Bradley H.; Cantis, Douglas M.; Weaver, Darlene

2015-01-01

Problem The homicide rate of taxicab-industry is 20 times greater than that of all workers. A NIOSH study showed that cities with taxicab-security cameras experienced significant reduction in taxicab driver homicides. Methods Minimum technical requirements and a standard test protocol for taxicab-security cameras for effective taxicab-facial identification were determined. The study took more than 10,000 photographs of human-face charts in a simulated-taxicab with various photographic resolutions, dynamic ranges, lens-distortions, and motion-blurs in various light and cab-seat conditions. Thirteen volunteer photograph-evaluators evaluated these face photographs and voted for the minimum technical requirements for taxicab-security cameras. Results Five worst-case scenario photographic image quality thresholds were suggested: the resolution of XGA-format, highlight-dynamic-range of 1 EV, twilight-dynamic-range of 3.3 EV, lens-distortion of 30%, and shutter-speed of 1/30 second. Practical Applications These minimum requirements will help taxicab regulators and fleets to identify effective taxicab-security cameras, and help taxicab-security camera manufacturers to improve the camera facial identification capability. PMID:26823992

The Dynamic Community of Interest and Its Realization in ZODIAC

DTIC Science & Technology

2009-10-01

the ZODIAC project. ZODIAC is a network architecture that puts security first and foremost, with security broken down into confidentiality, integrity...hosts, a unified solution for MANETs will work for hosts or routers as well. DYNAMIC COMMUNITIES OF INTEREST The basis of the ZODIAC design is a new dis...narrow scope of each DCoI limits attack propagation, and supports confidentiality ABSTRACT The ZODIAC project has been exploring a security first

Resilience to Leaking — Dynamic Systems Modeling of Information Security

PubMed Central

Hamacher, Kay

2012-01-01

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack ‘unjust’ systems or ‘conspiracies’. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for ‘just’ and ‘unjust’ entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the ‘conspiracy’). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean’ in direct adversary relations, but do not necessarily increase public benefit and societal immunization to ‘conspiracies’. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here. PMID:23227151

Evaluation of power system security and development of transmission pricing method

NASA Astrophysics Data System (ADS)

Kim, Hyungchul

The electric power utility industry is presently undergoing a change towards the deregulated environment. This has resulted in unbundling of generation, transmission and distribution services. The introduction of competition into unbundled electricity services may lead system operation closer to its security boundaries resulting in smaller operating safety margins. The competitive environment is expected to lead to lower price rates for customers and higher efficiency for power suppliers in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing. In power system security assessment, the following issues are discussed (1) The description of probabilistic methods for power system security assessment; (2) The computation time of simulation methods; (3) on-line security assessment for operation. A probabilistic method using Monte-Carlo simulation is proposed for power system security assessment. This method takes into account dynamic and static effects corresponding to contingencies. Two different Kohonen networks, Self-Organizing Maps and Learning Vector Quantization, are employed to speed up the probabilistic method. The combination of Kohonen networks and Monte-Carlo simulation can reduce computation time in comparison with straight Monte-Carlo simulation. A technique for security assessment employing Bayes classifier is also proposed. This method can be useful for system operators to make security decisions during on-line power system operation. This dissertation also suggests an approach for allocating transmission transaction costs based on reliability benefits in transmission services. The proposed method shows the transmission transaction cost of reliability benefits when transmission line capacities are considered. The ratio between allocation by transmission line capacity-use and allocation by reliability benefits is computed using the probability of system failure.

Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption.

PubMed

Chandrasekaran, Jeyamala; Thiruvengadam, S J

2015-01-01

Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i) generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES) and (ii) generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security.

Ensemble of Chaotic and Naive Approaches for Performance Enhancement in Video Encryption

PubMed Central

Chandrasekaran, Jeyamala; Thiruvengadam, S. J.

2015-01-01

Owing to the growth of high performance network technologies, multimedia applications over the Internet are increasing exponentially. Applications like video conferencing, video-on-demand, and pay-per-view depend upon encryption algorithms for providing confidentiality. Video communication is characterized by distinct features such as large volume, high redundancy between adjacent frames, video codec compliance, syntax compliance, and application specific requirements. Naive approaches for video encryption encrypt the entire video stream with conventional text based cryptographic algorithms. Although naive approaches are the most secure for video encryption, the computational cost associated with them is very high. This research work aims at enhancing the speed of naive approaches through chaos based S-box design. Chaotic equations are popularly known for randomness, extreme sensitivity to initial conditions, and ergodicity. The proposed methodology employs two-dimensional discrete Henon map for (i) generation of dynamic and key-dependent S-box that could be integrated with symmetric algorithms like Blowfish and Data Encryption Standard (DES) and (ii) generation of one-time keys for simple substitution ciphers. The proposed design is tested for randomness, nonlinearity, avalanche effect, bit independence criterion, and key sensitivity. Experimental results confirm that chaos based S-box design and key generation significantly reduce the computational cost of video encryption with no compromise in security. PMID:26550603

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks.

PubMed

Tang, Jiawei; Liu, Anfeng; Zhang, Jian; Xiong, Neal N; Zeng, Zhiwen; Wang, Tian

2018-03-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%.

A Trust-Based Secure Routing Scheme Using the Traceback Approach for Energy-Harvesting Wireless Sensor Networks

PubMed Central

Tang, Jiawei; Zhang, Jian; Zeng, Zhiwen; Wang, Tian

2018-01-01

The Internet of things (IoT) is composed of billions of sensing devices that are subject to threats stemming from increasing reliance on communications technologies. A Trust-Based Secure Routing (TBSR) scheme using the traceback approach is proposed to improve the security of data routing and maximize the use of available energy in Energy-Harvesting Wireless Sensor Networks (EHWSNs). The main contributions of a TBSR are (a) the source nodes send data and notification to sinks through disjoint paths, separately; in such a mechanism, the data and notification can be verified independently to ensure their security. (b) Furthermore, the data and notification adopt a dynamic probability of marking and logging approach during the routing. Therefore, when attacked, the network will adopt the traceback approach to locate and clear malicious nodes to ensure security. The probability of marking is determined based on the level of battery remaining; when nodes harvest more energy, the probability of marking is higher, which can improve network security. Because if the probability of marking is higher, the number of marked nodes on the data packet routing path will be more, and the sink will be more likely to trace back the data packet routing path and find malicious nodes according to this notification. When data packets are routed again, they tend to bypass these malicious nodes, which make the success rate of routing higher and lead to improved network security. When the battery level is low, the probability of marking will be decreased, which is able to save energy. For logging, when the battery level is high, the network adopts a larger probability of marking and smaller probability of logging to transmit notification to the sink, which can reserve enough storage space to meet the storage demand for the period of the battery on low level; when the battery level is low, increasing the probability of logging can reduce energy consumption. After the level of battery remaining is high enough, nodes then send the notification which was logged before to the sink. Compared with past solutions, our results indicate that the performance of the TBSR scheme has been improved comprehensively; it can effectively increase the quantity of notification received by the sink by 20%, increase energy efficiency by 11%, reduce the maximum storage capacity needed by nodes by 33.3% and improve the success rate of routing by approximately 16.30%. PMID:29494561

Keystroke Dynamics-Based Credential Hardening Systems

NASA Astrophysics Data System (ADS)

Bartlow, Nick; Cukic, Bojan

abstract Keystroke dynamics are becoming a well-known method for strengthening username- and password-based credential sets. The familiarity and ease of use of these traditional authentication schemes combined with the increased trustworthiness associated with biometrics makes them prime candidates for application in many web-based scenarios. Our keystroke dynamics system uses Breiman’s random forests algorithm to classify keystroke input sequences as genuine or imposter. The system is capable of operating at various points on a traditional ROC curve depending on application-specific security needs. As a username/password authentication scheme, our approach decreases the system penetration rate associated with compromised passwords up to 99.15%. Beyond presenting results demonstrating the credential hardening effect of our scheme, we look into the notion that a user’s familiarity to components of a credential set can non-trivially impact error rates.

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

PubMed Central

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-01-01

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

Profiles of Food Security for US Farmworker Households and Factors Related to Dynamic of Change.

PubMed

Ip, Edward H; Saldana, Santiago; Arcury, Thomas A; Grzywacz, Joseph G; Trejo, Grisel; Quandt, Sara A

2015-10-01

We recruited 248 farmworker families with preschool-aged children in North Carolina and examined food security indicators over 24 months to identify food security patterns and examine the dynamic of change over time. Participants in the Niños Sanos study, conducted 2011 to 2014, completed quarterly food security assessments. Based on responses to items in the US Household Food Security Survey Module, we identified different states of food security by using hidden Markov model analysis, and examined factors associated with different states. We delineated factors associated with changes in state by using mixed-effect ordinal logistic regression. About half of the households (51%) consistently stayed in the most food-secure state. The least food-secure state was transient, with only 29% probability of this state for 2 consecutive quarters. Seasonal (vs migrant) work status, having immigration documents (vs not documented), and season predicted higher levels of food security. Heterogeneity in food security among farmworker households calls for tailoring intervention strategies. The transiency and unpredictability of low food security suggest that access to safety-net programs could reduce low food security risk in this population.

Profiles of Food Security for US Farmworker Households and Factors Related to Dynamic of Change

PubMed Central

Saldana, Santiago; Arcury, Thomas A.; Grzywacz, Joseph G.; Trejo, Grisel; Quandt, Sara A.

2015-01-01

Objectives. We recruited 248 farmworker families with preschool-aged children in North Carolina and examined food security indicators over 24 months to identify food security patterns and examine the dynamic of change over time. Methods. Participants in the Niños Sanos study, conducted 2011 to 2014, completed quarterly food security assessments. Based on responses to items in the US Household Food Security Survey Module, we identified different states of food security by using hidden Markov model analysis, and examined factors associated with different states. We delineated factors associated with changes in state by using mixed-effect ordinal logistic regression. Results. About half of the households (51%) consistently stayed in the most food-secure state. The least food-secure state was transient, with only 29% probability of this state for 2 consecutive quarters. Seasonal (vs migrant) work status, having immigration documents (vs not documented), and season predicted higher levels of food security. Conclusions. Heterogeneity in food security among farmworker households calls for tailoring intervention strategies. The transiency and unpredictability of low food security suggest that access to safety-net programs could reduce low food security risk in this population. PMID:26270304

Remote sensing and modelling of vegetation dynamics for early estimation and spatial analysis of grain yields in semiarid context in central Tunisia

NASA Astrophysics Data System (ADS)

Chahbi, Aicha; Zribi, Mehrez; Lili-Chabaane, Zohra

2016-04-01

In arid and semi-arid areas, population growth, urbanization, food security and climate change have an impact on agriculture in general and particular on the cereal production. Therefore to improve food security in arid countries, crop canopy monitoring and yield forecasting cereals are needed. Many models, based on the use of remote sensing or agro-meteorological models, have been developed to estimate the biomass and grain yield of cereals. Through the use of a rich database, acquired over a period of two years for more than 80 test fields, and from optical satellite SPOT/HRV images, the aim of the present study is to evaluate the feasibility of two yield prediction approaches. The first approach is based on the application of the semi-empirical growth model SAFY, developed to simulate the dynamics of the LAI and the grain yield, at the field scale. The model is able to reproduce the time evolution of the leaf area index of all fields with acceptable error. However, an inter-comparison between ground yield measurements and SAFY model simulations reveals that the yields are under-estimated by this model. We can explain the limits of the semi-empirical model SAFY by its simplicity and also by various factors that were not considered (fertilization, irrigation,...). To improve the yield estimation, a new approach is proposed: the grain yield is estimated in function of the LAI in the growth period between 25 March and 5 April. The LAI of this period is estimated by SAFY model. A linear relationship is developed between the measured grain yield and the LAI area of the maximum growth period.This approach is robust, the measured and estimated grain yields are well correlated. Following the validation of this approach, yield estimations are proposed for the entire studied site using the SPOT/HRV images.

Verifying the secure setup of Unix client/servers and detection of network intrusion

DOE Office of Scientific and Technical Information (OSTI.GOV)

Feingold, R.; Bruestle, H.R.; Bartoletti, T.

1995-07-01

This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today`s global ``Infosphere`` presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to checkmore » on their security configuration. SPI`s broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI`s use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on an Ethernet broadcast Local Area Network segment and produce transcripts of suspicious user connections. NID`s retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.« less

Dynamic security contingency screening and ranking using neural networks.

PubMed

Mansour, Y; Vaahedi, E; El-Sharkawi, M A

1997-01-01

This paper summarizes BC Hydro's experience in applying neural networks to dynamic security contingency screening and ranking. The idea is to use the information on the prevailing operating condition and directly provide contingency screening and ranking using a trained neural network. To train the two neural networks for the large scale systems of BC Hydro and Hydro Quebec, in total 1691 detailed transient stability simulation were conducted, 1158 for BC Hydro system and 533 for the Hydro Quebec system. The simulation program was equipped with the energy margin calculation module (second kick) to measure the energy margin in each run. The first set of results showed poor performance for the neural networks in assessing the dynamic security. However a number of corrective measures improved the results significantly. These corrective measures included: 1) the effectiveness of output; 2) the number of outputs; 3) the type of features (static versus dynamic); 4) the number of features; 5) system partitioning; and 6) the ratio of training samples to features. The final results obtained using the large scale systems of BC Hydro and Hydro Quebec demonstrates a good potential for neural network in dynamic security assessment contingency screening and ranking.

Homeland security: sharing and managing critical incident information

NASA Astrophysics Data System (ADS)

Ashley, W. R., III

2003-09-01

Effective critical incident response for homeland security requires access to real-time information from many organizations. Command and control, as well as basic situational awareness, are all dependant on quickly communicating a dynamically changing picture to a variety of decision makers. For the most part, critical information management is not unfamiliar or new to the public safety community. However, new challenges present themselves when that information needs to be seamlessly shared across multiple organizations at the local, state and federal level in real-time. The homeland security problem does not lend itself to the traditional military joint forces planning model where activities shift from a deliberate planning process to a crisis action planning process. Rather, the homeland security problem is more similar to a traditional public safety model where the current activity state moves from complete inactivity or low-level attention to immediate crisis action planning. More often than not the escalation occurs with no warning or baseline information. This paper addresses the challenges of sharing critical incident information and the impacts new technologies will have on this problem. The value of current and proposed approaches will be critiqued for operational value and areas will be identified for further development.

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

An adaptive cryptographic accelerator for network storage security on dynamically reconfigurable platform

NASA Astrophysics Data System (ADS)

Tang, Li; Liu, Jing-Ning; Feng, Dan; Tong, Wei

2008-12-01

Existing security solutions in network storage environment perform poorly because cryptographic operations (encryption and decryption) implemented in software can dramatically reduce system performance. In this paper we propose a cryptographic hardware accelerator on dynamically reconfigurable platform for the security of high performance network storage system. We employ a dynamic reconfigurable platform based on a FPGA to implement a PowerPCbased embedded system, which executes cryptographic algorithms. To reduce the reconfiguration latency, we apply prefetch scheduling. Moreover, the processing elements could be dynamically configured to support different cryptographic algorithms according to the request received by the accelerator. In the experiment, we have implemented AES (Rijndael) and 3DES cryptographic algorithms in the reconfigurable accelerator. Our proposed reconfigurable cryptographic accelerator could dramatically increase the performance comparing with the traditional software-based network storage systems.

Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks

PubMed Central

Lin, Zhaowen; Tao, Dan; Wang, Zhenji

2017-01-01

For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller. PMID:28430155

Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

PubMed

Lin, Zhaowen; Tao, Dan; Wang, Zhenji

2017-04-21

For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

Complex networks under dynamic repair model

NASA Astrophysics Data System (ADS)

Chaoqi, Fu; Ying, Wang; Kun, Zhao; Yangjun, Gao

2018-01-01

Invulnerability is not the only factor of importance when considering complex networks' security. It is also critical to have an effective and reasonable repair strategy. Existing research on network repair is confined to the static model. The dynamic model makes better use of the redundant capacity of repaired nodes and repairs the damaged network more efficiently than the static model; however, the dynamic repair model is complex and polytropic. In this paper, we construct a dynamic repair model and systematically describe the energy-transfer relationships between nodes in the repair process of the failure network. Nodes are divided into three types, corresponding to three structures. We find that the strong coupling structure is responsible for secondary failure of the repaired nodes and propose an algorithm that can select the most suitable targets (nodes or links) to repair the failure network with minimal cost. Two types of repair strategies are identified, with different effects under the two energy-transfer rules. The research results enable a more flexible approach to network repair.

A hybrid Bayesian network approach for trade-offs between environmental flows and agricultural water using dynamic discretization

NASA Astrophysics Data System (ADS)

Xue, Jie; Gui, Dongwei; Lei, Jiaqiang; Sun, Huaiwei; Zeng, Fanjiang; Feng, Xinlong

2017-12-01

Agriculture and the eco-environment are increasingly competing for water. The extension of intensive farmland for ensuring food security has resulted in excessive water exploitation by agriculture. Consequently, this has led to a lack of water supply in natural ecosystems. This paper proposes a trade-off framework to coordinate the water-use conflict between agriculture and the eco-environment, based on economic compensation for irrigation stakeholders. A hybrid Bayesian network (HBN) is developed to implement the framework, including: (a) agricultural water shortage assessments after meeting environmental flows; (b) water-use tradeoff analysis between agricultural irrigation and environmental flows using the HBN; and (c) quantification of the agricultural economic compensation for different irrigation stakeholders. The constructed HBN is computed by dynamic discretization, which is a more robust and accurate propagation algorithm than general static discretization. A case study of the Qira oasis area in Northwest China demonstrates that the water trade-off based on economic compensation depends on the available water supply and environmental flows at different levels. Agricultural irrigation water extracted for grain crops should be preferentially guaranteed to ensure food security, in spite of higher economic compensation in other cash crops' irrigation for water coordination. Updating water-saving engineering and adopting drip irrigation technology in agricultural facilities after satisfying environmental flows would greatly relieve agricultural water shortage and save the economic compensation for different irrigation stakeholders. The approach in this study can be easily applied in water-stressed areas worldwide for dealing with water competition.

Network Security Validation Using Game Theory

NASA Astrophysics Data System (ADS)

Papadopoulou, Vicky; Gregoriades, Andreas

Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

The Application of System Dynamics to the Integration of National Laboratory Research and K-12 Education

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mills, James Ignatius; Zounar Harbour, Elda D

2001-08-01

The Idaho National Engineering and Environmental Laboratory (INEEL) is dedicated to finding solutions to problems related to the environment, energy, economic competitiveness, and national security. In an effort to attract and retain the expertise needed to accomplish these challenges, the INEEL is developing a program of broad educational opportunities that makes continuing education readily available to all laboratory employees, beginning in the K–12 environment and progressing through post-graduate education and beyond. One of the most innovative educational approaches being implemented at the laboratory is the application of STELLA© dynamic learning environments, which facilitate captivating K–12 introductions to the complex energymore » and environmental challenges faced by global societies. These simulations are integrated into lesson plans developed by teachers in collaboration with INEEL scientists and engineers. This approach results in an enjoyable and involved learning experience, and an especially positive introduction to the application of science to emerging problems of great social and environmental consequence.« less

[Tuberculosis among the socially vulnerable populations; perspectives from human security concept].

PubMed

Ishikawa, Nobukatsu

2009-07-01

Tuberculosis (TB) has been and will continue to be the disease of the poor and the socially vulnerable. Current TB epidemiology in Japan shows increasing proportion of TB among the economically and socially poor or vulnerable populations. Though there is no universally recognized set of the definitions, the economically poor who are covered under the social security services including the homeless, foreign migrants, or the aged over 80 years may be considered as consisting the "socially vulnerable population" for TB in Japan. TB among the socially vulnerable has several characteristics, for example, patients are often detected with severe conditions due to delayed diagnosis, and have high defaulter rate during treatment, which causes immature death, or drug-resistant disease. Stop TB Strategy by WHO, responding to the Millennium Development Goals, proposes a new approach which focuses on empowering the patients and the community. Observations from various studies show that DOTS contributes to empowering the patients and the communities. Further effort will be needed to reorient TB programs towards the perspective of patients' empowerment. Solely relying on static analyses of TB among the socially vulnerable has its limitations. Dynamic approach, which utilizes human security concepts such as empowerment and patients' perspective, will be required not only to control TB among the socially vulnerable population but also to holistically tackle the problem of TB for Japan.

Comparison of ensemble post-processing approaches, based on empirical and dynamical error modelisation of rainfall-runoff model forecasts

NASA Astrophysics Data System (ADS)

Chardon, J.; Mathevet, T.; Le Lay, M.; Gailhard, J.

2012-04-01

In the context of a national energy company (EDF : Electricité de France), hydro-meteorological forecasts are necessary to ensure safety and security of installations, meet environmental standards and improve water ressources management and decision making. Hydrological ensemble forecasts allow a better representation of meteorological and hydrological forecasts uncertainties and improve human expertise of hydrological forecasts, which is essential to synthesize available informations, coming from different meteorological and hydrological models and human experience. An operational hydrological ensemble forecasting chain has been developed at EDF since 2008 and is being used since 2010 on more than 30 watersheds in France. This ensemble forecasting chain is characterized ensemble pre-processing (rainfall and temperature) and post-processing (streamflow), where a large human expertise is solicited. The aim of this paper is to compare 2 hydrological ensemble post-processing methods developed at EDF in order improve ensemble forecasts reliability (similar to Monatanari &Brath, 2004; Schaefli et al., 2007). The aim of the post-processing methods is to dress hydrological ensemble forecasts with hydrological model uncertainties, based on perfect forecasts. The first method (called empirical approach) is based on a statistical modelisation of empirical error of perfect forecasts, by streamflow sub-samples of quantile class and lead-time. The second method (called dynamical approach) is based on streamflow sub-samples of quantile class and streamflow variation, and lead-time. On a set of 20 watersheds used for operational forecasts, results show that both approaches are necessary to ensure a good post-processing of hydrological ensemble, allowing a good improvement of reliability, skill and sharpness of ensemble forecasts. The comparison of the empirical and dynamical approaches shows the limits of the empirical approach which is not able to take into account hydrological dynamic and processes, i. e. sample heterogeneity. For a same streamflow range corresponds different processes such as rising limbs or recession, where uncertainties are different. The dynamical approach improves reliability, skills and sharpness of forecasts and globally reduces confidence intervals width. When compared in details, the dynamical approach allows a noticeable reduction of confidence intervals during recessions where uncertainty is relatively lower and a slight increase of confidence intervals during rising limbs or snowmelt where uncertainty is greater. The dynamic approach, validated by forecaster's experience that considered the empirical approach not discriminative enough, improved forecaster's confidence and communication of uncertainties. Montanari, A. and Brath, A., (2004). A stochastic approach for assessing the uncertainty of rainfall-runoff simulations. Water Resources Research, 40, W01106, doi:10.1029/2003WR002540. Schaefli, B., Balin Talamba, D. and Musy, A., (2007). Quantifying hydrological modeling errors through a mixture of normal distributions. Journal of Hydrology, 332, 303-315.

A feedback-based secure path approach for wireless sensor network data collection.

PubMed

Mao, Yuxin; Wei, Guiyi

2010-01-01

The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

Roadmap on optical security

NASA Astrophysics Data System (ADS)

Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

2016-08-01

Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections: Sheridan reviews phase retrieval algorithms to perform different attacks, whereas Situ discusses nonlinear optical encryption techniques and the development of a rigorous optical information security theory. The fourth category with two contributions reports how encryption could be implemented at the nano- or micro-scale. Naruse discusses the use of nanostructures in security applications and Carnicer proposes encoding information in a tightly focused beam. In the fifth category, encryption based on ghost imaging using single-pixel detectors is also considered. In particular, the authors [Chen, Tajahuerce] emphasize the need for more specialized hardware and image processing algorithms. Finally, in the sixth category, Mosk and Javidi analyze in their corresponding papers how quantum imaging can benefit optical encryption systems. Sources that use few photons make encryption systems much more difficult to attack, providing a secure method for authentication.

Risk assessment by dynamic representation of vulnerability, exploitation, and impact

NASA Astrophysics Data System (ADS)

Cam, Hasan

2015-05-01

Assessing and quantifying cyber risk accurately in real-time is essential to providing security and mission assurance in any system and network. This paper presents a modeling and dynamic analysis approach to assessing cyber risk of a network in real-time by representing dynamically its vulnerabilities, exploitations, and impact using integrated Bayesian network and Markov models. Given the set of vulnerabilities detected by a vulnerability scanner in a network, this paper addresses how its risk can be assessed by estimating in real-time the exploit likelihood and impact of vulnerability exploitation on the network, based on real-time observations and measurements over the network. The dynamic representation of the network in terms of its vulnerabilities, sensor measurements, and observations is constructed dynamically using the integrated Bayesian network and Markov models. The transition rates of outgoing and incoming links of states in hidden Markov models are used in determining exploit likelihood and impact of attacks, whereas emission rates help quantify the attack states of vulnerabilities. Simulation results show the quantification and evolving risk scores over time for individual and aggregated vulnerabilities of a network.

A neural-network-based exponential H∞ synchronisation for chaotic secure communication via improved genetic algorithm

NASA Astrophysics Data System (ADS)

Hsiao, Feng-Hsiag

2016-10-01

In this study, a novel approach via improved genetic algorithm (IGA)-based fuzzy observer is proposed to realise exponential optimal H∞ synchronisation and secure communication in multiple time-delay chaotic (MTDC) systems. First, an original message is inserted into the MTDC system. Then, a neural-network (NN) model is employed to approximate the MTDC system. Next, a linear differential inclusion (LDI) state-space representation is established for the dynamics of the NN model. Based on this LDI state-space representation, this study proposes a delay-dependent exponential stability criterion derived in terms of Lyapunov's direct method, thus ensuring that the trajectories of the slave system approach those of the master system. Subsequently, the stability condition of this criterion is reformulated into a linear matrix inequality (LMI). Due to GA's random global optimisation search capabilities, the lower and upper bounds of the search space can be set so that the GA will seek better fuzzy observer feedback gains, accelerating feedback gain-based synchronisation via the LMI-based approach. IGA, which exhibits better performance than traditional GA, is used to synthesise a fuzzy observer to not only realise the exponential synchronisation, but also achieve optimal H∞ performance by minimizing the disturbance attenuation level and recovering the transmitted message. Finally, a numerical example with simulations is given in order to demonstrate the effectiveness of our approach.

A Methodology for Dynamic Security Risk Quantification and Optimal Resource Allocation of Security Assets

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brigantic, Robert T.; Betzsold, Nick J.; Bakker, Craig KR

In this presentation we overview a methodology for dynamic security risk quantification and optimal resource allocation of security assets for high profile venues. This methodology is especially applicable to venues that require security screening operations such as mass transit (e.g., train or airport terminals), critical infrastructure protection (e.g., government buildings), and largescale public events (e.g., concerts or professional sports). The method starts by decomposing the three core components of risk -- threat, vulnerability, and consequence -- into their various subcomponents. For instance, vulnerability can be decomposed into availability, accessibility, organic security, and target hardness and each of these can bemore » evaluated against the potential threats of interest for the given venue. Once evaluated, these subcomponents are rolled back up to compute the specific value for the vulnerability core risk component. Likewise, the same is done for consequence and threat, and then risk is computed as the product of these three components. A key aspect of our methodology is dynamically quantifying risk. That is, we incorporate the ability to uniquely allow the subcomponents and core components, and in turn, risk, to be quantified as a continuous function of time throughout the day, week, month, or year as appropriate.« less

Advanced Computational Methods for Security Constrained Financial Transmission Rights: Structure and Parallelism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Elbert, Stephen T.; Kalsi, Karanjit; Vlachopoulou, Maria

Financial Transmission Rights (FTRs) help power market participants reduce price risks associated with transmission congestion. FTRs are issued based on a process of solving a constrained optimization problem with the objective to maximize the FTR social welfare under power flow security constraints. Security constraints for different FTR categories (monthly, seasonal or annual) are usually coupled and the number of constraints increases exponentially with the number of categories. Commercial software for FTR calculation can only provide limited categories of FTRs due to the inherent computational challenges mentioned above. In this paper, a novel non-linear dynamical system (NDS) approach is proposed tomore » solve the optimization problem. The new formulation and performance of the NDS solver is benchmarked against widely used linear programming (LP) solvers like CPLEX™ and tested on large-scale systems using data from the Western Electricity Coordinating Council (WECC). The NDS is demonstrated to outperform the widely used CPLEX algorithms while exhibiting superior scalability. Furthermore, the NDS based solver can be easily parallelized which results in significant computational improvement.« less

System Dynamics Approach for Critical Infrastructure and Decision Support. A Model for a Potable Water System.

NASA Astrophysics Data System (ADS)

Pasqualini, D.; Witkowski, M.

2005-12-01

The Critical Infrastructure Protection / Decision Support System (CIP/DSS) project, supported by the Science and Technology Office, has been developing a risk-informed Decision Support System that provides insights for making critical infrastructure protection decisions. The system considers seventeen different Department of Homeland Security defined Critical Infrastructures (potable water system, telecommunications, public health, economics, etc.) and their primary interdependencies. These infrastructures have been modeling in one model called CIP/DSS Metropolitan Model. The modeling approach used is a system dynamics modeling approach. System dynamics modeling combines control theory and the nonlinear dynamics theory, which is defined by a set of coupled differential equations, which seeks to explain how the structure of a given system determines its behavior. In this poster we present a system dynamics model for one of the seventeen critical infrastructures, a generic metropolitan potable water system (MPWS). Three are the goals: 1) to gain a better understanding of the MPWS infrastructure; 2) to identify improvements that would help protect MPWS; and 3) to understand the consequences, interdependencies, and impacts, when perturbations occur to the system. The model represents raw water sources, the metropolitan water treatment process, storage of treated water, damage and repair to the MPWS, distribution of water, and end user demand, but does not explicitly represent the detailed network topology of an actual MPWS. The MPWS model is dependent upon inputs from the metropolitan population, energy, telecommunication, public health, and transportation models as well as the national water and transportation models. We present modeling results and sensitivity analysis indicating critical choke points, negative and positive feedback loops in the system. A general scenario is also analyzed where the potable water system responds to a generic disruption.

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Security Verification Techniques Applied to PatchLink COTS Software

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Powell, John D.; Bishop, Matt; Andrew, Chris; Jog, Sameer

2006-01-01

Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink's UNIX Agent, a Commercial-Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.

Dynamic Tunnel Usability Study: Format Recommendations for Synthetic Vision System Primary Flight Displays

NASA Technical Reports Server (NTRS)

Arthur, Jarvis J., III; Prinzel, Lawrence J., III; Kramer, Lynda J.; Bailey, Randall E.

2006-01-01

A usability study evaluating dynamic tunnel concepts has been completed under the Aviation Safety and Security Program, Synthetic Vision Systems Project. The usability study was conducted in the Visual Imaging Simulator for Transport Aircraft Systems (VISTAS) III simulator in the form of questionnaires and pilot-in-the-loop simulation sessions. Twelve commercial pilots participated in the study to determine their preferences via paired comparisons and subjective rankings regarding the color, line thickness and sensitivity of the dynamic tunnel. The results of the study showed that color was not significant in pilot preference paired comparisons or in pilot rankings. Line thickness was significant for both pilot preference paired comparisons and in pilot rankings. The preferred line/halo thickness combination was a line width of 3 pixels and a halo of 4 pixels. Finally, pilots were asked their preference for the current dynamic tunnel compared to a less sensitive dynamic tunnel. The current dynamic tunnel constantly gives feedback to the pilot with regard to path error while the less sensitive tunnel only changes as the path error approaches the edges of the tunnel. The tunnel sensitivity comparison results were not statistically significant.

Formulation for Simultaneous Aerodynamic Analysis and Design Optimization

NASA Technical Reports Server (NTRS)

Hou, G. W.; Taylor, A. C., III; Mani, S. V.; Newman, P. A.

1993-01-01

An efficient approach for simultaneous aerodynamic analysis and design optimization is presented. This approach does not require the performance of many flow analyses at each design optimization step, which can be an expensive procedure. Thus, this approach brings us one step closer to meeting the challenge of incorporating computational fluid dynamic codes into gradient-based optimization techniques for aerodynamic design. An adjoint-variable method is introduced to nullify the effect of the increased number of design variables in the problem formulation. The method has been successfully tested on one-dimensional nozzle flow problems, including a sample problem with a normal shock. Implementations of the above algorithm are also presented that incorporate Newton iterations to secure a high-quality flow solution at the end of the design process. Implementations with iterative flow solvers are possible and will be required for large, multidimensional flow problems.

A Feedback-Based Secure Path Approach for Wireless Sensor Network Data Collection

PubMed Central

Mao, Yuxin; Wei, Guiyi

2010-01-01

The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose. PMID:22163424

Towards a Scalable Group Vehicle-based Security System

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M

2016-01-01

In August 2014, the National Highway Traffic Safety Administration (NHTSA) proposed new rulemaking to require V2V communication in light vehicles. To establish trust in the basic safety messages (BSMs) that are exchanged by vehicles to improve driver safety, a vehicle public key infrastructure (VPKI) is required. We outline a system where a group or groups of vehicles manage and generate their own BSM signing keys and authenticating certificates -- a Vehicle-Based Security System (VBSS). Based on our preliminary examination, we assert the mechanisms exist to implement a VBSS that supports V2V communications; however, maintaining uniform trust throughout the system whilemore » protecting individual privacy does require reliance on nascent group signature technology which may require a significant amount of communication overhead for trust maintenance. To better evaluate the VBSS approach, we compare it to the proposed Security Credential Management System (SCMS) in four major areas including bootstrapping, pseudonym provisioning, BSM signing and authentication, and revocation. System scale, driver privacy, and the distribution and dynamics of participants make designing an effective VPKI an interesting and challenging problem; no clear-cut strategy exists to satisfy the security and privacy expectations in a highly efficient way. More work is needed in VPKI research, so the life-saving promise of V2V technology can be achieved.« less

Mediated definite delegation - Certified Grid jobs in ALICE and beyond

NASA Astrophysics Data System (ADS)

Schreiner, Steffen; Grigoras, Costin; Litmaath, Maarten; Betev, Latchezar; Buchmann, Johannes

2012-12-01

Grid computing infrastructures need to provide traceability and accounting of their users’ activity and protection against misuse and privilege escalation, where the delegation of privileges in the course of a job submission is a key concern. This work describes an improved handling of Multi-user Grid Jobs in the ALICE Grid Services. A security analysis of the ALICE Grid job model is presented with derived security objectives, followed by a discussion of existing approaches of unrestricted delegation based on X.509 proxy certificates and the Grid middleware gLExec. Unrestricted delegation has severe security consequences and limitations, most importantly allowing for identity theft and forgery of jobs and data. These limitations are discussed and formulated, both in general and with respect to an adoption in line with Multi-user Grid Jobs. A new general model of mediated definite delegation is developed, allowing a broker to dynamically process and assign Grid jobs to agents while providing strong accountability and long-term traceability. A prototype implementation allowing for fully certified Grid jobs is presented as well as a potential interaction with gLExec. The achieved improvements regarding system security, malicious job exploitation, identity protection, and accountability are emphasized, including a discussion of non-repudiation in the face of malicious Grid jobs.

Immune Inspired Security Approach for Manets: a Case Study

NASA Astrophysics Data System (ADS)

Mohamed, Yasir Abdelgadir

2011-06-01

This paper extends the work that has earlier been established. Immune inspired approach for securing mobile ad hoc networks is specified there. Although it is clearly indicated there that the research scope is the wireless networks in general and hybrid mobile ad hoc networks in particular, we have seen that specifying the security system in one of the communications applications that need further security approach may help to understand how effectively the system can contribute to this vital and important networks sector. Security in this type of networks is important and controversial as it plays a key role in users' eagerness or reluctance for the services provided by these networks. In this paper, the immune inspired security system is specified to secure web services in converged networks.

Extraction of sandy bedforms features through geodesic morphometry

NASA Astrophysics Data System (ADS)

Debese, Nathalie; Jacq, Jean-José; Garlan, Thierry

2016-09-01

State-of-art echosounders reveal fine-scale details of mobile sandy bedforms, which are commonly found on continental shelfs. At present, their dynamics are still far from being completely understood. These bedforms are a serious threat to navigation security, anthropic structures and activities, placing emphasis on research breakthroughs. Bedform geometries and their dynamics are closely linked; therefore, one approach is to develop semi-automatic tools aiming at extracting their structural features from bathymetric datasets. Current approaches mimic manual processes or rely on morphological simplification of bedforms. The 1D and 2D approaches cannot address the wide ranges of both types and complexities of bedforms. In contrast, this work attempts to follow a 3D global semi-automatic approach based on a bathymetric TIN. The currently extracted primitives are the salient ridge and valley lines of the sand structures, i.e., waves and mega-ripples. The main difficulty is eliminating the ripples that are found to heavily overprint any observations. To this end, an anisotropic filter that is able to discard these structures while still enhancing the wave ridges is proposed. The second part of the work addresses the semi-automatic interactive extraction and 3D augmented display of the main lines structures. The proposed protocol also allows geoscientists to interactively insert topological constraints.

A Trusted Portable Computing Device

NASA Astrophysics Data System (ADS)

Ming-wei, Fang; Jun-jun, Wu; Peng-fei, Yu; Xin-fang, Zhang

A trusted portable computing device and its security mechanism were presented to solve the security issues, such as the attack of virus and Trojan horse, the lost and stolen of storage device, in mobile office. It used smart card to build a trusted portable security base, virtualization to create a secure virtual execution environment, two-factor authentication mechanism to identify legitimate users, and dynamic encryption to protect data privacy. The security environment described in this paper is characteristic of portability, security and reliability. It can meet the security requirement of mobile office.

A novel chaotic stream cipher and its application to palmprint template protection

NASA Astrophysics Data System (ADS)

Li, Heng-Jian; Zhang, Jia-Shu

2010-04-01

Based on a coupled nonlinear dynamic filter (NDF), a novel chaotic stream cipher is presented in this paper and employed to protect palmprint templates. The chaotic pseudorandom bit generator (PRBG) based on a coupled NDF, which is constructed in an inverse flow, can generate multiple bits at one iteration and satisfy the security requirement of cipher design. Then, the stream cipher is employed to generate cancelable competitive code palmprint biometrics for template protection. The proposed cancelable palmprint authentication system depends on two factors: the palmprint biometric and the password/token. Therefore, the system provides high-confidence and also protects the user's privacy. The experimental results of verification on the Hong Kong PolyU Palmprint Database show that the proposed approach has a large template re-issuance ability and the equal error rate can achieve 0.02%. The performance of the palmprint template protection scheme proves the good practicability and security of the proposed stream cipher.

Case study: Optimizing fault model input parameters using bio-inspired algorithms

NASA Astrophysics Data System (ADS)

Plucar, Jan; Grunt, Onřej; Zelinka, Ivan

2017-07-01

We present a case study that demonstrates a bio-inspired approach in the process of finding optimal parameters for GSM fault model. This model is constructed using Petri Nets approach it represents dynamic model of GSM network environment in the suburban areas of Ostrava city (Czech Republic). We have been faced with a task of finding optimal parameters for an application that requires high amount of data transfers between the application itself and secure servers located in datacenter. In order to find the optimal set of parameters we employ bio-inspired algorithms such as Differential Evolution (DE) or Self Organizing Migrating Algorithm (SOMA). In this paper we present use of these algorithms, compare results and judge their performance in fault probability mitigation.

Effective user management with high strength crypto -key in dynamic group environment in cloud

NASA Astrophysics Data System (ADS)

Kumar, P. J.; Suganya, P.; Karthik, G.

2017-11-01

Cloud Clusters consists of various collections of files which are being accessed by multiple users of Cloud. The users are managed as a group and the association of the user to a particular group is dynamic in nature. Every group has a manager who handles the membership of a user to a particular group by issuing keys for encryption and decryption. Due to the dynamic nature of a user he/she may leave the group very frequently. But an attempt can be made by the user who has recently left the group to access a file maintained by that group. Key distribution becomes a critical issue while the behavior of the user is dynamic. Existing techniques to manage the users of group in terms of security and key distribution has been investigated so that to arrive at an objective to identify the scopes to increase security and key management scheme in cloud. The usage of various key combinations to measure the strength of security and efficiency of user management in dynamic cloud environment has been investigated.

Security system signal supervision

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chritton, M.R.; Matter, J.C.

1991-09-01

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

A Laboratory for Characterizing the Efficacy of Moving Target Defense

DTIC Science & Technology

2016-10-25

of William and Mary are developing a scalable, dynamic, adaptive security system that combines virtualization , emulation, and mutable network...goal with the resource constraints of a small number of servers, and making virtual nodes “real enough” from the view of attackers. Unfortunately, with...we at College of William and Mary are developing a scalable, dynamic, adaptive security system that combines virtualization , emulation, and mutable

A Framework For Dynamic Subversion

DTIC Science & Technology

2003-06-01

informal methods. These methods examine the security requirements, security specification, also called the Formal Top Level Specification and its ...not be always invoked due to its possible deactivation by errant or malicious code. Further, the RVM, if no separation exists between the kernel...that this thesis focused on, is the means by which the dynamic portion of the artifice finds space to operate or is loaded, is relocated in its

76 FR 42395 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-18

... received. Table of Contents I. Introduction A. Statutory Framework B. Consultations C. Approach to Drafting.... Generally B. Consistency With CFTC Approach IV. Paperwork Reduction Act A. Summary of Collections of... that may rely on security-based swaps to manage risk and reduce volatility. C. Approach to Drafting the...

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified physical and logical process model of the CPS. Specifically, three main tasks are discussed in this presentation: (i) we first investigate diverse granularity of the interactions inside the CPS and propose feasible cyber attack models to characterize the compromised behavior of the CPS with various measures, from its severity to detectability; (ii) based on this risk information, our approach to securing the CPS addresses both monitoring of and high assurance control design against cyber attacks by developing on-line safety assessment and mitigation algorithms; and (iii) by extending the developed theories and methods from a single CPS to multiple CPSs, we examine the security and safety of multi-CPS network that are strongly dependent on the network topology, cooperation protocols between individual CPSs, etc. The effectiveness of the analytical findings is demonstrated and validated with illustrative examples, especially unmanned aircraft system (UAS) applications.

A Dynamic Framework for Water Security

NASA Astrophysics Data System (ADS)

Srinivasan, Veena; Konar, Megan; Sivapalan, Murugesu

2017-04-01

Water security is a multi-faceted problem, going beyond mere balancing of supply and demand. Conventional attempts to quantify water security starting rely on static indices at a particular place and point in time. While these are simple and scalable, they lack predictive or explanatory power. 1) Most static indices focus on specific spatial scales and largely ignore cross-scale feedbacks between human and water systems. 2) They fail to account for the increasing spatial specialization in the modern world - some regions are cities others are agricultural breadbaskets; so water security means different things in different places. Human adaptation to environmental change necessitates a dynamic view of water security. We present a framework that defines water security as an emergent outcome of a coupled socio-hydrologic system. Over the medium term (5-25 years), water security models might hold governance, culture and infrastructure constant, but allow humans to respond to changes and thus predict how water security would evolve. But over very long time-frames (25-100 years), a society's values, norms and beliefs themselves may themselves evolve; these in turn may prompt changes in policy, governance and infrastructure. Predictions of water security in the long term involve accounting for such regime shifts in the cultural and political context of a watershed by allowing the governing equations of the models to change.

A Secure, Intelligent, and Smart-Sensing Approach for Industrial System Automation and Transmission over Unsecured Wireless Networks

PubMed Central

Shahzad, Aamir; Lee, Malrey; Xiong, Neal Naixue; Jeong, Gisung; Lee, Young-Keun; Choi, Jae-Young; Mahesar, Abdul Wheed; Ahmad, Iftikhar

2016-01-01

In Industrial systems, Supervisory control and data acquisition (SCADA) system, the pseudo-transport layer of the distributed network protocol (DNP3) performs the functions of the transport layer and network layer of the open systems interconnection (OSI) model. This study used a simulation design of water pumping system, in-which the network nodes are directly and wirelessly connected with sensors, and are monitored by the main controller, as part of the wireless SCADA system. This study also intends to focus on the security issues inherent in the pseudo-transport layer of the DNP3 protocol. During disassembly and reassembling processes, the pseudo-transport layer keeps track of the bytes sequence. However, no mechanism is available that can verify the message or maintain the integrity of the bytes in the bytes received/transmitted from/to the data link layer or in the send/respond from the main controller/sensors. To properly and sequentially keep track of the bytes, a mechanism is required that can perform verification while bytes are received/transmitted from/to the lower layer of the DNP3 protocol or the send/respond to/from field sensors. For security and byte verification purposes, a mechanism needs to be proposed for the pseudo-transport layer, by employing cryptography algorithm. A dynamic choice security buffer (SB) is designed and employed during the security development. To achieve the desired goals of the proposed study, a pseudo-transport layer stack model is designed using the DNP3 protocol open library and the security is deployed and tested, without changing the original design. PMID:26950129

A Secure, Intelligent, and Smart-Sensing Approach for Industrial System Automation and Transmission over Unsecured Wireless Networks.

PubMed

Shahzad, Aamir; Lee, Malrey; Xiong, Neal Naixue; Jeong, Gisung; Lee, Young-Keun; Choi, Jae-Young; Mahesar, Abdul Wheed; Ahmad, Iftikhar

2016-03-03

In Industrial systems, Supervisory control and data acquisition (SCADA) system, the pseudo-transport layer of the distributed network protocol (DNP3) performs the functions of the transport layer and network layer of the open systems interconnection (OSI) model. This study used a simulation design of water pumping system, in-which the network nodes are directly and wirelessly connected with sensors, and are monitored by the main controller, as part of the wireless SCADA system. This study also intends to focus on the security issues inherent in the pseudo-transport layer of the DNP3 protocol. During disassembly and reassembling processes, the pseudo-transport layer keeps track of the bytes sequence. However, no mechanism is available that can verify the message or maintain the integrity of the bytes in the bytes received/transmitted from/to the data link layer or in the send/respond from the main controller/sensors. To properly and sequentially keep track of the bytes, a mechanism is required that can perform verification while bytes are received/transmitted from/to the lower layer of the DNP3 protocol or the send/respond to/from field sensors. For security and byte verification purposes, a mechanism needs to be proposed for the pseudo-transport layer, by employing cryptography algorithm. A dynamic choice security buffer (SB) is designed and employed during the security development. To achieve the desired goals of the proposed study, a pseudo-transport layer stack model is designed using the DNP3 protocol open library and the security is deployed and tested, without changing the original design.

Modeling and complexity of stochastic interacting Lévy type financial price dynamics

NASA Astrophysics Data System (ADS)

Wang, Yiduan; Zheng, Shenzhou; Zhang, Wei; Wang, Jun; Wang, Guochao

2018-06-01

In attempt to reproduce and investigate nonlinear dynamics of security markets, a novel nonlinear random interacting price dynamics, which is considered as a Lévy type process, is developed and investigated by the combination of lattice oriented percolation and Potts dynamics, which concerns with the instinctive random fluctuation and the fluctuation caused by the spread of the investors' trading attitudes, respectively. To better understand the fluctuation complexity properties of the proposed model, the complexity analyses of random logarithmic price return and corresponding volatility series are preformed, including power-law distribution, Lempel-Ziv complexity and fractional sample entropy. In order to verify the rationality of the proposed model, the corresponding studies of actual security market datasets are also implemented for comparison. The empirical results reveal that this financial price model can reproduce some important complexity features of actual security markets to some extent. The complexity of returns decreases with the increase of parameters γ1 and β respectively, furthermore, the volatility series exhibit lower complexity than the return series

[Research progress on remote sensing of ecological and environmental changes in the Three Gorges Reservoir area, China].

PubMed

Teng, Ming-jun; Zeng, Li-xiong; Xiao, Wen-fa; Zhou, Zhi-xiang; Huang, Zhi-lin; Wang, Peng-cheng; Dian, Yuan-yong

2014-12-01

The Three Gorges Reservoir area (TGR area) , one of the most sensitive ecological zones in China, has dramatically changes in ecosystem configurations and services driven by the Three Gorges Engineering Project and its related human activities. Thus, understanding the dynamics of ecosystem configurations, ecological processes and ecosystem services is an attractive and critical issue to promote regional ecological security of the TGR area. The remote sensing of environment is a promising approach to the target and is thus increasingly applied to and ecosystem dynamics of the TGR area on mid- and macro-scales. However, current researches often showed controversial results in ecological and environmental changes in the TGR area due to the differences in remote sensing data, scale, and land-use/cover classification. Due to the complexity of ecological configurations and human activities, challenges still exist in the remote-sensing based research of ecological and environmental changes in the TGR area. The purpose of this review was to summarize the research advances in remote sensing of ecological and environmental changes in the TGR area. The status, challenges and trends of ecological and environmental remote-sensing in the TGR area were further discussed and concluded in the aspect of land-use/land-cover, vegetation dynamics, soil and water security, ecosystem services, ecosystem health and its management. The further researches on the remote sensing of ecological and environmental changes were proposed to improve the ecosystem management of the TGR area.

Security architecture for health grid using ambient intelligence.

PubMed

Naqvi, S; Riguidel, M; Demeure, I

2005-01-01

To propose a novel approach of incorporating ambient intelligence in the health grid security architecture. Security concerns are severely impeding the grid community effort in spreading its wings in health applications. In this paper, we have proposed a high level approach to incorporate ambient intelligence for health grid security architecture and have argued that this will significantly improve the current state of the grid security paradigm with an enhanced user-friendly environment. We believe that the time is right to shift the onus of traditional security mechanisms onto the new technologies. The incorporation of ambient intelligence in the security architecture of a grid will not only render a security paradigm robust but also provide an attractive vision for the future of computing by bringing the two worlds together. In this article we propose an evolutionary approach of utilizing smart devices for grid security architecture. We argue that such an infrastructure will impart unique features to the existing grid security paradigms by offering fortified and relentless monitoring. This new security architecture will be comprehensive in nature but will not be cumbersome for the users due to its typical characteristics of not prying into their lives and adapting to their needs. We have identified a new paradigm of the security architecture for a health grid that will not only render a security mechanism robust but will also provide the high levels of user-friendliness. As our approach is a first contribution to this problem, a number of other issues for future research remain open. However, the prospects are fascinating.

China’s Energy Security: The Grand Hedging Strategy

DTIC Science & Technology

2010-05-01

spotlight. The key to sustaining this dynamic economic growth is access to petroleum resources. The central question of this monograph is as follows...Is China’s energy security strategy liberal-institutionalist or realist-mercantilist? Using a qualitative case study methodology that explores the...dependent variable -- energy security -- using three independent variables (cost of supply, reliability of supply, and security of supply), China’s

Secure access control and large scale robust representation for online multimedia event detection.

PubMed

Liu, Changyu; Lu, Bin; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Inference-Based Similarity Search in Randomized Montgomery Domains for Privacy-Preserving Biometric Identification.

PubMed

Wang, Yi; Wan, Jianwu; Guo, Jun; Cheung, Yiu-Ming; Yuen, Pong C; Yi Wang; Jianwu Wan; Jun Guo; Yiu-Ming Cheung; Yuen, Pong C; Cheung, Yiu-Ming; Guo, Jun; Yuen, Pong C; Wan, Jianwu; Wang, Yi

2018-07-01

Similarity search is essential to many important applications and often involves searching at scale on high-dimensional data based on their similarity to a query. In biometric applications, recent vulnerability studies have shown that adversarial machine learning can compromise biometric recognition systems by exploiting the biometric similarity information. Existing methods for biometric privacy protection are in general based on pairwise matching of secured biometric templates and have inherent limitations in search efficiency and scalability. In this paper, we propose an inference-based framework for privacy-preserving similarity search in Hamming space. Our approach builds on an obfuscated distance measure that can conceal Hamming distance in a dynamic interval. Such a mechanism enables us to systematically design statistically reliable methods for retrieving most likely candidates without knowing the exact distance values. We further propose to apply Montgomery multiplication for generating search indexes that can withstand adversarial similarity analysis, and show that information leakage in randomized Montgomery domains can be made negligibly small. Our experiments on public biometric datasets demonstrate that the inference-based approach can achieve a search accuracy close to the best performance possible with secure computation methods, but the associated cost is reduced by orders of magnitude compared to cryptographic primitives.

Secure Multiparty Quantum Computation for Summation and Multiplication.

PubMed

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-21

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics.

Secure Multiparty Quantum Computation for Summation and Multiplication

PubMed Central

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-01

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics. PMID:26792197

If it walks like a duck: nanosensor threat assessment

NASA Astrophysics Data System (ADS)

Chachis, George C.

2003-09-01

A convergence of technologies is making deployment of unattended ground nanosensors operationally feasible in terms of energy, communications for both arbitrated and self-organizing distributed, collective behaviors. A number of nano communications technologies are already making network-centric systems possible for MicroElectrical Mechanical (MEM) sensor devices today. Similar technologies may make NanoElectrical Mechanical (NEM) sensor devices operationally feasible a few years from now. Just as organizational behaviors of large numbers of nanodevices can derive strategies from social insects and other group-oriented animals, bio-inspired heuristics for threat assessment provide a conceptual approach for successful integration of nanosensors into unattended smart sensor networks. Biological models such as the organization of social insects or the dynamics of immune systems show promise as biologically-inspired paradigms for protecting nanosensor networks for security scene analysis and battlespace awareness. The paradox of nanosensors is that the smaller the device is the more useful it is but the smaller it is the more vulnerable it is to a variety of threats. In other words simpler means networked nanosensors are more likely to fall prey to a wide-range of attacks including jamming, spoofing, Janisserian recruitment, Pied-Piper distraction, as well as typical attacks computer network security. Thus, unattended sensor technologies call for network architectures that include security and countermeasures to provide reliable scene analysis or battlespace awareness information. Such network centric architectures may well draw upon a variety of bio-inspired approaches to safeguard, validate and make sense of large quantities of information.

The Worm Propagation Model with Dual Dynamic Quarantine Strategy

NASA Astrophysics Data System (ADS)

Yao, Yu; Xie, Xiao-Wu; Guo, Hao; Gao, Fu-Xiang; Yu, Ge

Internet worms are becoming more and more harmful with the rapid development of the Internet. Due to the extremely fast spread and great destructive power of network worms, strong dynamic quarantine strategies are necessary. Inspired by the real-world approach to the prevention and treatment of infectious diseases, this paper proposes a quarantine strategy based on dynamic worm propagation model: the SIQRV dual quarantine model. This strategy uses dynamic quarantine method to make the vulnerable host and infected host quarantined, and then release them after a certain period of time, regardless of whether quarantined host security is checked. Through mathematic modeling, it has been found that when the basic reproduction number R0 is less than a critical value, the system will stabilize in the disease-free equilibrium, that is, in theory, the infected hosts will be completely immune. Finally, by comparing the simulation results and numerical analysis, the basic agreement between the two curves supports the validity of the mathematical model. Our future work will be focusing on taking both the delay and double-quarantine strategy into account and further expanding the scale of our simulation work.

Exploring Complex Systems Aspects of Blackout Risk and Mitigation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Newman, David E; Carreras, Benjamin A; Lynch, Vickie E

2011-01-01

Electric power transmission systems are a key infrastructure, and blackouts of these systems have major consequences for the economy and national security. Analyses of blackout data suggest that blackout size distributions have a power law form over much of their range. This result is an indication that blackouts behave as a complex dynamical system. We use a simulation of an upgrading power transmission system to investigate how these complex system dynamics impact the assessment and mitigation of blackout risk. The mitigation of failures in complex systems needs to be approached with care. The mitigation efforts can move the system tomore » a new dynamic equilibrium while remaining near criticality and preserving the power law region. Thus, while the absolute frequency of blackouts of all sizes may be reduced, the underlying forces can still cause the relative frequency of large blackouts to small blackouts to remain the same. Moreover, in some cases, efforts to mitigate small blackouts can even increase the frequency of large blackouts. This result occurs because the large and small blackouts are not mutually independent, but are strongly coupled by the complex dynamics.« less

Hydrocomplexity: Addressing water security and emergent environmental risks

NASA Astrophysics Data System (ADS)

Kumar, Praveen

2015-07-01

Water security and emergent environmental risks are among the most significant societal concerns. They are highly interlinked to other global risks such as those related to climate, human health, food, human migration, biodiversity loss, urban sustainability, etc. Emergent risks result from the confluence of unanticipated interactions from evolving interdependencies between complex systems, such as those embedded in the water cycle. They are associated with the novelty of dynamical possibilities that have significant potential consequences to human and ecological systems, and not with probabilities based on historical precedence. To ensure water security we need to be able to anticipate the likelihood of risk possibilities as they present the prospect of the most impact through cascade of vulnerabilities. They arise due to a confluence of nonstationary drivers that include growing population, climate change, demographic shifts, urban growth, and economic expansion, among others, which create novel interdependencies leading to a potential of cascading network effects. Hydrocomplexity aims to address water security and emergent risks through the development of science, methods, and practices with the potential to foster a "Blue Revolution" akin to the Green revolution for food security. It blends both hard infrastructure based solution with soft knowledge driven solutions to increase the range of planning and design, management, mitigation and adaptation strategies. It provides a conceptual and synthetic framework to enable us to integrate discovery science and engineering, observational and information science, computational and communication systems, and social and institutional approaches to address consequential water and environmental challenges.

SPAR: a security- and power-aware routing protocol for wireless ad hoc and sensor networks

NASA Astrophysics Data System (ADS)

Oberoi, Vikram; Chigan, Chunxiao

2005-05-01

Wireless Ad Hoc and Sensor Networks (WAHSNs) are vulnerable to extensive attacks as well as severe resource constraints. To fulfill the security needs, many security enhancements have been proposed. Like wise, from resource constraint perspective, many power aware schemes have been proposed to save the battery power. However, we observe that for the severely resource limited and extremely vulnerable WAHSNs, taking security or power (or any other resource) alone into consideration for protocol design is rather inadequate toward the truly "secure-and-useful" WAHSNs. For example, from resource constraint perspective, we identify one of the potential problems, the Security-Capable-Congestion (SCC) behavior, for the WAHSNs routing protocols where only the security are concerned. On the other hand, the design approach where only scarce resource is concerned, such as many power-aware WAHSNs protocols, leaves security unconsidered and is undesirable to many WAHSNs application scenarios. Motivated by these observations, we propose a co-design approach, where both the high security and effective resource consumption are targeted for WAHSNs protocol design. Specifically, we propose a novel routing protocol, Security- and Power- Aware Routing (SPAR) protocol based on this co-design approach. In SPAR, the routing decisions are made based on both security and power as routing criteria. The idea of the SPAR mechanism is routing protocol independent and therefore can be broadly integrated into any of the existing WAHSNs routing protocols. The simulation results show that SPAR outperforms the WAHSNs routing protocols where security or power alone is considered, significantly. This research finding demonstrates the proposed security- and resource- aware co-design approach is promising towards the truly "secure-and-useful" WAHSNs.

Biomass Productivity Dynamics Monitoring and its Drivers in Sahelian Croplands and Rangelands to Support Food Security Policies

NASA Astrophysics Data System (ADS)

Leroux, L.

2015-12-01

Since the Sahelian population livelihood relies mainly on agropastoral activities, accurate information on biomass productivity dynamics and the underlying drivers are needed to manage a wide range of issues such as food security. This study aims to contribute to a better understanding of these drivers in rangeland and cropland, both at the Sahel and local scales (an agropastoral site in South-West Niger). At the Sahel scale, the MODIS Land Cover product was used to extract cropland and rangeland pixels. By analyzing MODIS NDVI trends together with TRMM3B43 annual rainfall (2000-2010), we developed a new classification scheme allowing to identify areas of persistent decline/improvement in biomass productivity and to separate rainfall-driven dynamics from other factors. The results showed an overall increase of productivity in the rangeland, and both an improvement and a degradation in the cropland. We found strong evidence that the increase in biomass productivity was generally linked to increasing rainfall, while the decrease could be attributed chiefly to other factors exclusively or to a combination of both climate- and human-induced factors (see the attached Figure). At the Niger site scale, biomass trends have been put in relation with a set of potential drivers via a RandomForest model, to define which were the explanatory factors of the observed trends. The factor set covered 5 categories: climate, natural constraints, demography, physical accessibility and land cover changes. We highlighted that tiger bushes areas were particularly prone to pressure due to overgrazing and overexploitation of wood, while positive trends were mainly observed near rivers and in fossil valleys where new agricultural practices might have been promoted. The approach developped here could help to delineate areas with decrease in crop and grassland production and thus to assess the vulnerability of the population, but also to target zones with good potential for planning long-term food security policies.

An approach to secure weather and climate models against hardware faults

NASA Astrophysics Data System (ADS)

Düben, Peter D.; Dawson, Andrew

2017-03-01

Enabling Earth System models to run efficiently on future supercomputers is a serious challenge for model development. Many publications study efficient parallelization to allow better scaling of performance on an increasing number of computing cores. However, one of the most alarming threats for weather and climate predictions on future high performance computing architectures is widely ignored: the presence of hardware faults that will frequently hit large applications as we approach exascale supercomputing. Changes in the structure of weather and climate models that would allow them to be resilient against hardware faults are hardly discussed in the model development community. In this paper, we present an approach to secure the dynamical core of weather and climate models against hardware faults using a backup system that stores coarse resolution copies of prognostic variables. Frequent checks of the model fields on the backup grid allow the detection of severe hardware faults, and prognostic variables that are changed by hardware faults on the model grid can be restored from the backup grid to continue model simulations with no significant delay. To justify the approach, we perform model simulations with a C-grid shallow water model in the presence of frequent hardware faults. As long as the backup system is used, simulations do not crash and a high level of model quality can be maintained. The overhead due to the backup system is reasonable and additional storage requirements are small. Runtime is increased by only 13 % for the shallow water model.

An approach to secure weather and climate models against hardware faults

NASA Astrophysics Data System (ADS)

Düben, Peter; Dawson, Andrew

2017-04-01

Enabling Earth System models to run efficiently on future supercomputers is a serious challenge for model development. Many publications study efficient parallelisation to allow better scaling of performance on an increasing number of computing cores. However, one of the most alarming threats for weather and climate predictions on future high performance computing architectures is widely ignored: the presence of hardware faults that will frequently hit large applications as we approach exascale supercomputing. Changes in the structure of weather and climate models that would allow them to be resilient against hardware faults are hardly discussed in the model development community. We present an approach to secure the dynamical core of weather and climate models against hardware faults using a backup system that stores coarse resolution copies of prognostic variables. Frequent checks of the model fields on the backup grid allow the detection of severe hardware faults, and prognostic variables that are changed by hardware faults on the model grid can be restored from the backup grid to continue model simulations with no significant delay. To justify the approach, we perform simulations with a C-grid shallow water model in the presence of frequent hardware faults. As long as the backup system is used, simulations do not crash and a high level of model quality can be maintained. The overhead due to the backup system is reasonable and additional storage requirements are small. Runtime is increased by only 13% for the shallow water model.

Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aderholdt, Ferrol; Caldwell, Blake A.; Hicks, Susan Elaine

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges formore » the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.« less

77 FR 26562 - Mobile Offshore Drilling Unit Dynamic Positioning Guidance

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-04

... regarding a draft policy letter on Dynamic Positioning (DP) Systems, Emergency Disconnect Systems, Blowout... Coast Guard, NOSAC issued the report ``Recommendations for Dynamic Positioning System Design and... DEPARTMENT OF HOMELAND SECURITY Coast Guard [USCG-2011-1106] Mobile Offshore Drilling Unit Dynamic...

A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs

NASA Astrophysics Data System (ADS)

Elahi, Golnaz; Yu, Eric

In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Recently, there is increasing acknowledgement that security is ultimately about trade-offs. One can only aim for "good enough" security, given the competing demands from many parties. In this paper, we examine how conceptual modeling can provide explicit and systematic support for analyzing security trade-offs. After considering the desirable criteria for conceptual modeling methods, we examine several existing approaches for dealing with security trade-offs. From analyzing the limitations of existing methods, we propose an extension to the i* framework for security trade-off analysis, taking advantage of its multi-agent and goal orientation. The method was applied to several case studies used to exemplify existing approaches.

The systems approach to airport security: The FAA (Federal Aviation Administration)/BWI (Baltimore-Washington International) Airport demonstration project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Caskey, D.L.; Olascoaga, M.T.

1990-01-01

Sandia National Laboratories has been involved in designing, installing and evaluating security systems for various applications during the past 15 years. A systems approach to security that evolved from this experience was applied to aviation security for the Federal Aviation Administration. A general systems study of aviation security in the United States was concluded in 1987. One result of the study was a recommendation that an enhanced security system concept designed to meet specified objectives be demonstrated at an operational airport. Baltimore-Washington International Airport was selected as the site for the demonstration project which began in 1988 and will bemore » completed in 1992. This article introduced the systems approach to airport security and discussed its application at Baltimore-Washington International Airport. Examples of design features that could be included in an enhanced security concept also were presented, including details of the proposed Ramps Area Intrusion Detection System (RAIDS).« less

Homeland security in the USA: past, present, and future.

PubMed

Kemp, Roger L

2012-01-01

This paper examines the evolving and dynamic field of homeland security in the USA. Included in this analysis is the evolution of the creation of the Department of Homeland Security, an overview of the National Warning System, a summary of citizen support groups, and how the field of homeland security has had an impact on the location and architecture of public buildings and facilities. Also included are website directories of citizen support groups and federal agencies related to the field of homeland security.

Ecosystem approach to inland fisheries: research needs and implementation strategies

PubMed Central

Beard, T. Douglas; Arlinghaus, Robert; Cooke, Steven J.; McIntyre, Peter B.; De Silva, Sena; Bartley, Devin; Cowx, Ian G.

2011-01-01

Inland fisheries are a vital component in the livelihoods and food security of people throughout the world, as well as contributing huge recreational and economic benefits. These valuable assets are jeopardized by lack of research-based understanding of the impacts of fisheries on inland ecosystems, and similarly the impact of human activities associated with inland waters on fisheries and aquatic biodiversity. To explore this topic, an international workshop was organized in order to examine strategies to incorporate fisheries into ecosystem approaches for management of inland waters. To achieve this goal, a new research agenda is needed that focuses on: quantifying the ecosystem services provided by fresh waters; quantifying the economic, social and nutritional benefits of inland fisheries; improving assessments designed to evaluate fisheries exploitation potential; and examining feedbacks between fisheries, ecosystem productivity and aquatic biodiversity. Accomplishing these objectives will require merging natural and social science approaches to address coupled social–ecological system dynamics. PMID:21325307

Ecosystem approach to inland fisheries: Research needs and implementation strategies

USGS Publications Warehouse

Beard, T.D.; Arlinghaus, R.; Cooke, S.J.; McIntyre, P.B.; De Silva, S.; Bartley, D.; Cowx, I.G.

2011-01-01

Inland fisheries are a vital component in the livelihoods and food security of people throughout the world, as well as contributing huge recreational and economic benefits. These valuable assets are jeopardized by lack of research-based understanding of the impacts of fisheries on inland ecosystems, and similarly the impact of human activities associated with inland waters on fisheries and aquatic biodiversity. To explore this topic, an international workshop was organized in order to examine strategies to incorporate fisheries into ecosystem approaches for management of inland waters. To achieve this goal, a new research agenda is needed that focuses on: quantifying the ecosystem services provided by fresh waters; quantifying the economic, social and nutritional benefits of inland fisheries; improving assessments designed to evaluate fisheries exploitation potential; and examining feedbacks between fisheries, ecosystem productivity and aquatic biodiversity. Accomplishing these objectives will require merging natural and social science approaches to address coupled social-ecological system dynamics. ?? 2010 The Royal Society.

Ecosystem approach to inland fisheries: research needs and implementation strategies

USGS Publications Warehouse

Beard, T. Douglas; Arlinghaus, Robert; Cooke, Steven J.; McIntyre, Peter B.; De Silva, Sena; Bartley, Devin M.; Cowx, Ian G.

2011-01-01

Inland fisheries are a vital component in the livelihoods and food security of people throughout the world, as well as contributing huge recreational and economic benefits. These valuable assets are jeopardized by lack of research-based understanding of the impacts of fisheries on inland ecosystems, and similarly the impact of human activities associated with inland waters on fisheries and aquatic biodiversity. To explore this topic, an international workshop was organized in order to examine strategies to incorporate fisheries into ecosystem approaches for management of inland waters. To achieve this goal, a new research agenda is needed that focuses on: quantifying the ecosystem services provided by fresh waters; quantifying the economic, social and nutritional benefits of inland fisheries; improving assessments designed to evaluate fisheries exploitation potential; and examining feedbacks between fisheries, ecosystem productivity and aquatic biodiversity. Accomplishing these objectives will require merging natural and social science approaches to address coupled social–ecological system dynamics.

Toward a Multi-scale Phase Transition Kinetics Methodology: From Non-Equilibrium Statistical Mechanics to Hydrodynamics

NASA Astrophysics Data System (ADS)

Belof, Jonathan; Orlikowski, Daniel; Wu, Christine; McLaughlin, Keith

2013-06-01

Shock and ramp compression experiments are allowing us to probe condensed matter under extreme conditions where phase transitions and other non-equilibrium aspects can now be directly observed, but first principles simulation of kinetics remains a challenge. A multi-scale approach is presented here, with non-equilibrium statistical mechanical quantities calculated by molecular dynamics (MD) and then leveraged to inform a classical nucleation and growth kinetics model at the hydrodynamic scale. Of central interest is the free energy barrier for the formation of a critical nucleus, with direct NEMD presenting the challenge of relatively long timescales necessary to resolve nucleation. Rather than attempt to resolve the time-dependent nucleation sequence directly, the methodology derived here is built upon the non-equilibrium work theorem in order to bias the formation of a critical nucleus and thus construct the nucleation and growth rates. Having determined these kinetic terms from MD, a hydrodynamics implementation of Kolmogorov-Johnson-Mehl-Avrami (KJMA) kinetics and metastabilty is applied to the dynamic compressive freezing of water and compared with recent ramp compression experiments [Dolan et al., Nature (2007)] Lawrence Livermore National Laboratory is operated by Lawrence Livermore National Security, LLC, for the U.S. Department of Energy, National Nuclear Security Administration under Contract DE-AC52-07NA27344.

Angle and Context Free Grammar Based Precarious Node Detection and Secure Data Transmission in MANETs.

PubMed

Veerasamy, Anitha; Madane, Srinivasa Rao; Sivakumar, K; Sivaraman, Audithan

2016-01-01

Growing attractiveness of Mobile Ad Hoc Networks (MANETs), its features, and usage has led to the launching of threats and attacks to bring negative consequences in the society. The typical features of MANETs, especially with dynamic topology and open wireless medium, may leave MANETs vulnerable. Trust management using uncertain reasoning scheme has previously attempted to solve this problem. However, it produces additional overhead while securing the network. Hence, a Location and Trust-based secure communication scheme (L&TS) is proposed to overcome this limitation. Since the design securing requires more than two data algorithms, the cost of the system goes up. Another mechanism proposed in this paper, Angle and Context Free Grammar (ACFG) based precarious node elimination and secure communication in MANETs, intends to secure data transmission and detect precarious nodes in a MANET at a comparatively lower cost. The Elliptic Curve function is used to isolate a malicious node, thereby incorporating secure data transfer. Simulation results show that the dynamic estimation of the metrics improves throughput by 26% in L&TS when compared to the TMUR. ACFG achieves 33% and 51% throughput increase when compared to L&TS and TMUR mechanisms, respectively.

Safe teleradiology: information assurance as project planning methodology

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2003-05-01

This project demonstrates use of OCTAVE, an information security risk assessment method, as an approach to the safe design and planning of a teleradiology system. By adopting this approach to project planning, we intended to provide evidence that including information security as an intrinsic component of project planning improves information assurance and that using information assurance as a planning tool produces and improves the general system management plan. Several considerations justify this approach to planning a safe teleradiology system. First, because OCTAVE was designed as a method for retrospectively assessing and proposing enhancements for the security of existing information management systems, it should function well as a guide to prospectively designing and deploying a secure information system such as teleradiology. Second, because OCTAVE provides assessment and planning tools for use primarily by interdisciplinary teams from user organizations, not consultants, it should enhance the ability of such teams at the local level to plan safe information systems. Third, from the perspective of sociological theory, OCTAVE explicitly attempts to enhance organizational conditions identified as necessary to safely manage complex technologies. Approaching information system design from the perspective of information security risk management proactively integrates health information assurance into a project"s core. This contrasts with typical approaches that perceive "security" as a secondary attribute to be "added" after designing the system and with approaches that identify information assurance only with security devices and user training. The perspective of health information assurance embraces so many dimensions of a computerized health information system"s design that one may successfully deploy a method for retrospectively assessing information security risk as a prospective planning tool. From a sociological perspective, this approach enhances the general conditions as well as establishes specific policies and procedures for reliable performance of health information assurance.

Detection and Tracking of Dynamic Objects by Using a Multirobot System: Application to Critical Infrastructures Surveillance

PubMed Central

Rodríguez-Canosa, Gonzalo; Giner, Jaime del Cerro; Barrientos, Antonio

2014-01-01

The detection and tracking of mobile objects (DATMO) is progressively gaining importance for security and surveillance applications. This article proposes a set of new algorithms and procedures for detecting and tracking mobile objects by robots that work collaboratively as part of a multirobot system. These surveillance algorithms are conceived of to work with data provided by long distance range sensors and are intended for highly reliable object detection in wide outdoor environments. Contrary to most common approaches, in which detection and tracking are done by an integrated procedure, the approach proposed here relies on a modular structure, in which detection and tracking are carried out independently, and the latter might accept input data from different detection algorithms. Two movement detection algorithms have been developed for the detection of dynamic objects by using both static and/or mobile robots. The solution to the overall problem is based on the use of a Kalman filter to predict the next state of each tracked object. Additionally, new tracking algorithms capable of combining dynamic objects lists coming from either one or various sources complete the solution. The complementary performance of the separated modular structure for detection and identification is evaluated and, finally, a selection of test examples discussed. PMID:24526305

Conceptualizations of water security in the agricultural sector: Perceptions, practices, and paradigms

NASA Astrophysics Data System (ADS)

Malekian, Atefe; Hayati, Dariush; Aarts, Noelle

2017-01-01

Conceptions of agricultural water security are conditioned by larger understandings of being and reality. It is still unclear what such understandings mean for perspectives on water security in general and on causes and solutions related to perceived water security risks and problems in agricultural sector in particular. Based on a systematic literature review, three conceptualizations of water security, related to different paradigms, are presented. Also the consequences of such conceptualizations for determining research objectives, research activities, and research outcomes on agricultural water security are discussed. The results showed that agricultural water security from a positivist paradigm referred to tangible and measurable water-related hazards and threats, such as floods and droughts, pollution, and so forth. A constructivist approach to agricultural water security, constituted by a process of interaction and negotiation, pointed at perceptions of water security of farmers and other stakeholders involved in agricultural sector. A critical approach to agricultural water security focused on the processes of securing vulnerable farmers and others from wider political, social, and natural impediments to sufficient water supplies. The conclusions of the study suggest that paradigms, underlying approaches should be expressed, clarified, and related to one another in order to find optimal and complementary ways to study water security issues in agricultural sector.

Software security checklist for the software life cycle

NASA Technical Reports Server (NTRS)

Gilliam, D. P.; Wolfe, T. L.; Sherif, J. S.

2002-01-01

A formal approach to security in the software life cycle is essential to protect corporate resources. However, little thought has been given to this aspect of software development. Due to its criticality, security should be integrated as a formal approach in the software life cycle.

Encrypted Three-dimensional Dynamic Imaging using Snapshot Time-of-flight Compressed Ultrafast Photography

PubMed Central

Liang, Jinyang; Gao, Liang; Hai, Pengfei; Li, Chiye; Wang, Lihong V.

2015-01-01

Compressed ultrafast photography (CUP), a computational imaging technique, is synchronized with short-pulsed laser illumination to enable dynamic three-dimensional (3D) imaging. By leveraging the time-of-flight (ToF) information of pulsed light backscattered by the object, ToF-CUP can reconstruct a volumetric image from a single camera snapshot. In addition, the approach unites the encryption of depth data with the compressed acquisition of 3D data in a single snapshot measurement, thereby allowing efficient and secure data storage and transmission. We demonstrated high-speed 3D videography of moving objects at up to 75 volumes per second. The ToF-CUP camera was applied to track the 3D position of a live comet goldfish. We have also imaged a moving object obscured by a scattering medium. PMID:26503834

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security risk mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

The NASA Office of Safety and Mission Assurance (OSMA) has funded the Jet Propulsion Laboratory (JPL) with a Center Initiative, 'Reducing Software Security Risk through an Integrated Approach' (RSSR), to address this need. The Initiative is a formal approach to addressing software security in the life cycle through the instantiation of a Software Security Assessment Instrument (SSAI) for the development and maintenance life cycles.

Addressing the Tension Between Strong Perimeter Control an Usability

NASA Technical Reports Server (NTRS)

Hinke, Thomas H.; Kolano, Paul Z.; Keller, Chris

2006-01-01

This paper describes a strong perimeter control system for a general purpose processing system, with the perimeter control system taking significant steps to address usability issues, thus mitigating the tension between strong perimeter protection and usability. A secure front end enforces two-factor authentication for all interactive access to an enclave that contains a large supercomputer and various associated systems, with each requiring their own authentication. Usability is addressed through a design in which the user has to perform two-factor authentication at the secure front end in order to gain access to the enclave, while an agent transparently performs public key authentication as needed to authenticate to specific systems within the enclave. The paper then describes a proxy system that allows users to transfer files into the enclave under script control, when the user is not present to perform two-factor authentication. This uses a pre-authorization approach based on public key technology, which is still strongly tied to both two-factor authentication and strict control over where files can be transferred on the target system. Finally the paper describes an approach to support network applications and systems such as grids or parallel file transfer protocols that require the use of many ports through the perimeter. The paper describes a least privilege approach that dynamically opens ports on a host-specific, if-authorized, as-needed, just-in-time basis.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

PubMed

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

PubMed Central

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-01-01

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism. PMID:26694409

An integrated water-energy-food-livelihoods approach for assessing environmental livelihood security

NASA Astrophysics Data System (ADS)

Biggs, E. M.; Duncan, J.; Boruff, B.; Bruce, E.; Neef, A.; McNeill, K.; van Ogtrop, F. F.; Haworth, B.; Duce, S.; Horsley, J.; Pauli, N.; Curnow, J.; Imanari, Y.

2015-12-01

Environmental livelihood security refers to the challenges of maintaining global food security and universal access to freshwater and energy to sustain livelihoods and promote inclusive economic growth, whilst sustaining key environmental systems' functionality, particularly under variable climatic regimes. Environmental security is a concept complementary to sustainable development, and considers the increased vulnerability people have to certain environmental stresses, such as climatic change. Bridging links between the core component concepts of environmental security is integral to future human security, and in an attempt to create this bridge, the nexus approach to human protection has been created, where water resource availability underpins food, water and energy security. The water-energy-food nexus has an influential role in attaining human security, yet little research has made the link between the nexus and livelihoods. In this research we provide a critical appraisal of the synergies between water-energy-food nexus framings and sustainable livelihoods approaches, both of which aim to promote sustainable development. In regions where livelihoods are dependent on environmental conditions, the concept of sustainable development is critical for ensuring future environmental and human security. Given our appraisal we go on to develop an integrated framework for assessing environmental livelihood security of multiscale and multi-level systems. This framework provides a tangible approach for assessing changes in the water-energy-food-livelihood indicators of a system. Examples of where system applications may occur are discussed for the Southeast Asia and Oceania region. Our approach will be particularly useful for policy-makers to inform evidence-based decision-making, especially in localities where climate change increases the vulnerability of impoverished communities and extenuates environmental livelihood insecurity.

Analyzing comprehensive QoS with security constraints for services composition applications in wireless sensor networks.

PubMed

Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

2014-12-01

Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique-vector universal generating function (VUGF)-which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

Analyzing Comprehensive QoS with Security Constraints for Services Composition Applications in Wireless Sensor Networks

PubMed Central

Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

2014-01-01

Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique—vector universal generating function (VUGF)—which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs. PMID:25470488

In acceptance we trust? Conceptualising acceptance as a viable approach to NGO security management.

PubMed

Fast, Larissa A; Freeman, C Faith; O'Neill, Michael; Rowley, Elizabeth

2013-04-01

This paper documents current understanding of acceptance as a security management approach and explores issues and challenges non-governmental organisations (NGOs) confront when implementing an acceptance approach to security management. It argues that the failure of organisations to systematise and clearly articulate acceptance as a distinct security management approach and a lack of organisational policies and procedures concerning acceptance hinder its efficacy as a security management approach. The paper identifies key and cross-cutting components of acceptance that are critical to its effective implementation in order to advance a comprehensive and systematic concept of acceptance. The key components of acceptance illustrate how organisational and staff functions affect positively or negatively an organisation's acceptance, and include: an organisation's principles and mission, communications, negotiation, programming, relationships and networks, stakeholder and context analysis, staffing, and image. The paper contends that acceptance is linked not only to good programming, but also to overall organisational management and structures. © 2013 The Author(s). Journal compilation © Overseas Development Institute, 2013.

Metaphors for cyber security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

2008-08-01

This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a varietymore » of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).« less

Automating Network Node Behavior Characterization by Mining Communication Patterns

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carroll, Thomas E.; Chikkagoudar, Satish; Arthur-Durett, Kristine M.

Enterprise networks of scale are complex, dynamic computing environments that respond to evolv- ing business objectives and requirements. Characteriz- ing system behaviors in these environments is essential for network management and cyber security operations. Characterization of system’s communication is typical and is supported using network flow information (NetFlow). Related work has characterized behavior using theoretical graph metrics; results are often difficult to interpret by enterprise staff. We propose a different approach, where flow information is mapped to sets of tags that contextualize the data in terms of network principals and enterprise concepts. Frequent patterns are then extracted and are expressedmore » as behaviors. Behaviors can be com- pared, identifying systems expressing similar behaviors. We evaluate the approach using flow information collected by a third party.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Corey Thuen

The On-Device Dynamic Analysis of Mobile Applications (ODAMA) project was started in an effort to protect mobile devices used in Industrial Control Systems (ICS) from cyber attack. Because mobile devices hide as much of the “computer” as possible, the user’s ability to assess the software running on their system is limited. The research team chose Google’s Android platform for this initial research because it is open source and it would give us freedom in our approach, including the ability to modify the mobile device’s operating system itself. The research team concluded that a Privileged Application was the right approach, andmore » the result was ODAMA. This project is an important piece of the work to secure the expanding use of mobile devices with our nation’s critical infrastructure.« less

Big Data-Based Approach to Detect, Locate, and Enhance the Stability of an Unplanned Microgrid Islanding

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jiang, Huaiguang; Li, Yan; Zhang, Yingchen

In this paper, a big data-based approach is proposed for the security improvement of an unplanned microgrid islanding (UMI). The proposed approach contains two major steps: the first step is big data analysis of wide-area monitoring to detect a UMI and locate it; the second step is particle swarm optimization (PSO)-based stability enhancement for the UMI. First, an optimal synchrophasor measurement device selection (OSMDS) and matching pursuit decomposition (MPD)-based spatial-temporal analysis approach is proposed to significantly reduce the volume of data while keeping appropriate information from the synchrophasor measurements. Second, a random forest-based ensemble learning approach is trained to detectmore » the UMI. When combined with grid topology, the UMI can be located. Then the stability problem of the UMI is formulated as an optimization problem and the PSO is used to find the optimal operational parameters of the UMI. An eigenvalue-based multiobjective function is proposed, which aims to improve the damping and dynamic characteristics of the UMI. Finally, the simulation results demonstrate the effectiveness and robustness of the proposed approach.« less

Wartime Transitions: Historical Case Analyses Applied to the US Campaign in Afghanistan (2001 to Present)

DTIC Science & Technology

2017-05-25

operate independently without external nation support; (3) a custom approach is necessary in security forces development based on political requirements...independently without external nation support; (3) a custom approach is necessary in security forces development based on political requirements...interventions both successful and unsuccessful, that an external country must craft a custom approach to develop local security forces based on the

Domestic Security Cooperation: A Unified Approach to Homeland Security and Defense

DTIC Science & Technology

2012-05-17

recommend non-materiel or materiel approaches 8 David A. Shirk, “Transnational Crime , U.S...the Sedition Act of 1918, captured this periods approach to homeland security and defense. The Espionage Act of 1917 outlawed interfering with any...10,000 or imprisonment for not more than twenty years or both.26 The Sedition Act of 1918 broadened the laws set out in the Espionage Act of 1917 by

77 FR 62247 - Dynamic Positioning Operations Guidance for Vessels Other Than Mobile Offshore Drilling Units...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-12

... DEPARTMENT OF HOMELAND SECURITY Coast Guard [Docket No. USCG-2011-1106] Dynamic Positioning... ``Mobile Offshore Drilling Unit Dynamic Positioning Guidance''. The notice recommended owners and operators of Mobile Offshore Drilling Units (MODUs) follow Marine Technology Society (MTS) Dynamic Positioning...

Security Risks: Management and Mitigation in the Software Life Cycle

NASA Technical Reports Server (NTRS)

Gilliam, David P.

2004-01-01

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

PubMed Central

Alajmi, Naser; Elleithy, Khaled

2015-01-01

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable. PMID:26610499

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

PubMed

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Climate Induced Spillover and Implications for U.S. Security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Tidwell, Vincent C.; Naugle, Asmeret Bier; Backus, George A.

Developing nations incur a greater risk to climate change than the developed world due to poorly managed human/natural resources, unreliable infrastructure and brittle governing/economic institutions. These vulnerabilities often give rise to a climate induced “domino effect” of reduced natural resource production-leading to economic hardship, social unrest, and humanitarian crises. Integral to this cascading set of events is increased human migration, leading to the “spillover” of impacts to adjoining areas with even broader impact on global markets and security. Given the complexity of factors influencing human migration and the resultant spill-over effect, quantitative tools are needed to aid policy analysis. Towardmore » this need, a series of migration models were developed along with a system dynamics model of the spillover effect. The migration decision models were structured according to two interacting paths, one that captured long-term “chronic” impacts related to protracted deteriorating quality of life and a second focused on short-term “acute” impacts of disaster and/or conflict. Chronic migration dynamics were modeled for two different cases; one that looked only at emigration but at a national level for the entire world; and a second that looked at both emigration and immigration but focused on a single nation. Model parameterization for each of the migration models was accomplished through regression analysis using decadal data spanning the period 1960-2010. A similar approach was taken with acute migration dynamics except regression analysis utilized annual data sets limited to a shorter time horizon (2001-2013). The system dynamics spillover model was organized around two broad modules, one simulating the decision dynamics of migration and a second module that treats the changing environmental conditions that influence the migration decision. The environmental module informs the migration decision, endogenously simulating interactions/changes in the economy, labor, population, conflict, water, and food. A regional model focused on Mali in western Africa was used as a test case to demonstrate the efficacy of the model.« less

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wheeler, Timothy A.; Denman, Matthew R.; Williams, R. A.

Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities.more » iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.« less

Synchrophasor Sensing and Processing based Smart Grid Security Assessment for Renewable Energy Integration

NASA Astrophysics Data System (ADS)

Jiang, Huaiguang

With the evolution of energy and power systems, the emerging Smart Grid (SG) is mainly featured by distributed renewable energy generations, demand-response control and huge amount of heterogeneous data sources. Widely distributed synchrophasor sensors, such as phasor measurement units (PMUs) and fault disturbance recorders (FDRs), can record multi-modal signals, for power system situational awareness and renewable energy integration. An effective and economical approach is proposed for wide-area security assessment. This approach is based on wavelet analysis for detecting and locating the short-term and long-term faults in SG, using voltage signals collected by distributed synchrophasor sensors. A data-driven approach for fault detection, identification and location is proposed and studied. This approach is based on matching pursuit decomposition (MPD) using Gaussian atom dictionary, hidden Markov model (HMM) of real-time frequency and voltage variation features, and fault contour maps generated by machine learning algorithms in SG systems. In addition, considering the economic issues, the placement optimization of distributed synchrophasor sensors is studied to reduce the number of the sensors without affecting the accuracy and effectiveness of the proposed approach. Furthermore, because the natural hazards is a critical issue for power system security, this approach is studied under different types of faults caused by natural hazards. A fast steady-state approach is proposed for voltage security of power systems with a wind power plant connected. The impedance matrix can be calculated by the voltage and current information collected by the PMUs. Based on the impedance matrix, locations in SG can be identified, where cause the greatest impact on the voltage at the wind power plants point of interconnection. Furthermore, because this dynamic voltage security assessment method relies on time-domain simulations of faults at different locations, the proposed approach is feasible, convenient and effective. Conventionally, wind energy is highly location-dependent. Many desirable wind resources are located in rural areas without direct access to the transmission grid. By connecting MW-scale wind turbines or wind farms to the distributions system of SG, the cost of building long transmission facilities can be avoid and wind power supplied to consumers can be greatly increased. After the effective wide area monitoring (WAM) approach is built, an event-driven control strategy is proposed for renewable energy integration. This approach is based on support vector machine (SVM) predictor and multiple-input and multiple-output (MIMO) model predictive control (MPC) on linear time-invariant (LTI) and linear time-variant (LTV) systems. The voltage condition of the distribution system is predicted by the SVM classifier using synchrophasor measurement data. The controllers equipped with wind turbine generators are triggered by the prediction results. Both transmission level and distribution level are designed based on this proposed approach. Considering economic issues in the power system, a statistical scheduling approach to economic dispatch and energy reserves is proposed. The proposed approach focuses on minimizing the overall power operating cost with considerations of renewable energy uncertainty and power system security. The hybrid power system scheduling is formulated as a convex programming problem to minimize power operating cost, taking considerations of renewable energy generation, power generation-consumption balance and power system security. A genetic algorithm based approach is used for solving the minimization of the power operating cost. In addition, with technology development, it can be predicted that the renewable energy such as wind turbine generators and PV panels will be pervasively located in distribution systems. The distribution system is an unbalanced system, which contains single-phase, two-phase and three-phase loads, and distribution lines. The complex configuration brings a challenge to power flow calculation. A topology analysis based iterative approach is used to solve this problem. In this approach, a self-adaptive topology recognition method is used to analyze the distribution system, and the backward/forward sweep algorithm is used to generate the power flow results. Finally, for the numerical simulations, the IEEE 14-bus, 30-bus, 39-bus and 118-bus systems are studied for fault detection, identification and location. Both transmission level and distribution level models are employed with the proposed control strategy for voltage stability of renewable energy integration. The simulation results demonstrate the effectiveness of the proposed methods. The IEEE 24-bus reliability test system (IEEE-RTS), which is commonly used for evaluating the price stability and reliability of power system, is used as the test bench for verifying and evaluating system performance of the proposed scheduling approach.

Approach to estimation of level of information security at enterprise based on genetic algorithm

NASA Astrophysics Data System (ADS)

V, Stepanov L.; V, Parinov A.; P, Korotkikh L.; S, Koltsov A.

2018-05-01

In the article, the way of formalization of different types of threats of information security and vulnerabilities of an information system of the enterprise and establishment is considered. In a type of complexity of ensuring information security of application of any new organized system, the concept and decisions in the sphere of information security are expedient. One of such approaches is the method of a genetic algorithm. For the enterprises of any fields of activity, the question of complex estimation of the level of security of information systems taking into account the quantitative and qualitative factors characterizing components of information security is relevant.

Improvement of economic security management system of municipalities with account of transportation system development: methods of assessment

NASA Astrophysics Data System (ADS)

Khe Sun, Pak; Vorona-Slivinskaya, Lubov; Voskresenskay, Elena

2017-10-01

The article highlights the necessity of a complex approach to assess economic security of municipalities, which would consider municipal management specifics. The approach allows comparing the economic security level of municipalities, but it does not describe parameter differences between compared municipalities. Therefore, there is a second method suggested: parameter rank order method. Applying these methods allowed to figure out the leaders and outsiders of the economic security among municipalities and rank all economic security parameters according to the significance level. Complex assessment of the economic security of municipalities, based on the combination of the two approaches, allowed to assess the security level more accurate. In order to assure economic security and equalize its threshold values, one should pay special attention to transportation system development in municipalities. Strategic aims of projects in the area of transportation infrastructure development in municipalities include the following issues: contribution into creating and elaborating transportation logistics and manufacture transport complexes, development of transportation infrastructure with account of internal and external functions of the region, public transport development, improvement of transport security and reducing its negative influence on the environment.

Analysis of ISO NE Balancing Requirements: Uncertainty-based Secure Ranges for ISO New England Dynamic Inerchange Adjustments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Etingov, Pavel V.; Makarov, Yuri V.; Wu, Di

The document describes detailed uncertainty quantification (UQ) methodology developed by PNNL to estimate secure ranges of potential dynamic intra-hour interchange adjustments in the ISO-NE system and provides description of the dynamic interchange adjustment (DINA) tool developed under the same contract. The overall system ramping up and down capability, spinning reserve requirements, interchange schedules, load variations and uncertainties from various sources that are relevant to the ISO-NE system are incorporated into the methodology and the tool. The DINA tool has been tested by PNNL and ISO-NE staff engineers using ISO-NE data.

Factors influencing crime rates: an econometric analysis approach

NASA Astrophysics Data System (ADS)

Bothos, John M. A.; Thomopoulos, Stelios C. A.

2016-05-01

The scope of the present study is to research the dynamics that determine the commission of crimes in the US society. Our study is part of a model we are developing to understand urban crime dynamics and to enhance citizens' "perception of security" in large urban environments. The main targets of our research are to highlight dependence of crime rates on certain social and economic factors and basic elements of state anticrime policies. In conducting our research, we use as guides previous relevant studies on crime dependence, that have been performed with similar quantitative analyses in mind, regarding the dependence of crime on certain social and economic factors using statistics and econometric modelling. Our first approach consists of conceptual state space dynamic cross-sectional econometric models that incorporate a feedback loop that describes crime as a feedback process. In order to define dynamically the model variables, we use statistical analysis on crime records and on records about social and economic conditions and policing characteristics (like police force and policing results - crime arrests), to determine their influence as independent variables on crime, as the dependent variable of our model. The econometric models we apply in this first approach are an exponential log linear model and a logit model. In a second approach, we try to study the evolvement of violent crime through time in the US, independently as an autonomous social phenomenon, using autoregressive and moving average time-series econometric models. Our findings show that there are certain social and economic characteristics that affect the formation of crime rates in the US, either positively or negatively. Furthermore, the results of our time-series econometric modelling show that violent crime, viewed solely and independently as a social phenomenon, correlates with previous years crime rates and depends on the social and economic environment's conditions during previous years.

Survey of cyber security issues in smart grids

NASA Astrophysics Data System (ADS)

Chen, Thomas M.

2010-04-01

The future smart grid will enable cost savings and lower energy use by means of smart appliances and smart meters which support dynamic load management and real-time monitoring of energy use and distribution. The introduction of two-way communications and control into power grid introduces security and privacy concerns. This talk will survey the security and privacy issues in smart grids using the NIST reference model, and relate these issues to cyber security in the Internet.

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks

PubMed Central

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A.; Zulkarnain, Zuriati A.

2016-01-01

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol’s semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery. PMID:27338411

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

PubMed

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

2016-06-22

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

Urbanization, Extreme Climate Hazards and Food, Energy Water Security

NASA Astrophysics Data System (ADS)

Romero-Lankao, P.; Davidson, D.; McPhearson, T.

2016-12-01

Research is urgently needed that incorporates the interconnected nature of three critical resources supporting our cities: food, energy and water. Cities are increasing demands for food, water and energy resources that in turn stress resource supplies, creating risks of negative impacts to human and ecological wellbeing. Simultaneously, shifts in climatic conditions, including extremes such as floods, heat, and droughts, threaten the sustainable availability of adequate quantities and qualities of food, energy and water (FEW) resources needed for resilient cities and ecosystems. These resource flows cannot be treated in isolation simply because they are interconnected: shifts in food, energy or water dynamics in turn affect the others, affecting the security of the whole - i.e., FEW nexus security. We present a framework to examine the dynamic interactions of urbanization, FEW nexus security and extreme hazard risks, with two overarching research questions: Do existing and emerging actions intended to enhance a population's food, water and energy security have the capacity to ensure FEW nexus security in the face of changing climate and urban development conditions? Can we identify a common set of social, ecological and technological conditions across a diversity of urban-regions that support the emergence of innovations that can lead to structural transformations for FEW nexus security?

Minimal Models for Dyadic Processes: a Review

NASA Astrophysics Data System (ADS)

Rinaldi, Sergio; Gragnani, Alessandra

This paper is a survey of a few recent contributions in which dyadic processes are studied as formal dynamical systems. For this, a general minimal model composed of two ordinary differential equations is first considered as a possible formal tool to mimic the dynamics of the feelings between two persons. The equations take into account three mechanisms of love growth and decay: the pleasure of being loved (return), the reaction to partner's appeal (instinct), and the forgetting process (oblivion). Under extremely simple assumptions on the behavior of the individuals, the minimal model turns out to be a positive linear system enjoying, as such, a number of remarkable properties, which are in agreement with common wisdom on the argument. These properties are used to explore the consequences that individual behavior can have on community structure. The main result along this line is that individual appeal is the driving force that creates order in the community. Then, in order to make the assumptions more realistic, in accordance with attachment theory, individuals are divided into secure and non secure individuals, and into synergic and non synergic individuals, for a total of four different classes. Using always the same minimal model, it is shown that couples composed of secure individuals, as well as couples composed of non synergic individuals can only have stationary modes of behavior. By contrast, couples composed of a secure and synergic individual and a non secure and non synergic individual can experience cyclic dynamics. In other words, the coexistence of insecurity and synergism in the couple is the minimum ingredient for cyclic love dynamics. Finally, a slightly more complex model, composed of three ordinary differential equations, proposed to study the dynamics of love between Petrarch, a celebrated Italian poet of the 14-th century, and Laura, a beautiful but married lady, is also reviewed. Possible extensions are mentioned at the end of the paper.

A cooperative model for IS security risk management in distributed environment.

PubMed

Feng, Nan; Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

AST: Activity-Security-Trust driven modeling of time varying networks.

PubMed

Wang, Jian; Xu, Jiake; Liu, Yanheng; Deng, Weiwen

2016-02-18

Network modeling is a flexible mathematical structure that enables to identify statistical regularities and structural principles hidden in complex systems. The majority of recent driving forces in modeling complex networks are originated from activity, in which an activity potential of a time invariant function is introduced to identify agents' interactions and to construct an activity-driven model. However, the new-emerging network evolutions are already deeply coupled with not only the explicit factors (e.g. activity) but also the implicit considerations (e.g. security and trust), so more intrinsic driving forces behind should be integrated into the modeling of time varying networks. The agents undoubtedly seek to build a time-dependent trade-off among activity, security, and trust in generating a new connection to another. Thus, we reasonably propose the Activity-Security-Trust (AST) driven model through synthetically considering the explicit and implicit driving forces (e.g. activity, security, and trust) underlying the decision process. AST-driven model facilitates to more accurately capture highly dynamical network behaviors and figure out the complex evolution process, allowing a profound understanding of the effects of security and trust in driving network evolution, and improving the biases induced by only involving activity representations in analyzing the dynamical processes.

Modelling the fear of crime

PubMed Central

Bishop, Steven

2017-01-01

How secure people feel in a particular region is obviously linked to the actual crime suffered in that region but the exact relationship between crime and its fear is quite subtle. Two regions may have the same crime rate but their local perception of security may differ. Equally, two places may have the same perception of security even though one may have a significantly lower crime rate. Furthermore, a negative perception might persist for many years, even when crime rates drop. Here, we develop a model for the dynamics of the perception of security of a region based on the distribution of crime suffered by the population using concepts similar to those used for opinion dynamics. Simulations under a variety of conditions illustrate different scenarios and help us determine the impact of suffering more, or less, crime. The inhomogeneous concentration of crime together with a memory loss process is incorporated into the model for the perception of security, and results explain why people are often more fearful than actually victimized; why a region is perceived as being insecure despite a low crime rate; and why a decrease in the crime rate might not significantly improve the perception of security. PMID:28804260

Managing information technology security risk

NASA Technical Reports Server (NTRS)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

The Model of Gas Supply Capacity Simulation In Regional Energy Security Framework: Policy Studies PT. X Cirebon Area

NASA Astrophysics Data System (ADS)

Nuryadin; Ronny Rahman Nitibaskara, Tb; Herdiansyah, Herdis; Sari, Ravita

2017-10-01

The needs of energy are increasing every year. The unavailability of energy will cause economic losses and weaken energy security. To overcome the availability of gas supply in the future, planning are cruacially needed. Therefore, it is necessary to approach the system, so that the process of gas distribution is running properly. In this research, system dynamic method will be used to measure how much supply capacity planning is needed until 2050, with parameters of demand in industrial, household and commercial sectors. From the model obtained PT.X Cirebon area in 2031 was not able to meet the needs of gas customers in the Cirebon region, as well as with Businnes as usual scenario, the ratio of gas fulfillment only until 2027. The implementation of the national energy policy that is the use of NRE as government intervention in the model is produced up to 2035 PT.X Cirebon area is still able to supply the gas needs of its customers.

Submillimetre wave imaging and security: imaging performance and prediction

NASA Astrophysics Data System (ADS)

Appleby, R.; Ferguson, S.

2016-10-01

Within the European Commission Seventh Framework Programme (FP7), CONSORTIS (Concealed Object Stand-Off Real-Time Imaging for Security) has designed and is fabricating a stand-off system operating at sub-millimetre wave frequencies for the detection of objects concealed on people. This system scans people as they walk by the sensor. This paper presents the top level system design which brings together both passive and active sensors to provide good performance. The passive system operates in two bands between 100 and 600GHz and is based on a cryogen free cooled focal plane array sensor whilst the active system is a solid-state 340GHz radar. A modified version of OpenFX was used for modelling the passive system. This model was recently modified to include realistic location-specific skin temperature and to accept animated characters wearing up to three layers of clothing that move dynamically, such as those typically found in cinematography. Targets under clothing have been modelled and the performance simulated. The strengths and weaknesses of this modelling approach are discussed.

Preliminary Results from a Model-Driven Architecture Methodology for Development of an Event-Driven Space Communications Service Concept

NASA Technical Reports Server (NTRS)

Roberts, Christopher J.; Morgenstern, Robert M.; Israel, David J.; Borky, John M.; Bradley, Thomas H.

2017-01-01

NASA's next generation space communications network will involve dynamic and autonomous services analogous to services provided by current terrestrial wireless networks. This architecture concept, known as the Space Mobile Network (SMN), is enabled by several technologies now in development. A pillar of the SMN architecture is the establishment and utilization of a continuous bidirectional control plane space link channel and a new User Initiated Service (UIS) protocol to enable more dynamic and autonomous mission operations concepts, reduced user space communications planning burden, and more efficient and effective provider network resource utilization. This paper provides preliminary results from the application of model driven architecture methodology to develop UIS. Such an approach is necessary to ensure systematic investigation of several open questions concerning the efficiency, robustness, interoperability, scalability and security of the control plane space link and UIS protocol.

Distributed UAV-Swarm Real-Time Geomatic Data Collection Under Dynamically Changing Resolution Requirements

NASA Astrophysics Data System (ADS)

Almeida, Miguel; Hildmann, Hanno; Solmaz, Gürkan

2017-08-01

Unmanned Aerial Vehicles (UAVs) have been used for reconnaissance and surveillance missions as far back as the Vietnam War, but with the recent rapid increase in autonomy, precision and performance capabilities - and due to the massive reduction in cost and size - UAVs have become pervasive products, available and affordable for the general public. The use cases for UAVs are in the areas of disaster recovery, environmental mapping & protection and increasingly also as extended eyes and ears of civil security forces such as fire-fighters and emergency response units. In this paper we present a swarm algorithm that enables a fleet of autonomous UAVs to collectively perform sensing tasks related to environmental and rescue operations and to dynamically adapt to e.g. changing resolution requirements. We discuss the hardware used to build our own drones and the settings under which we validate the proposed approach.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach-A Case Study for the City of Wuhan in China.

PubMed

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-06-15

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study-simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hauer, John F.; Mittelstadt, William; Martin, Kenneth E.

During 2005 and 2006 the Western Electricity Coordinating Council (WECC) performed three major tests of western system dynamics. These tests used a Wide Area Measurement System (WAMS) based primarily on Phasor Measurement Units (PMUs) to determine response to events including the insertion of the 1400-MW Chief Joseph braking resistor, probing signals, and ambient events. Test security was reinforced through real-time analysis of wide area effects, and high-quality data provided dynamic profiles for interarea modes across the entire western interconnection. The tests established that low-level optimized pseudo-random ±20-MW probing with the Pacific DC Intertie (PDCI) roughly doubles the apparent noise thatmore » is natural to the power system, providing sharp dynamic information with negligible interference to system operations. Such probing is an effective alternative to use of the 1400-MW Chief Joseph dynamic brake, and it is under consideration as a standard means for assessing dynamic security.« less

Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

PubMed Central

Liu, Changyu; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches. PMID:25147840

Contextualizing Secure Information System Design: A Socio-Technical Approach

ERIC Educational Resources Information Center

Charif, Abdul Rahim

2017-01-01

Secure Information Systems (SIS) design paradigms have evolved in generations to adapt to IS security needs. However, modern IS are still vulnerable and are far from secure. The development of an underlying IS cannot be reduced to "technological fixes" neither is the design of SIS. Technical security cannot ensure IS security.…

IT security evaluation - “hybrid” approach and risk of its implementation

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is relevant to evolve processes of evaluation of the IT security nowadays. Creating and application of the common evaluation approaches for an IT component, which are processed by the governmental and civil organizations, are still not solving problem. It is suggested to create a more precise and complex assessment tool for an IT security – the “hybrid” method of the IT security evaluation for a particular object, which is based on a range of adequate assessment tools.

Preventing infant abductions: an infant security program transitioned into an interdisciplinary model.

PubMed

Hiner, Jacqueline; Pyka, Jeanine; Burks, Colleen; Pisegna, Lily; Gador, Rachel Ann

2012-01-01

Ensuring the safety of infants born in a hospital is a top priority and, therefore, requires a solid infant security plan. Using an interdisciplinary approach and a systematic change process, nursing leadership in collaboration with clinical nurses and security personnel analyzed the infant security program at this community hospital to identify vulnerabilities. By establishing an interdisciplinary approach to infant security, participants were able to unravel a complicated concept, systematically analyze the gaps, and agree to a plan of action. This resulted in improved communication and clarification of roles between the nursing and security divisions. Supply costs decreased by 17.4% after the first year of implementation. Most importantly, this project enhanced and strengthened the existing infant abduction prevention measures, hard wired the importance of infant security, and minimized vulnerabilities.

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

A new reduced-order observer for the synchronization of nonlinear chaotic systems: An application to secure communications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Castro-Ramírez, Joel, E-mail: ingcastro.7@gmail.com; Martínez-Guerra, Rafael, E-mail: rguerra@ctrl.cinvestav.mx; Cruz-Victoria, Juan Crescenciano, E-mail: juancrescenciano.cruz@uptlax.edu.mx

2015-10-15

This paper deals with the master-slave synchronization scheme for partially known nonlinear chaotic systems, where the unknown dynamics is considered as the master system and we propose the slave system structure which estimates the unknown states. It introduced a new reduced order observer, using the concept of Algebraic Observability; we applied the results to a Sundarapandian chaotic system, and by means of some numerical simulations we show the effectiveness of the suggested approach. Finally, the proposed observer is utilized for encryption, where encryption key is the master system and decryption key is the slave system.

Security implications of the proliferation of weapons of mass destruction in the Middle East. Final report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hajjar, S.G.

1998-12-17

The author argues that the Arab-Israeli conflict, the Iran-Iraq rivalry, and the lack of progress in the peace process are strong incentives for nations in the region to acquire weapons of mass destruction (WMD). He documents Israeli, Iranian, and Arab WMD programs and capabilities, referencing use of WMD in the region. He discusses the reasons why the major regional powers seek WMD capabilities and examines the nature of the proliferation dynamic as well as nonproliferation and counterproliferation approaches applicable to the region. The author offers several recommendations designed to strengthen these efforts and deal more effectively with causes of proliferation.

Foundational Security Principles for Medical Application Platforms* (Extended Abstract)

PubMed Central

Vasserman, Eugene Y.; Hatcliff, John

2014-01-01

We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals. PMID:25599096

A model-driven approach to information security compliance

NASA Astrophysics Data System (ADS)

Correia, Anacleto; Gonçalves, António; Teodoro, M. Filomena

2017-06-01

The availability, integrity and confidentiality of information are fundamental to the long-term survival of any organization. Information security is a complex issue that must be holistically approached, combining assets that support corporate systems, in an extended network of business partners, vendors, customers and other stakeholders. This paper addresses the conception and implementation of information security systems, conform the ISO/IEC 27000 set of standards, using the model-driven approach. The process begins with the conception of a domain level model (computation independent model) based on information security vocabulary present in the ISO/IEC 27001 standard. Based on this model, after embedding in the model mandatory rules for attaining ISO/IEC 27001 conformance, a platform independent model is derived. Finally, a platform specific model serves the base for testing the compliance of information security systems with the ISO/IEC 27000 set of standards.

Border Security: A Conceptual Model of Complexity

DTIC Science & Technology

2013-12-01

maximum 200 words ) This research applies complexity and system dynamics theory to the idea of border security, culminating in the development of...alternative policy options. E. LIMITATIONS OF RESEARCH AND MODEL This research explores whether border security is a living system. In other words , whether...border inspections. Washington State, for example, experienced a 50% drop in tourism and lost over $100 million in local revenue because of the

The role of self-determined motivation in job search: A dynamic approach.

PubMed

da Motta Veiga, Serge P; Gabriel, Allison S

2016-03-01

Job search is a dynamic self-regulated process during which job seekers need to stay motivated to secure a job. However, past research has taken a relatively static approach to examining motivation during the job search, in addition to ignoring how the quality of one's motivation--ranging from autonomous to controlled--can influence job search processes. Adopting a within-person perspective, the current study extends self-determination theory (SDT) to the job search context to investigate (a) when autonomous and controlled motivations are more or less prevalent and (b) whether they influence job search effort through metacognitive strategies in differing ways depending upon the amount of time elapsed in the search. In a weekly study of new labor market entrants (Level-2 n = 149; Level-1 n = 691), results indicated that autonomous motivation decreased until the midpoint of the job search and then plateaued, whereas controlled motivation remained stable. Results also showed that autonomous motivation had a consistent, positive relation with metacognitive strategies, whereas the relation between controlled motivation and such strategies was negative early in the job search, but became positive as the job search progressed. Finally, the effects of motivation on job search effort occurred via metacognitive strategies differentially depending upon the time elapsed in the search. Combined, we provide a first glimpse into the dynamics of self-determined motivation on job search processes. (c) 2016 APA, all rights reserved).

A Cooperative Model for IS Security Risk Management in Distributed Environment

PubMed Central

Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively. PMID:24563626

Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

NASA Astrophysics Data System (ADS)

Taha, Ahmad Fayez

Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input observers---observers/estimators for uncertain CPSs---are designed such that the effect of time-delays and cyber-induced perturbations are minimized, enabling secure DSE and risk mitigation in the first two parts. The final part deals with the extreme time-scales encompassed in CPSs, generally, and smart grids, specifically. Operational decisions for long time-scales can adversely affect the security of CPSs for faster time-scales. We present a model that jointly describes steady-state operation and transient stability by combining convex optimal power flow with semidefinite programming formulations of an optimal control problem. This approach can be jointly utilized with the aforementioned parts of the dissertation work, considering time-delays and DSE. The research contributions of this dissertation furnish CPS stakeholders with insights on the design and operation of uncertain CPSs, whilst guaranteeing the system's real-time safety. Finally, although many of the results of this dissertation are tailored to power systems, the results are general enough to be applied for a variety of uncertain CPSs.

Security Assistance: U.S. and International Historical Perspectives

DTIC Science & Technology

2006-08-01

Major Schumann’s study , A transformational approach to US security assistance – the case of Romania. 45 Quadrennial Defense Review Report (QDRR...545 A Transformational Approach to Security Assistance: The Case of Romania by Major Drew Schumann...intent of this study is to examine a small group of nineteenth- and twentieth-century cases in search of useful, or at least noteworthy

The Role of Human Factors/Ergonomics in the Science of Security: Decision Making and Action Selection in Cyberspace.

PubMed

Proctor, Robert W; Chen, Jing

2015-08-01

The overarching goal is to convey the concept of science of security and the contributions that a scientifically based, human factors approach can make to this interdisciplinary field. Rather than a piecemeal approach to solving cybersecurity problems as they arise, the U.S. government is mounting a systematic effort to develop an approach grounded in science. Because humans play a central role in security measures, research on security-related decisions and actions grounded in principles of human information-processing and decision-making is crucial to this interdisciplinary effort. We describe the science of security and the role that human factors can play in it, and use two examples of research in cybersecurity--detection of phishing attacks and selection of mobile applications--to illustrate the contribution of a scientific, human factors approach. In these research areas, we show that systematic information-processing analyses of the decisions that users make and the actions they take provide a basis for integrating the human component of security science. Human factors specialists should utilize their foundation in the science of applied information processing and decision making to contribute to the science of cybersecurity. © 2015, Human Factors and Ergonomics Society.

A secured e-tendering modeling using misuse case approach

NASA Astrophysics Data System (ADS)

Mohd, Haslina; Robie, Muhammad Afdhal Muhammad; Baharom, Fauziah; Darus, Norida Muhd; Saip, Mohamed Ali; Yasin, Azman

2016-08-01

Major risk factors relating to electronic transactions may lead to destructive impacts on trust and transparency in the process of tendering. Currently, electronic tendering (e-tendering) systems still remain uncertain in issues relating to legal and security compliance and most importantly it has an unclear security framework. Particularly, the available systems are lacking in addressing integrity, confidentiality, authentication, and non-repudiation in e-tendering requirements. Thus, one of the challenges in developing an e-tendering system is to ensure the system requirements include the function for secured and trusted environment. Therefore, this paper aims to model a secured e-tendering system using misuse case approach. The modeling process begins with identifying the e-tendering process, which is based on the Australian Standard Code of Tendering (AS 4120-1994). It is followed by identifying security threats and their countermeasure. Then, the e-tendering was modelled using misuse case approach. The model can contribute to e-tendering developers and also to other researchers or experts in the e-tendering domain.

Guidelines for Network Security in the Learning Environment.

ERIC Educational Resources Information Center

Littman, Marlyn Kemper

1996-01-01

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

Drought Dynamics and Food Security in Ukraine

NASA Astrophysics Data System (ADS)

Kussul, N. M.; Kogan, F.; Adamenko, T. I.; Skakun, S. V.; Kravchenko, O. M.; Kryvobok, O. A.; Shelestov, A. Y.; Kolotii, A. V.; Kussul, O. M.; Lavrenyuk, A. M.

2012-12-01

In recent years food security became a problem of great importance at global, national and regional scale. Ukraine is one of the most developed agriculture countries and one of the biggest crop producers in the world. According to the 2011 statistics provided by the USDA FAS, Ukraine was the 8th largest exporter and 10th largest producer of wheat in the world. Therefore, identifying current and projecting future trends in climate and agriculture parameters is a key element in providing support to policy makers in food security. This paper combines remote sensing, meteorological, and modeling data to investigate dynamics of extreme events, such as droughts, and its impact on agriculture production in Ukraine. Two main problems have been considered in the study: investigation of drought dynamics in Ukraine and its impact on crop production; and investigation of crop growth models for yield and production forecasting and its comparison with empirical models that use as a predictor satellite-derived parameters and meteorological observations. Large-scale weather disasters in Ukraine such as drought were assessed using vegetation health index (VHI) derived from satellite data. The method is based on estimation of green canopy stress/no stress from indices, characterizing moisture and thermal conditions of vegetation canopy. These conditions are derived from the reflectance/emission in the red, near infrared and infrared parts of solar spectrum measured by the AVHRR flown on the NOAA afternoon polar-orbiting satellites since 1981. Droughts were categorized into exceptional, extreme, severe and moderate. Drought area (DA, in % from total Ukrainian area) was calculated for each category. It was found that maximum DA over past 20 years was 10% for exceptional droughts, 20% for extreme droughts, 50% for severe droughts, and 80% for moderate droughts. Also, it was shown that in general the drought intensity and area did not increase considerably over past 10 years. Analysis of interrelation between DA of different categories at oblast level with agriculture production will be discussed as well. A comparative study was carried out to assess three approaches to forecast winter wheat yield in Ukraine at oblast level: (i) empirical regression-based model that uses as a predictor 16-day NDVI composites derived from MODIS at the 250 m resolution, (ii) empirical regression-based model that uses as predictors meteorological parameters, and (iii) adapted for Ukraine Crop Growth Monitoring System (CGMS) that is based on WOFOST crop growth simulation model and meteorological parameters. These three approaches were calibrated for 2000-2009 and 2000-2010 data, and compared while performing forecasts on independent data for 2010 and 2011. For 2010, the best results in terms of root mean square error (RMSE, by oblast, deviation of predicted values from official statistics) were achieved using CGMS models: 0.3 t/ha. For NDVI and meteorological models RMSE values were 0.79 and 0.77 t/ha, respectively. When forecasting winter wheat yield for 2011, the following RMSE values were obtained: 0.58 t/ha for CGMS, 0.56 t/ha for meteorological model, and 0.62 t/ha for NDVI. In this case performance of all three approaches was relatively the same. Acknowledgements. This work was supported by the U.S. CRDF Grant "Analysis of climate change & food security based on remote sensing & in situ data sets" (UKB2-2972-KV-09).

Best Practices and Lessons Learned In LANL Approaches to Transportation Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Drypolcher, Katherine Carr

Presentation includes slides on Physical Protection of Material in Transit; Graded Approach for Implementation Controls; Security Requirements; LANL Lessons Learned; Shipping Violation; Unmonitored Shipment; Foreign shipment; and the Conclusion.

16 CFR 1203.15 - Positional stability test (roll-off resistance).

Code of Federal Regulations, 2010 CFR

2010-01-01

... any slack. (3) Suspend the dynamic impact system from the helmet by positioning the flexible strap... positions. (3) Dynamic impact apparatus. A dynamic impact apparatus shall be used to apply a shock load to a helmet secured to the test headform. The dynamic impact apparatus shall allow a 4-kg (8.8-lb) drop weight...

Optical Response of Warm Dense Matter Using Real-Time Electron Dynamics

NASA Astrophysics Data System (ADS)

Baczewski, Andrew; Shulenburger, Luke; Desjarlais, Michael; Magyar, Rudolph

2014-03-01

The extreme temperatures and solid-like densities in warm dense matter present a unique challenge for theory, wherein neither conventional models from condensed matter nor plasma physics capture all of the relevant phenomenology. While Kubo-Greenwood DFT calculations have proven capable of reproducing optical properties of WDM, they require a significant number of virtual orbitals to reach convergence due to their perturbative nature. Real-time TDDFT presents a complementary framework with a number of computationally favorable properties, including reduced cost complexity and better scalability, and has been used to reproduce the optical response of finite and ordered extended systems. We will describe the use of Ehrenfest-TDDFT to evolve coupled electron-nuclear dynamics in WDM systems, and the subsequent evaluation of optical response functions from the real-time electron dynamics. The advantages and disadvantages of this approach will be discussed relative to the current state-of-the-art. Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy's National Security Administration under contract DE-AC04-94AL85000.

Integrating geo web services for a user driven exploratory analysis

NASA Astrophysics Data System (ADS)

Moncrieff, Simon; Turdukulov, Ulanbek; Gulland, Elizabeth-Kate

2016-04-01

In data exploration, several online data sources may need to be dynamically aggregated or summarised over spatial region, time interval, or set of attributes. With respect to thematic data, web services are mainly used to present results leading to a supplier driven service model limiting the exploration of the data. In this paper we propose a user need driven service model based on geo web processing services. The aim of the framework is to provide a method for the scalable and interactive access to various geographic data sources on the web. The architecture combines a data query, processing technique and visualisation methodology to rapidly integrate and visually summarise properties of a dataset. We illustrate the environment on a health related use case that derives Age Standardised Rate - a dynamic index that needs integration of the existing interoperable web services of demographic data in conjunction with standalone non-spatial secure database servers used in health research. Although the example is specific to the health field, the architecture and the proposed approach are relevant and applicable to other fields that require integration and visualisation of geo datasets from various web services and thus, we believe is generic in its approach.

Petri net modeling of encrypted information flow in federated cloud

NASA Astrophysics Data System (ADS)

Khushk, Abdul Rauf; Li, Xiaozhong

2017-08-01

Solutions proposed and developed for the cost-effective cloud systems suffer from a combination of secure private clouds and less secure public clouds. Need to locate applications within different clouds poses a security risk to the information flow of the entire system. This study addresses this by assigning security levels of a given lattice to the entities of a federated cloud system. A dynamic flow sensitive security model featuring Bell-LaPadula procedures is explored that tracks and authenticates the secure information flow in federated clouds. Additionally, a Petri net model is considered as a case study to represent the proposed system and further validate the performance of the said system.

Advanced Computational Methods for Security Constrained Financial Transmission Rights

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kalsi, Karanjit; Elbert, Stephen T.; Vlachopoulou, Maria

Financial Transmission Rights (FTRs) are financial insurance tools to help power market participants reduce price risks associated with transmission congestion. FTRs are issued based on a process of solving a constrained optimization problem with the objective to maximize the FTR social welfare under power flow security constraints. Security constraints for different FTR categories (monthly, seasonal or annual) are usually coupled and the number of constraints increases exponentially with the number of categories. Commercial software for FTR calculation can only provide limited categories of FTRs due to the inherent computational challenges mentioned above. In this paper, first an innovative mathematical reformulationmore » of the FTR problem is presented which dramatically improves the computational efficiency of optimization problem. After having re-formulated the problem, a novel non-linear dynamic system (NDS) approach is proposed to solve the optimization problem. The new formulation and performance of the NDS solver is benchmarked against widely used linear programming (LP) solvers like CPLEX™ and tested on both standard IEEE test systems and large-scale systems using data from the Western Electricity Coordinating Council (WECC). The performance of the NDS is demonstrated to be comparable and in some cases is shown to outperform the widely used CPLEX algorithms. The proposed formulation and NDS based solver is also easily parallelizable enabling further computational improvement.« less

Mobile code security

NASA Astrophysics Data System (ADS)

Ramalingam, Srikumar

2001-11-01

A highly secure mobile agent system is very important for a mobile computing environment. The security issues in mobile agent system comprise protecting mobile hosts from malicious agents, protecting agents from other malicious agents, protecting hosts from other malicious hosts and protecting agents from malicious hosts. Using traditional security mechanisms the first three security problems can be solved. Apart from using trusted hardware, very few approaches exist to protect mobile code from malicious hosts. Some of the approaches to solve this problem are the use of trusted computing, computing with encrypted function, steganography, cryptographic traces, Seal Calculas, etc. This paper focuses on the simulation of some of these existing techniques in the designed mobile language. Some new approaches to solve malicious network problem and agent tampering problem are developed using public key encryption system and steganographic concepts. The approaches are based on encrypting and hiding the partial solutions of the mobile agents. The partial results are stored and the address of the storage is destroyed as the agent moves from one host to another host. This allows only the originator to make use of the partial results. Through these approaches some of the existing problems are solved.

A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application

NASA Astrophysics Data System (ADS)

Compagna, Luca; El Khoury, Paul; Massacci, Fabio; Saidane, Ayda

Providing context-dependent security services is an important challenge for ambient intelligent systems. The complexity and the unbounded nature of such systems make it difficult even for the most experienced and knowledgeable security engineers, to foresee all possible situations and interactions when developing the system. In order to solve this problem context based self- diagnosis and reconfiguration at runtime should be provided.

Security for safety critical space borne systems

NASA Technical Reports Server (NTRS)

Legrand, Sue

1987-01-01

The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

AST: Activity-Security-Trust driven modeling of time varying networks

PubMed Central

Wang, Jian; Xu, Jiake; Liu, Yanheng; Deng, Weiwen

2016-01-01

Network modeling is a flexible mathematical structure that enables to identify statistical regularities and structural principles hidden in complex systems. The majority of recent driving forces in modeling complex networks are originated from activity, in which an activity potential of a time invariant function is introduced to identify agents’ interactions and to construct an activity-driven model. However, the new-emerging network evolutions are already deeply coupled with not only the explicit factors (e.g. activity) but also the implicit considerations (e.g. security and trust), so more intrinsic driving forces behind should be integrated into the modeling of time varying networks. The agents undoubtedly seek to build a time-dependent trade-off among activity, security, and trust in generating a new connection to another. Thus, we reasonably propose the Activity-Security-Trust (AST) driven model through synthetically considering the explicit and implicit driving forces (e.g. activity, security, and trust) underlying the decision process. AST-driven model facilitates to more accurately capture highly dynamical network behaviors and figure out the complex evolution process, allowing a profound understanding of the effects of security and trust in driving network evolution, and improving the biases induced by only involving activity representations in analyzing the dynamical processes. PMID:26888717

Kinetic theory for strongly coupled Coulomb systems

NASA Astrophysics Data System (ADS)

Dufty, James; Wrighton, Jeffrey

2018-01-01

The calculation of dynamical properties for matter under extreme conditions is a challenging task. The popular Kubo-Greenwood model exploits elements from equilibrium density-functional theory (DFT) that allow a detailed treatment of electron correlations, but its origin is largely phenomenological; traditional kinetic theories have a more secure foundation but are limited to weak ion-electron interactions. The objective here is to show how a combination of the two evolves naturally from the short-time limit for the generator of the effective single-electron dynamics governing time correlation functions without such limitations. This provides a theoretical context for the current DFT-related approach, the Kubo-Greenwood model, while showing the nature of its corrections. The method is to calculate the short-time dynamics in the single-electron subspace for a given configuration of the ions. This differs from the usual kinetic theory approach in which an average over the ions is performed as well. In this way the effective ion-electron interaction includes strong Coulomb coupling and is shown to be determined from DFT. The correlation functions have the form of the random-phase approximation for an inhomogeneous system but with renormalized ion-electron and electron-electron potentials. The dynamic structure function, density response function, and electrical conductivity are calculated as examples. The static local field corrections in the dielectric function are identified in this way. The current analysis is limited to semiclassical electrons (quantum statistical potentials), so important quantum conditions are excluded. However, a quantization of the kinetic theory is identified for broader application while awaiting its detailed derivation.

Game theoretic analysis of physical protection system design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Canion, B.; Schneider, E.; Bickel, E.

The physical protection system (PPS) of a fictional small modular reactor (SMR) facility have been modeled as a platform for a game theoretic approach to security decision analysis. To demonstrate the game theoretic approach, a rational adversary with complete knowledge of the facility has been modeled attempting a sabotage attack. The adversary adjusts his decisions in response to investments made by the defender to enhance the security measures. This can lead to a conservative physical protection system design. Since defender upgrades were limited by a budget, cost benefit analysis may be conducted upon security upgrades. One approach to cost benefitmore » analysis is the efficient frontier, which depicts the reduction in expected consequence per incremental increase in the security budget.« less

The Operational Manager - Enemy or Hero of Secure Business Practice?

NASA Astrophysics Data System (ADS)

Goucher, Wendy

This paper will investigate the role of the non-IT manager in information security. He can, for example, be the reason why sensitive work is carried out on the move and security focused spending is given a low priority in the budget. Alternatively, he can also be the driving force behind empowering the team to have a dynamic attitude to protecting data both at work and at home. Now is the time for managers to stop pushing information security issues away from their desk and into the in-tray of the IT department.

Neurology diagnostics security and terminal adaptation for PocketNeuro project.

PubMed

Chemak, C; Bouhlel, M-S; Lapayre, J-C

2008-09-01

This paper presents new approaches of medical information security and terminal mobile phone adaptation for the PocketNeuro project. The latter term refers to a project created for the management of neurological diseases. It consists of transmitting information about patients ("desk of patients") to a doctor's mobile phone during a visit and examination of a patient. These new approaches for the PocketNeuro project were analyzed in terms of medical information security and adaptation of the diagnostic images to the doctor's mobile phone. Images were extracted from a DICOM library. Matlab and its library were used as software to test our approaches and to validate our results. Experiments performed on a database of 30 256 x 256 pixel-sized neuronal medical images indicated that our new approaches for PocketNeuro project are valid and support plans for large-scale studies between French and Swiss hospitals using secured connections.

Distributed clinical data sharing via dynamic access-control policy transformation.

PubMed

Rezaeibagha, Fatemeh; Mu, Yi

2016-05-01

Data sharing in electronic health record (EHR) systems is important for improving the quality of healthcare delivery. Data sharing, however, has raised some security and privacy concerns because healthcare data could be potentially accessible by a variety of users, which could lead to privacy exposure of patients. Without addressing this issue, large-scale adoption and sharing of EHR data are impractical. The traditional solution to the problem is via encryption. Although encryption can be applied to access control, it is not applicable for complex EHR systems that require multiple domains (e.g. public and private clouds) with various access requirements. This study was carried out to address the security and privacy issues of EHR data sharing with our novel access-control mechanism, which captures the scenario of the hybrid clouds and need of access-control policy transformation, to provide secure and privacy-preserving data sharing among different healthcare enterprises. We introduce an access-control mechanism with some cryptographic building blocks and present a novel approach for secure EHR data sharing and access-control policy transformation in EHR systems for hybrid clouds. We propose a useful data sharing system for healthcare providers to handle various EHR users who have various access privileges in different cloud environments. A systematic study has been conducted on data sharing in EHR systems to provide a solution to the security and privacy issues. In conclusion, we introduce an access-control method for privacy protection of EHRs and EHR policy transformation that allows an EHR access-control policy to be transformed from a private cloud to a public cloud. This method has never been studied previously in the literature. Furthermore, we provide a protocol to demonstrate policy transformation as an application scenario. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Design and implementation of a secure workflow system based on PKI/PMI

NASA Astrophysics Data System (ADS)

Yan, Kai; Jiang, Chao-hui

2013-03-01

As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

Independent component analysis (ICA) and self-organizing map (SOM) approach to multidetection system for network intruders

NASA Astrophysics Data System (ADS)

Abdi, Abdi M.; Szu, Harold H.

2003-04-01

With the growing rate of interconnection among computer systems, network security is becoming a real challenge. Intrusion Detection System (IDS) is designed to protect the availability, confidentiality and integrity of critical network information systems. Today"s approach to network intrusion detection involves the use of rule-based expert systems to identify an indication of known attack or anomalies. However, these techniques are less successful in identifying today"s attacks. Hackers are perpetually inventing new and previously unanticipated techniques to compromise information infrastructure. This paper proposes a dynamic way of detecting network intruders on time serious data. The proposed approach consists of a two-step process. Firstly, obtaining an efficient multi-user detection method, employing the recently introduced complexity minimization approach as a generalization of a standard ICA. Secondly, we identified unsupervised learning neural network architecture based on Kohonen"s Self-Organizing Map for potential functional clustering. These two steps working together adaptively will provide a pseudo-real time novelty detection attribute to supplement the current intrusion detection statistical methodology.

Distributed reinforcement learning for adaptive and robust network intrusion response

NASA Astrophysics Data System (ADS)

Malialis, Kleanthis; Devlin, Sam; Kudenko, Daniel

2015-07-01

Distributed denial of service (DDoS) attacks constitute a rapidly evolving threat in the current Internet. Multiagent Router Throttling is a novel approach to defend against DDoS attacks where multiple reinforcement learning agents are installed on a set of routers and learn to rate-limit or throttle traffic towards a victim server. The focus of this paper is on online learning and scalability. We propose an approach that incorporates task decomposition, team rewards and a form of reward shaping called difference rewards. One of the novel characteristics of the proposed system is that it provides a decentralised coordinated response to the DDoS problem, thus being resilient to DDoS attacks themselves. The proposed system learns remarkably fast, thus being suitable for online learning. Furthermore, its scalability is successfully demonstrated in experiments involving 1000 learning agents. We compare our approach against a baseline and a popular state-of-the-art throttling technique from the network security literature and show that the proposed approach is more effective, adaptive to sophisticated attack rate dynamics and robust to agent failures.

[The comparative evaluation of level of security culture in medical organizations].

PubMed

Roitberg, G E; Kondratova, N V; Galanina, E V

2016-01-01

The study was carried out on the basis of clinic “Medicine” in 2014-2015 concerning security culture. The sampling included 465 filled HSPSC questionnaires. The comparative analysis of received was implemented. The “Zubovskaia district hospital” Having no accreditation according security standards and group of clinics from USA functioning for many years in the system of patient security support were selected as objects for comparison. The evaluation was implemented concerning dynamics of security culture in organization at implementation of strategies of security of patients during 5 years and comparison of obtained results with USA clinics was made. The study results demonstrated that in conditions of absence of implemented standards of security in medical organization total evaluation of security remains extremely low. The study of security culture using HSPSC questionnaire is an effective tool for evaluating implementation of various strategies of security ofpatient. The functioning in the system of international standards of quality, primarily JCI standards, permits during several years to achieve high indices of security culture.

Optimization of airport security process

NASA Astrophysics Data System (ADS)

Wei, Jianan

2017-05-01

In order to facilitate passenger travel, on the basis of ensuring public safety, the airport security process and scheduling to optimize. The stochastic Petri net is used to simulate the single channel security process, draw the reachable graph, construct the homogeneous Markov chain to realize the performance analysis of the security process network, and find the bottleneck to limit the passenger throughput. Curve changes in the flow of passengers to open a security channel for the initial state. When the passenger arrives at a rate that exceeds the processing capacity of the security channel, it is queued. The passenger reaches the acceptable threshold of the queuing time as the time to open or close the next channel, simulate the number of dynamic security channel scheduling to reduce the passenger queuing time.

Meeting EHR security requirements: SeAAS approach.

PubMed

Katt, Basel; Trojer, Thomas; Breu, Ruth; Schabetsberger, Thomas; Wozak, Florian

2010-01-01

In the last few years, Electronic Health Record (EHR) systems have received a great attention in the literature, as well as in the industry. They are expected to lead to health care savings, increase health care quality and reduce medical errors. This interest has been accompanied by the development of different standards and frameworks to meet EHR challenges. One of the most important initiatives that was developed to solve problems of EHR is IHE (Integrating the Healthcare Enterprise), which adapts the distributed approach to store and manage healthcare data. IHE aims at standardizing the way healthcare systems exchange information in distributed environments. For this purpose it defines several so called Integration Profiles that specify the interactions and the interfaces (Transactions) between various healthcare systems (Actors) or entities. Security was considered also in few profiles that tackled the main security requirements, mainly authentication and audit trails. The security profiles of IHE currently suffer two drawbacks. First, they apply end point security methodology, which has been proven recently to be insufficient and cumbersome in distributed and heterogeneous environment. Second, the current security profiles for more complex security requirements are oversimplified, vague and do not consider architectural design. This recently changed to some extend e.g., with the introduction of newly published white papers regarding privacy [5] and access control [9]. In order to solve the first problem we utilize results of previous studies conducted in the area of security-aware IHE-based systems and the state-of-the-art Security-as-a-Service approach as a convenient methodology to group domain-wide security needs and overcome the end point security shortcomings.

USDOT guidance summary for connected vehicle pilot site deployments: security operational concept : final report.

DOT National Transportation Integrated Search

2016-07-01

This document provides guidance material in regards to security for the CV Pilots Deployment Concept Development Phase. An approach for developing the security operational concept is presented based on identifying the impacts of security breaches reg...

Avoiding the Water-Climate-Poverty Trap: Adaptive Risk Management for Bangladesh's Coastal Embankments

NASA Astrophysics Data System (ADS)

Hall, J. W.

2015-12-01

Our recent research on water security (Sadoff et al., 2015, Dadson et al., 2015) has revealed the dynamic relationship between water security and human well-being. A version of this dynamic is materialising in the coastal polder areas of Khulna, Bangladesh. Repeated coastal floods increase salinity, wipe out agricultural yields for several years and increase out-migration. As a tool to help inform and target future cycles of investment in improvements to the coastal embankments, in this paper we propose a dynamical model of biophysical processes and human well-being, which downscales our previous research to the Khulna region. State variables in the model include agricultural production, population, life expectancy and child mortality. Possible infrastructure interventions include embankment improvements, groundwater wells and drainage infrastructure. Hazard factors include flooding, salinization and drinking water pollution. Our system model can be used to inform adaptation decision making by testing the dynamical response of the system to a range of possible policy interventions, under uncertain future conditions. The analysis is intended to target investment and enable adaptive resource reallocation based on learning about the system response to interventions over the seven years of our research programme. The methodology and paper will demonstrate the complex interplay of factors that determine system vulnerability to climate change. The role of climate change uncertainties (in terms of mean sea level rise and storm surge frequency) will be evaluated alongside multiple other uncertain factors that determine system response. Adaptive management in a 'learning system' will be promoted as a mechanism for coping with climate uncertainties. References:Dadson, S., Hall, J.W., Garrick, D., Sadoff, C. and Grey, D. Water security, risk and economic growth: lessons from a dynamical systems model, Global Environmental Change, in review.Sadoff, C.W., Hall, J.W., Grey, D., Aerts, J.C.J.H., Ait-Kadi, M., Brown, C., Cox, A., Dadson, S., Garrick, D., Kelman, J., McCornick, P., Ringler, C., Rosegrant, M., Whittington, D. and Wiberg, D. Securing Water, Sustaining Growth: Report of the GWP/OECD Task Force on Water Security and Sustainable Growth, University of Oxford, April 2015, 180pp.

Network Security via Biometric Recognition of Patterns of Gene Expression

NASA Technical Reports Server (NTRS)

Shaw, Harry C.

2016-01-01

Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

Network Security via Biometric Recognition of Patterns of Gene Expression

NASA Technical Reports Server (NTRS)

Shaw, Harry C.

2016-01-01

Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

Dynamic adaptive learning for decision-making supporting systems

NASA Astrophysics Data System (ADS)

He, Haibo; Cao, Yuan; Chen, Sheng; Desai, Sachi; Hohil, Myron E.

2008-03-01

This paper proposes a novel adaptive learning method for data mining in support of decision-making systems. Due to the inherent characteristics of information ambiguity/uncertainty, high dimensionality and noisy in many homeland security and defense applications, such as surveillances, monitoring, net-centric battlefield, and others, it is critical to develop autonomous learning methods to efficiently learn useful information from raw data to help the decision making process. The proposed method is based on a dynamic learning principle in the feature spaces. Generally speaking, conventional approaches of learning from high dimensional data sets include various feature extraction (principal component analysis, wavelet transform, and others) and feature selection (embedded approach, wrapper approach, filter approach, and others) methods. However, very limited understandings of adaptive learning from different feature spaces have been achieved. We propose an integrative approach that takes advantages of feature selection and hypothesis ensemble techniques to achieve our goal. Based on the training data distributions, a feature score function is used to provide a measurement of the importance of different features for learning purpose. Then multiple hypotheses are iteratively developed in different feature spaces according to their learning capabilities. Unlike the pre-set iteration steps in many of the existing ensemble learning approaches, such as adaptive boosting (AdaBoost) method, the iterative learning process will automatically stop when the intelligent system can not provide a better understanding than a random guess in that particular subset of feature spaces. Finally, a voting algorithm is used to combine all the decisions from different hypotheses to provide the final prediction results. Simulation analyses of the proposed method on classification of different US military aircraft databases show the effectiveness of this method.

Critical Rare Earths, National Security, and U.S.-China Interactions: A Portfolio Approach to Dysprosium Policy Design

DTIC Science & Technology

2015-01-01

by the graduate fellow’s faculty committee. C O R P O R A T I O N Dissertation Critical Rare Earths, National Security, and U.S.-China Interactions A...Portfolio Approach to Dysprosium Policy Design David L. An Dissertation Critical Rare Earths, National Security, and U.S.-China Interactions A...Permanent Magnet ................................................ xxiv Dysprosium, the Most Critical Rare Earth

Assessment of the Activation State of RAS and Map Kinase in Human Breast Cancer Specimens (96Breast)

DTIC Science & Technology

1999-09-01

Cancer 16. PRICE CODE 17. SECURITY CLASSIFICATION 18 . SECURITY CLASSIFICATION 19. SECURITY CLASSIFICATION 20. LIMITATION OF ABSTRACT OF REPORT OF...THIS PAGE OF ABSTRACT Unclassified Unclassified Unclassified Unlimited NSN 7640-01-280-5500 Standard Form 298 (Rev. 2-89) Prescribed by ANSI Std. Z39- 18 ...transformation and regulate cell morphology, adhesion and motility through cytoskeletal dynamics and play an important role in carcinogenesis ( 18 ). Rho

State-to-State Thermal/Hyperthermal Collision Dynamics of Atmospheric Species

DTIC Science & Technology

2012-02-28

kinetics 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT 18 . SECURITY CLASSIFICATION OF THIS PAGE 19. SECURITY CLASSIFICATION...OF ABSTRACT 20. LIMITATION OF ABSTRACT NSN 7540-01-280-5500 Standard Form 298 (Rev. 2-89) Prescribed by ANSI Std. Z39- 18 298-102 AFRL...populations, though colder, are also highly excited in a non-Boltzmann distribution, [ Erot  =1.0(1) kcal/mol], which indicates that a substantial fraction

Soliton Dynamics of an Atomic Spinor Condensate on a Ring Lattice

DTIC Science & Technology

2013-02-22

REPORT Soliton dynamics of an atomic spinor condensate on a Ring Lattice 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: We study the dynamics of...8/98) Prescribed by ANSI Std. Z39.18 - Soliton dynamics of an atomic spinor condensate on a Ring Lattice Report Title ABSTRACT We study the dynamics...Report Number Soliton dynamics of an atomic spinor condensat Block 13: Supplementary Note © 2013 . Published in Physical Review A (accepted), Vol. Ed

Securely Measuring the Overlap between Private Datasets with Cryptosets

PubMed Central

Swamidass, S. Joshua; Matlock, Matthew; Rozenblit, Leon

2015-01-01

Many scientific questions are best approached by sharing data—collected by different groups or across large collaborative networks—into a combined analysis. Unfortunately, some of the most interesting and powerful datasets—like health records, genetic data, and drug discovery data—cannot be freely shared because they contain sensitive information. In many situations, knowing if private datasets overlap determines if it is worthwhile to navigate the institutional, ethical, and legal barriers that govern access to sensitive, private data. We report the first method of publicly measuring the overlap between private datasets that is secure under a malicious model without relying on private protocols or message passing. This method uses a publicly shareable summary of a dataset’s contents, its cryptoset, to estimate its overlap with other datasets. Cryptosets approach “information-theoretic” security, the strongest type of security possible in cryptography, which is not even crackable with infinite computing power. We empirically and theoretically assess both the accuracy of these estimates and the security of the approach, demonstrating that cryptosets are informative, with a stable accuracy, and secure. PMID:25714898

A systematic approach for analysis and design of secure health information systems.

PubMed

Blobel, B; Roger-France, F

2001-06-01

A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

Protection performance evaluation regarding imaging sensors hardened against laser dazzling

NASA Astrophysics Data System (ADS)

Ritt, Gunnar; Koerber, Michael; Forster, Daniel; Eberle, Bernd

2015-05-01

Electro-optical imaging sensors are widely distributed and used for many different purposes, including civil security and military operations. However, laser irradiation can easily disturb their operational capability. Thus, an adequate protection mechanism for electro-optical sensors against dazzling and damaging is highly desirable. Different protection technologies exist now, but none of them satisfies the operational requirements without any constraints. In order to evaluate the performance of various laser protection measures, we present two different approaches based on triangle orientation discrimination on the one hand and structural similarity on the other hand. For both approaches, image analysis algorithms are applied to images taken of a standard test scene with triangular test patterns which is superimposed by dazzling laser light of various irradiance levels. The evaluation methods are applied to three different sensors: a standard complementary metal oxide semiconductor camera, a high dynamic range camera with a nonlinear response curve, and a sensor hardened against laser dazzling.

Maritime security report. May 2000 [Organization of American States Tactical Advisory Group on Port Security

DOT National Transportation Integrated Search

2000-05-01

The member countries of the Organization of American States (OAS) have recognized that a coordinated multilateral approach to improving port security in the Western Hemisphere is needed and has established a Technical Advisory Group on Port Security ...

Dynamic Virtual Credit Card Numbers

NASA Astrophysics Data System (ADS)

Molloy, Ian; Li, Jiangtao; Li, Ninghui

Theft of stored credit card information is an increasing threat to e-commerce. We propose a dynamic virtual credit card number scheme that reduces the damage caused by stolen credit card numbers. A user can use an existing credit card account to generate multiple virtual credit card numbers that are either usable for a single transaction or are tied with a particular merchant. We call the scheme dynamic because the virtual credit card numbers can be generated without online contact with the credit card issuers. These numbers can be processed without changing any of the infrastructure currently in place; the only changes will be at the end points, namely, the card users and the card issuers. We analyze the security requirements for dynamic virtual credit card numbers, discuss the design space, propose a scheme using HMAC, and prove its security under the assumption the underlying function is a PRF.

Advanced Polymer Network Structures

DTIC Science & Technology

2016-02-01

double networks in a single step was identified from coarse-grained molecular dynamics simulations of polymer solvents bearing rigid side chains dissolved...in a polymer network. Coarse-grained molecular dynamics simulations also explored the mechanical behavior of traditional double networks and...DRI), polymer networks, polymer gels, molecular dynamics simulations , double networks 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF

Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott Francis; Miller, Michael Conrad

Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fullymore » integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may lead to more proliferation resistant and physically secure design features for SMRs.« less

Transit Security Procedures Guide

DOT National Transportation Integrated Search

1994-12-01

To protect passenger, employees, revenue, and property, transit systems are encouraged to take a proactive, prevention-oriented systems approach to transit security. This guide is a compilation of materials for planning and improving transit security...

The European cooperative approach to securing critical information infrastructure.

PubMed

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

Failing States as Epidemiologic Risk Zones: Implications for Global Health Security.

PubMed

Hirschfeld, Katherine

Failed states commonly experience health and mortality crises that include outbreaks of infectious disease, violent conflict, reductions in life expectancy, and increased infant and maternal mortality. This article draws from recent research in political science, security studies, and international relations to explore how the process of state failure generates health declines and outbreaks of infectious disease. The key innovation of this model is a revised definition of "the state" as a geographically dynamic rather than static political space. This makes it easier to understand how phases of territorial contraction, collapse, and regeneration interrupt public health programs, destabilize the natural environment, reduce human security, and increase risks of epidemic infectious disease and other humanitarian crises. Better understanding of these dynamics will help international health agencies predict and prepare for future health and mortality crises created by failing states.

A Unified Approach to Information Security Compliance

ERIC Educational Resources Information Center

Adler, M. Peter

2006-01-01

The increased number of government-mandated and private contractual information security requirements in recent years has caused higher education security professionals to view information security as another aspect of regulatory or contractual compliance. The existence of fines, penalties, or loss (including bad publicity) has also increased the…

[Equity issues in health care reform in Argentina].

PubMed

Belmartino, Susana

2002-01-01

This article analyzes the historical and contemporary development of the Argentine health care system from the viewpoint of equity, a principle which is not explicitly mentioned in the system's founding documents. However, other values can be identified such as universal care, accessibility, and solidarity, which are closely related to equity. Nevertheless, the political dynamics characterizing the development of the country's health care system led to the suppression of more universalistic approaches, with group solidarity the only remaining principle providing structure to the system. The 1980s financial crisis highlighted the relative value of this principle as the basis for an equitable system. The authors illustrate the current situation with data on coverage under the medical social security system.

A Method of Synchrophasor Technology for Detecting and Analyzing Cyber-Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCann, Roy; Al-Sarray, Muthanna

Studying cybersecurity events and analyzing their impacts encourage planners and operators to develop innovative approaches for preventing attacks in order to avoid outages and other disruptions. This work considers two parts in security studies; detecting an integrity attack and examining its effects on power system generators. The detection was conducted through employing synchrophasor technology to provide authentication of ACG commands based on observed system operating characteristics. The examination of an attack is completed via a detailed simulation of a modified IEEE 68-bus benchmark model to show the associated power system dynamic response. The results of the simulation are discussed formore » assessing the impacts of cyber threats.« less

Small numbers, disclosure risk, security, and reliability issues in Web-based data query systems.

PubMed

Rudolph, Barbara A; Shah, Gulzar H; Love, Denise

2006-01-01

This article describes the process for developing consensus guidelines and tools for releasing public health data via the Web and highlights approaches leading agencies have taken to balance disclosure risk with public dissemination of reliable health statistics. An agency's choice of statistical methods for improving the reliability of released data for Web-based query systems is based upon a number of factors, including query system design (dynamic analysis vs preaggregated data and tables), population size, cell size, data use, and how data will be supplied to users. The article also describes those efforts that are necessary to reduce the risk of disclosure of an individual's protected health information.

Managing Complex IT Security Processes with Value Based Measures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

2009-01-01

Current trends indicate that IT security measures will need to greatly expand to counter the ever increasingly sophisticated, well-funded and/or economically motivated threat space. Traditional risk management approaches provide an effective method for guiding courses of action for assessment, and mitigation investments. However, such approaches no matter how popular demand very detailed knowledge about the IT security domain and the enterprise/cyber architectural context. Typically, the critical nature and/or high stakes require careful consideration and adaptation of a balanced approach that provides reliable and consistent methods for rating vulnerabilities. As reported in earlier works, the Cyberspace Security Econometrics System provides amore » comprehensive measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. This paper advocates a dependability measure that acknowledges the aggregate structure of complex system specifications, and accounts for variations by stakeholder, by specification components, and by verification and validation impact.« less

A life-cycle approach to food and nutrition security in India.

PubMed

Rai, Rajesh Kumar; Kumar, Sandhya; Sekher, Madhushree; Pritchard, Bill; Rammohan, Anu

2015-04-01

India's poor performance on critical food and nutrition security indicators despite substantial economic prosperity has been widely documented. These failings not only hamper national progress, but also contribute significantly to the global undernourished population, particularly children. While the recently passed National Food Security Act 2013 adopts a life-cycle approach to expand coverage of subsidized food grains to the most vulnerable households and address food security, there remains much to be desired in the legislation. Access to adequate food for 1.24 billion people is a multifaceted problem requiring an interconnected set of policy measures to tackle the various factors affecting food and nutrition security in India. In the present opinion paper, we discuss a fivefold strategy that incorporates a life-cycle approach, spanning reproductive health, bolstering citizen participation in existing national programmes, empowering women, advancing agriculture and better monitoring the Public Distribution System in order to fill the gaps in both access and adequacy of food and nutrition.

A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

NASA Astrophysics Data System (ADS)

Hassan, Ahmed A.; Bahgat, Waleed M.

2010-01-01

Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

POLICY VARIATION, LABOR SUPPLY ELASTICITIES, AND A STRUCTURAL MODEL OF RETIREMENT

PubMed Central

MANOLI, DAY; MULLEN, KATHLEEN J.; WAGNER, MATHIS

2015-01-01

This paper exploits a combination of policy variation from multiple pension reforms in Austria and administrative data from the Austrian Social Security Database. Using the policy changes for identification, we estimate social security wealth and accrual elasticities in individuals’ retirement decisions. Next, we use these elasticities to estimate a dynamic programming model of retirement decisions. Finally, we use the estimated model to examine the labor supply and welfare consequences of potential social security reforms. PMID:26472916

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

DTIC Science & Technology

2007-01-15

it can detect specifically proscribed content changes to critical files (e.g., illegal shells inserted into /etc/ passwd ). Fourth, it can detect the...UNIX password management involves a pair of inter-related files (/etc/ passwd and /etc/shadow). The corresponding access patterns seen at the storage...content integrity verification is utilized. As a concrete example, consider a UNIX system password file (/etc/ passwd ), which consists of a set of well

School Security Assessment Programme in Australia

ERIC Educational Resources Information Center

Marrapodi, John

2007-01-01

This article describes a successful security risk management programme in Australia. The state-wide programme follows a structured risk management approach focusing on the safety and security of people, information, provision, and assets in the school environment. To assist school principals, a Security Risk Assessment Programme was developed on a…

Women's Marginalization, Economic Flows, and Environmental Flows: A Classroom Approach.

ERIC Educational Resources Information Center

O'Lear, Shannon

1999-01-01

Discusses environmental security, focusing on the meaning of "security." Defines the global economy as a process in which the security of groups is sought, maintained, or threatened. Illustrates connections among environmental security, the global economy, and abuse of women and children in less economically developed places,…

Information-Flow-Based Access Control for Web Browsers

NASA Astrophysics Data System (ADS)

Yoshihama, Sachiko; Tateishi, Takaaki; Tabuchi, Naoshi; Matsumoto, Tsutomu

The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

PubMed

Somasundaram, M; Sivakumar, R

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

Security technology: the shaping of research strategy--a holistic approach (Invited Paper)

NASA Astrophysics Data System (ADS)

Fisher, Neil

2005-05-01

Since the terrible events of 11 Sep 2001 the response to security vulnerabilities has been to throw "Guns, Gates and Guards" at the problem. Three years later and it is clear that, although this may have had a short-term effect, it is unsustainable and unaffordable in the long term. The war on terrorism is going to be fought for a very long time. Defending against terrorism and enhancing the resilience and robustness of society and its processes now requires constant vigilance. Only technology can provide that vigilance at an efficiency that can provide certainty of detection and fast response. A technology led approach, integrating with people and their processes calls for innovation and a new generation of technology that fuses the physical world with the logical world. This approach is measurable in terms of capability and investment, in the way that the previous Newtonian security approach of cause and effect is not. This paper will address this new security environment and the different approach that R&D has to take to ensure that life and Democracy thrive and terrorism is defeated.

One health security: an important component of the global health security agenda.

PubMed

Gronvall, Gigi; Boddie, Crystal; Knutsson, Rickard; Colby, Michelle

2014-01-01

The objectives of the Global Health Security Agenda (GHSA) will require not only a "One Health" approach to counter natural disease threats against humans, animals, and the environment, but also a security focus to counter deliberate threats to human, animal, and agricultural health and to nations' economies. We have termed this merged approach "One Health Security." It will require the integration of professionals with expertise in security, law enforcement, and intelligence to join the veterinary, agricultural, environmental, and human health experts essential to One Health and the GHSA. Working across such different professions, which occasionally have conflicting aims and different professional cultures, poses multiple challenges, but a multidisciplinary and multisectoral approach is necessary to prevent disease threats; detect them as early as possible (when responses are likely to be most effective); and, in the case of deliberate threats, find who may be responsible. This article describes 2 project areas that exemplify One Health Security that were presented at a workshop in January 2014: the US government and private industry efforts to reduce vulnerabilities to foreign animal diseases, especially foot-and-mouth disease; and AniBioThreat, an EU project to counter deliberate threats to agriculture by raising awareness and implementing prevention and response policies and practices.

An approach to quality and security of supply for single-use bioreactors.

PubMed

Barbaroux, Magali; Gerighausen, Susanne; Hackel, Heiko

2014-01-01

Single-use systems (also referred to as disposables) have become a huge part of the bioprocessing industry, which raised concern in the industry regarding quality and security of supply. Processes must be in place to assure the supply and control of outsourced activities and quality of purchased materials along the product life cycle. Quality and security of supply for single-use bioreactors (SUBs) are based on a multidisciplinary approach. Developing a state-of-the-art SUB-system based on quality by design (QbD) principles requires broad expertise and know-how including the cell culture application, polymer chemistry, regulatory requirements, and a deep understanding of the biopharmaceutical industry. Using standardized products reduces the complexity and strengthens the robustness of the supply chain. Well-established supplier relations including risk mitigation strategies are the basis for achieving long-term security of supply. Well-developed quality systems including change control approaches aligned with the requirements of the biopharmaceutical industry are a key factor in supporting long-term product availability. This chapter outlines the approach to security of supply for key materials used in single-use production processes for biopharmaceuticals from a supplier perspective.

Closing Italian Forensic Psychiatry Hospitals in Favor of Treating Insanity Acquittees in the Community.

PubMed

Carabellese, Felice; Felthous, Alan R

2016-03-01

Originally a hedge against the death penalty, the insanity defense came to offer hospitalization as an alternative to imprisonment. In the late 19th century Italy opened inpatient services first for mentally ill prisoners and then for offenders found not guilty by reason of insanity. Within the past decade, a series of decrees has resulted in transferring the responsibility for treating NGRI acquittees and "dangerous" mentally ill prisoners from the Department of Justice to the Department of Health, and their treatment from Italy's high security forensic psychiatric hospitals (OPGs) to community regional facilities (REMSs, Residences for the Execution of Security Measures), community mental health facilities, one of which is located in each region of Italy. Today community REMSs provide the treatment and management of socially dangerous offenders. The dynamic evolution of Italy's progressive mental health system for insanity acquittees, to our knowledge the most libertarian, community oriented approach of any country, is retraced. Discussion includes cautionary concerns as well as potential opportunities for improvements in mental health services. Copyright © 2016 John Wiley & Sons, Ltd. Copyright © 2016 John Wiley & Sons, Ltd.

An overview of the DII-HEP OpenStack based CMS data analysis

NASA Astrophysics Data System (ADS)

Osmani, L.; Tarkoma, S.; Eerola, P.; Komu, M.; Kortelainen, M. J.; Kraemer, O.; Lindén, T.; Toor, S.; White, J.

2015-05-01

An OpenStack based private cloud with the Cluster File System has been built and used with both CMS analysis and Monte Carlo simulation jobs in the Datacenter Indirection Infrastructure for Secure High Energy Physics (DII-HEP) project. On the cloud we run the ARC middleware that allows running CMS applications without changes on the job submission side. Our test results indicate that the adopted approach provides a scalable and resilient solution for managing resources without compromising on performance and high availability. To manage the virtual machines (VM) dynamically in an elastic fasion, we are testing the EMI authorization service (Argus) and the Execution Environment Service (Argus-EES). An OpenStackplugin has been developed for Argus-EES. The Host Identity Protocol (HIP) has been designed for mobile networks and it provides a secure method for IP multihoming. HIP separates the end-point identifier and locator role for IP address which increases the network availability for the applications. Our solution leverages HIP for traffic management. This presentation gives an update on the status of the work and our lessons learned in creating an OpenStackbased cloud for HEP.

A framework for modelling the complexities of food and water security under globalisation

NASA Astrophysics Data System (ADS)

Dermody, Brian J.; Sivapalan, Murugesu; Stehfest, Elke; van Vuuren, Detlef P.; Wassen, Martin J.; Bierkens, Marc F. P.; Dekker, Stefan C.

2018-01-01

We present a new framework for modelling the complexities of food and water security under globalisation. The framework sets out a method to capture regional and sectoral interdependencies and cross-scale feedbacks within the global food system that contribute to emergent water use patterns. The framework integrates aspects of existing models and approaches in the fields of hydrology and integrated assessment modelling. The core of the framework is a multi-agent network of city agents connected by infrastructural trade networks. Agents receive socio-economic and environmental constraint information from integrated assessment models and hydrological models respectively and simulate complex, socio-environmental dynamics that operate within those constraints. The emergent changes in food and water resources are aggregated and fed back to the original models with minimal modification of the structure of those models. It is our conviction that the framework presented can form the basis for a new wave of decision tools that capture complex socio-environmental change within our globalised world. In doing so they will contribute to illuminating pathways towards a sustainable future for humans, ecosystems and the water they share.

Kinetics of Materials at Extreme Conditions: Understanding the Time Dependent Approach to Equilibrium at MaRIE

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kraus, R. G.; Mcnabb, D.; Kumar, M.

The National Nuclear Security Agency has recently recognized that a long-term need exists to establish a stronger scientific basis for the assessment and qualification of materials and manufacturing processes for the nuclear stockpile and other national security applications. These materials may have undergone substantial changes with age, or may represent new materials that are being introduced because of difficulties associated with reusing or recreating materials used in original stockpile components. Also, with advancements in manufacturing methods, the NNSA anticipates opportunities for an enhanced range of control over fabricated components, an enhanced pace of materials development, and enhanced functionality. The developmentmore » of qualification standards for these new materials will require the ability to understand and control material characteristics that affect both mechanical and dynamic performance. A unique aspect for NNSA is that the performance requirements for materials are often set by system hydrodynamics, and these materials must perform in extreme environments and loading conditions. Thus, the scientific motivation is to understand “Matter-Radiation Interactions in Extremes (MaRIE).”« less

System and method for key generation in security tokens

DOE Office of Scientific and Technical Information (OSTI.GOV)

Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

An enhanced performance through agent-based secure approach for mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Bisen, Dhananjay; Sharma, Sanjeev

2018-01-01

This paper proposes an agent-based secure enhanced performance approach (AB-SEP) for mobile ad hoc network. In this approach, agent nodes are selected through optimal node reliability as a factor. This factor is calculated on the basis of node performance features such as degree difference, normalised distance value, energy level, mobility and optimal hello interval of node. After selection of agent nodes, a procedure of malicious behaviour detection is performed using fuzzy-based secure architecture (FBSA). To evaluate the performance of the proposed approach, comparative analysis is done with conventional schemes using performance parameters such as packet delivery ratio, throughput, total packet forwarding, network overhead, end-to-end delay and percentage of malicious detection.

SSL/TLS Vulnerability Detection Using Black Box Approach

NASA Astrophysics Data System (ADS)

Gunawan, D.; Sitorus, E. H.; Rahmat, R. F.; Hizriadi, A.

2018-03-01

Socket Secure Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide data encryption to secure the communication over a network. However, in some cases, there are vulnerability found in the implementation of SSL/TLS because of weak cipher key, certificate validation error or session handling error. One of the most vulnerable SSL/TLS bugs is heartbleed. As the security is essential in data communication, this research aims to build a scanner that detect the SSL/TLS vulnerability by using black box approach. This research will focus on heartbleed case. In addition, this research also gathers information about existing SSL in the server. The black box approach is used to test the output of a system without knowing the process inside the system itself. For testing purpose, this research scanned websites and found that some of the websites still have SSL/TLS vulnerability. Thus, the black box approach can be used to detect the vulnerability without considering the source code and the process inside the application.

Unsafe Gods: Security, Secularism and Schooling

ERIC Educational Resources Information Center

Davies, Lynn

2014-01-01

This book makes the compelling argument that religion can be complicit in conflict and that a new secularism is vital to foster security. Using insights from complexity science, it shows how dynamic secularism can be used to accommodate diverse faiths and beliefs within worldly politics. Exploration of the interplay of religion and education in…

An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.

PubMed

Chen, Hung-Ming; Lo, Jung-Wen; Yeh, Chang-Kuo

2012-12-01

The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

Secure and Cost-Effective Distributed Aggregation for Mobile Sensor Networks

PubMed Central

Guo, Kehua; Zhang, Ping; Ma, Jianhua

2016-01-01

Secure data aggregation (SDA) schemes are widely used in distributed applications, such as mobile sensor networks, to reduce communication cost, prolong the network life cycle and provide security. However, most SDA are only suited for a single type of statistics (i.e., summation-based or comparison-based statistics) and are not applicable to obtaining multiple statistic results. Most SDA are also inefficient for dynamic networks. This paper presents multi-functional secure data aggregation (MFSDA), in which the mapping step and coding step are introduced to provide value-preserving and order-preserving and, later, to enable arbitrary statistics support in the same query. MFSDA is suited for dynamic networks because these active nodes can be counted directly from aggregation data. The proposed scheme is tolerant to many types of attacks. The network load of the proposed scheme is balanced, and no significant bottleneck exists. The MFSDA includes two versions: MFSDA-I and MFSDA-II. The first one can obtain accurate results, while the second one is a more generalized version that can significantly reduce network traffic at the expense of less accuracy loss. PMID:27120599

Wireless physical layer security

NASA Astrophysics Data System (ADS)

Poor, H. Vincent; Schaefer, Rafael F.

2017-01-01

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

Wireless physical layer security.

PubMed

Poor, H Vincent; Schaefer, Rafael F

2017-01-03

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments.

An Ontology Based Approach to Information Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The semantically structure of knowledge, based on ontology approaches have been increasingly adopted by several expertise from diverse domains. Recently ontologies have been moved from the philosophical and metaphysics disciplines to be used in the construction of models to describe a specific theory of a domain. The development and the use of ontologies promote the creation of a unique standard to represent concepts within a specific knowledge domain. In the scope of information security systems the use of an ontology to formalize and represent the concepts of security information challenge the mechanisms and techniques currently used. This paper intends to present a conceptual implementation model of an ontology defined in the security domain. The model presented contains the semantic concepts based on the information security standard ISO/IEC_JTC1, and their relationships to other concepts, defined in a subset of the information security domain.

Wireless physical layer security

PubMed Central

Schaefer, Rafael F.

2017-01-01

Security in wireless networks has traditionally been considered to be an issue to be addressed separately from the physical radio transmission aspects of wireless systems. However, with the emergence of new networking architectures that are not amenable to traditional methods of secure communication such as data encryption, there has been an increase in interest in the potential of the physical properties of the radio channel itself to provide communications security. Information theory provides a natural framework for the study of this issue, and there has been considerable recent research devoted to using this framework to develop a greater understanding of the fundamental ability of the so-called physical layer to provide security in wireless networks. Moreover, this approach is also suggestive in many cases of coding techniques that can approach fundamental limits in practice and of techniques for other security tasks such as authentication. This paper provides an overview of these developments. PMID:28028211

Fuelling Insecurity? Sino-Myanmar Energy Cooperation and Human Security in Myanmar

NASA Astrophysics Data System (ADS)

Botel, Gabriel

This thesis examines the relationship between energy, development and human security in Sino-Myanmar relations. Rapid economic growth and increased urbanisation have intensified China's industrial and domestic energy consumption, drastically increasing demand and overwhelming national supply capacities. Chinese foreign policy has responded by becoming more active in securing and protecting foreign energy resources and allowing Chinese companies more freedom and opportunities for investment abroad. Consequently, Chinese foreign investment and policies have become increasing sources of scrutiny and debate, typically focusing on their (presumed) intentions and the social, economic, environmental and political impacts they have on the rest of the world. Within this debate, a key issue has been China's engagement with so-called pariah states. China has frequently received substantial international criticism for its unconditional engagement with such countries, often seen as a geopolitical pursuit of strategic national (energy) interests, unconcerned with international opprobrium. In the case of Myanmar, traditional security analyses interpret this as, at best, undermining (Western) international norms and, at worst, posing a direct challenge to international security. However, traditional security analyses rely on state-centric concepts of security, and tend to over-simply Sino-Myanmar relations and the dynamics which inform it. Conversely, implications for human security are overlooked; this is in part because human security remains poorly defined and also because there are questions regarding its utility. However, human security is a critical tool in delineating between state, corporate and 'civilian' interests, and how these cleavages shape the security environment and potential for instability in the region. This thesis takes a closer look at some of the entrenched and changing security dynamics shaping this Sino-Myanmar energy cooperation, drawing on an extensive literature in human security rarely applied in this context. This includes a brief review of human security and Sino-Myanmar relations, and is grounded in an empirical analysis of Chinese investment in Myanmar's hydropower and oil and gas sectors. Ultimately, this thesis argues that, while insightful, many traditional interpretations of Sino-Myanmar energy cooperation overlook the security interests of those worst affected. Furthermore, that the worst excesses of Chinese companies in Myanmar are not unique to China, but common across all investors in the regime, Western or otherwise.

Autonomic Intelligent Cyber Sensor to Support Industrial Control Network Awareness

DOE PAGES

Vollmer, Todd; Manic, Milos; Linda, Ondrej

2013-06-01

The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of Autonomic computing and a SOAP based IF-MAP external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, self-managed framework. The contribution of this paper is two-fold: 1) A flexible two level communication layer based on Autonomic computing and Service Oriented Architecture is detailed and 2) Three complementary modules that dynamically reconfiguremore » in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific Operating System and port configurations. Additionally the anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.« less

The Caspian Sea regionalism in a globalized world: Energy security and regional trajectories of Azerbaijan and Iran

NASA Astrophysics Data System (ADS)

Hedjazi, Babak

2007-12-01

This dissertation is fundamentally about the formation of new regional spaces in Central Eurasia viewed from a dynamic, comparative and historical approach. Analyzing the global-local economic and political interactions and their consequences on resource rich countries of the Caspian Sea enable us to reframe security as a central element of the new global order. In this respect, the dissertation examines how two particular states, Azerbaijan and Iran, respond to the changing global security environment and optimize their capacity to absorb or control change. Here, security as I conceive is multidimensional and engages various social, political and economic domains. My research is articulated along three hypotheses regarding the formation of a new regional space and its consequences on territorial polarization and interstate rivalry. These hypotheses, respectively and cumulatively, elucidate global and domestic contexts of regional space formation, regional strategic and discursive trajectories, and regional tensions of global/local interactions. In order to empirically test these hypotheses, a series of thirty interviews were conducted by the author with local and foreign business representatives, civilian and government representatives, and corroborated by economic data collected from the International Energy Agency. The findings of the research validate the primary assumption of the dissertation that Azerbaijan and Iran have chosen the regional scale to address discrepancies between their aspired place in the new world order and the reality of their power and international status. Extending the argument for structural scarcity of oil towards contenders, this dissertation concludes that the Caspian oil has become a fundamental element of the regional discourse. The mismatch between the rhetoric of sovereign rights and energy security on one side and the reality of regional countries' powerlessness and their need to reach international markets on the other side are fundamental focal points of divergent regional trajectories of Azerbaijan and Iran. Divergent readings of energy security and its provision by Azerbaijan and Iran on the one hand, and how energy security is interpreted and incorporated in institutionalized regulation and new regimes of governance by consumer countries on the other hand, shape the new configuration of the Caspian Sea regionalism.

National Aviation Security Policy, Strategy, and Mode-Specific Plans: Background and Considerations for Congress

DTIC Science & Technology

2009-02-02

aviation security . The approach to aviation security was largely shaped by past events, such as the bombing of Pan Am flight 103 in December 1988, rather...community. Following the September 11, 2001, attacks, U.S. aviation security policy and strategy was closely linked to the changes called for in the...have been considered security sensitive thus limiting public discourse on the DHS strategy for aviation security . However, in June 2006 President

46 CFR 56.20-1 - General.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., and II-L systems receiving ship motion dynamic analysis and nondestructive examination. For Class I, I-L, or II-L systems not receiving ship motion dynamic analysis and nondestructive examination under..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PIPING SYSTEMS AND APPURTENANCES Valves § 56...

Keystroke dynamics in the pre-touchscreen era

PubMed Central

Ahmad, Nasir; Szymkowiak, Andrea; Campbell, Paul A.

2013-01-01

Biometric authentication seeks to measure an individual’s unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individuals’ typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts. PMID:24391568

Nuclear structure and dynamics with density functional theory

NASA Astrophysics Data System (ADS)

Stetcu, Ionel

2015-10-01

Even in the absence of ab initio methods capable of tackling heavy nuclei without restrictions, one can obtain an ab initio description of ground-state properties by means of the density functional theory (DFT), and its extension to superfluid systems in its local variant, the superfluid local density approximation (SLDA). Information about the properties of excited states can be obtained in the same framework by using an extension to the time-dependent (TD) phenomena. Unlike other approaches in which the nuclear structure information is used as a separate input into reaction models, the TD approach treats on the same footing the nuclear structure and dynamics, and is well suited to provide more reliable description for a large number of processes involving heavy nuclei, from the nuclear response to electroweak probes, to nuclear reactions, such as neutron-induced reactions, or nuclear fusion and fission. Such processes, sometimes part of integrated nuclear systems, have important applications in astrophysics, energy production, global security, etc. In this talk, I will present the simulation of a simple reaction, that is the Coulomb excitation of a 238U nucleus, and discuss the application of the TD-DFT formalism to the description of induced fission. I gratefully acknowledge partial support of the U.S. Department of Energy through an Early Career Award of the LANL/LDRD Program.

Keystroke dynamics in the pre-touchscreen era.

PubMed

Ahmad, Nasir; Szymkowiak, Andrea; Campbell, Paul A

2013-12-19

Biometric authentication seeks to measure an individual's unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individuals' typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts.

Testing an online, dynamic consent portal for large population biobank research.

PubMed

Thiel, Daniel B; Platt, Jodyn; Platt, Tevah; King, Susan B; Fisher, Nicole; Shelton, Robert; Kardia, Sharon L R

2015-01-01

Michigan's BioTrust for Health, a public health research biobank comprised of residual dried bloodspot (DBS) cards from newborn screening contains over 4 million samples collected without written consent. Participant-centric initiatives are IT tools that hold great promise to address the consent challenges in biobank research. Working with Private Access Inc., a pioneer in patient-centric web solutions, we created and pilot tested a dynamic informed consent simulation, paired with an educational website, focusing on consent for research utilizing DBSs in Michigan's BioTrust for Health. Out of 187 pilot testers recruited in 2 groups, 137 completed the consent simulation and exit survey. Over 50% indicated their willingness to set up an account if the simulation went live and to recommend it to others. Participants raised concerns about the process of identity verification and appeared to have little experience with sharing health information online. Applying online, dynamic approaches to address the consent challenges raised by biobanks with legacy sample collections should be explored, given the positive reaction to our pilot test and the strong preference for active consent. Balancing security and privacy with accessibility and ease of use will continue to be a challenge. © 2014 S. Karger AG, Basel.

Integrating System Dynamics and Bayesian Networks with Application to Counter-IED Scenarios

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jarman, Kenneth D.; Brothers, Alan J.; Whitney, Paul D.

2010-06-06

The practice of choosing a single modeling paradigm for predictive analysis can limit the scope and relevance of predictions and their utility to decision-making processes. Considering multiple modeling methods simultaneously may improve this situation, but a better solution provides a framework for directly integrating different, potentially complementary modeling paradigms to enable more comprehensive modeling and predictions, and thus better-informed decisions. The primary challenges of this kind of model integration are to bridge language and conceptual gaps between modeling paradigms, and to determine whether natural and useful linkages can be made in a formal mathematical manner. To address these challenges inmore » the context of two specific modeling paradigms, we explore mathematical and computational options for linking System Dynamics (SD) and Bayesian network (BN) models and incorporating data into the integrated models. We demonstrate that integrated SD/BN models can naturally be described as either state space equations or Dynamic Bayes Nets, which enables the use of many existing computational methods for simulation and data integration. To demonstrate, we apply our model integration approach to techno-social models of insurgent-led attacks and security force counter-measures centered on improvised explosive devices.« less

Review of July 2013 Nuclear Security Insider Threat Exercise November 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pederson, Ann C.; Snow, Catherine L.; Townsend, Jeremy

2013-11-01

This document is a review of the Nuclear Security Insider Threat Exercise which was hosted at ORNL in July 2013. Nuclear security culture and the insider threat are best learned through experience. Culture is inherently difficult to teach, and as such is best learned through modeled behaviors and learning exercise. This TTX, NSITE, is a tool that strives to aid students in learning what an effective (and ineffective) nuclear security culture might look like by simulating dynamic events that strengthen or weaken the nuclear security regime. The goals of NSITE are to stimulate complex thought and discussion and assist decisionmore » makers and management in determining the most effective policies and procedures for their country or facility.« less

A Hybrid Approach to Protect Palmprint Templates

PubMed Central

Sun, Dongmei; Xiong, Ke; Qiu, Zhengding

2014-01-01

Biometric template protection is indispensable to protect personal privacy in large-scale deployment of biometric systems. Accuracy, changeability, and security are three critical requirements for template protection algorithms. However, existing template protection algorithms cannot satisfy all these requirements well. In this paper, we propose a hybrid approach that combines random projection and fuzzy vault to improve the performances at these three points. Heterogeneous space is designed for combining random projection and fuzzy vault properly in the hybrid scheme. New chaff point generation method is also proposed to enhance the security of the heterogeneous vault. Theoretical analyses of proposed hybrid approach in terms of accuracy, changeability, and security are given in this paper. Palmprint database based experimental results well support the theoretical analyses and demonstrate the effectiveness of proposed hybrid approach. PMID:24982977

A hybrid approach to protect palmprint templates.

PubMed

Liu, Hailun; Sun, Dongmei; Xiong, Ke; Qiu, Zhengding

2014-01-01

Biometric template protection is indispensable to protect personal privacy in large-scale deployment of biometric systems. Accuracy, changeability, and security are three critical requirements for template protection algorithms. However, existing template protection algorithms cannot satisfy all these requirements well. In this paper, we propose a hybrid approach that combines random projection and fuzzy vault to improve the performances at these three points. Heterogeneous space is designed for combining random projection and fuzzy vault properly in the hybrid scheme. New chaff point generation method is also proposed to enhance the security of the heterogeneous vault. Theoretical analyses of proposed hybrid approach in terms of accuracy, changeability, and security are given in this paper. Palmprint database based experimental results well support the theoretical analyses and demonstrate the effectiveness of proposed hybrid approach.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

PubMed Central

Somasundaram, M.; Sivakumar, R.

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

What are we assessing when we measure food security? A compendium and review of current metrics.

PubMed

Jones, Andrew D; Ngure, Francis M; Pelto, Gretel; Young, Sera L

2013-09-01

The appropriate measurement of food security is critical for targeting food and economic aid; supporting early famine warning and global monitoring systems; evaluating nutrition, health, and development programs; and informing government policy across many sectors. This important work is complicated by the multiple approaches and tools for assessing food security. In response, we have prepared a compendium and review of food security assessment tools in which we review issues of terminology, measurement, and validation. We begin by describing the evolving definition of food security and use this discussion to frame a review of the current landscape of measurement tools available for assessing food security. We critically assess the purpose/s of these tools, the domains of food security assessed by each, the conceptualizations of food security that underpin each metric, as well as the approaches that have been used to validate these metrics. Specifically, we describe measurement tools that 1) provide national-level estimates of food security, 2) inform global monitoring and early warning systems, 3) assess household food access and acquisition, and 4) measure food consumption and utilization. After describing a number of outstanding measurement challenges that might be addressed in future research, we conclude by offering suggestions to guide the selection of appropriate food security metrics.

What Are We Assessing When We Measure Food Security? A Compendium and Review of Current Metrics12

PubMed Central

Jones, Andrew D.; Ngure, Francis M.; Pelto, Gretel; Young, Sera L.

2013-01-01

The appropriate measurement of food security is critical for targeting food and economic aid; supporting early famine warning and global monitoring systems; evaluating nutrition, health, and development programs; and informing government policy across many sectors. This important work is complicated by the multiple approaches and tools for assessing food security. In response, we have prepared a compendium and review of food security assessment tools in which we review issues of terminology, measurement, and validation. We begin by describing the evolving definition of food security and use this discussion to frame a review of the current landscape of measurement tools available for assessing food security. We critically assess the purpose/s of these tools, the domains of food security assessed by each, the conceptualizations of food security that underpin each metric, as well as the approaches that have been used to validate these metrics. Specifically, we describe measurement tools that 1) provide national-level estimates of food security, 2) inform global monitoring and early warning systems, 3) assess household food access and acquisition, and 4) measure food consumption and utilization. After describing a number of outstanding measurement challenges that might be addressed in future research, we conclude by offering suggestions to guide the selection of appropriate food security metrics. PMID:24038241

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

Former Spencer Artillery Range, Tennessee Classification Demonstration Open Field and Dynamic Areas

DTIC Science & Technology

2016-01-01

DEMONSTRATION REPORT Former Spencer Artillery Range, Tennessee Classification Demonstration Open Field and Dynamic Areas ESTCP...AVAILABILITY STATEMENT 13. SUPPLEMENTARY NOTES 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: a. REPORT b. ABSTRACT c. THIS PAGE 17...2016 Technical Report N/A Former Spencer Artillery Range, Tennessee Classification Demonstration Open Field and Dynamic Areas Richard MacNeil, USA

Best Practices for the Security of Radioactive Materials

DOE Office of Scientific and Technical Information (OSTI.GOV)

Coulter, D.T.; Musolino, S.

2009-05-01

This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studiesmore » suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices encompass both physical security (hardware and engineering) and administrative procedures. Security regimes for these devices and materials typically use a defense-in-depth- or layered-security approach to eliminate single points of failure. The Department of Energy, the Department of Homeland Security, the Department of Defense, the American Society of Industrial Security (ASIS), the Security Industry Association (SIA) and Underwriters Laboratory (UL) all rovide design guidance and hardware specifications. With a graded approach, a physical-security specialist can tailor an integrated security-management system in the most appropriate cost-effective manner to meet the regulatory and non-regulatory requirements of the licensee or client.« less

Associated diacritical watermarking approach to protect sensitive arabic digital texts

NASA Astrophysics Data System (ADS)

Kamaruddin, Nurul Shamimi; Kamsin, Amirrudin; Hakak, Saqib

2017-10-01

Among multimedia content, one of the most predominant medium is text content. There have been lots of efforts to protect and secure text information over the Internet. The limitations of existing works have been identified in terms of watermark capacity, time complexity and memory complexity. In this work, an invisible digital watermarking approach has been proposed to protect and secure the most sensitive text i.e. Digital Holy Quran. The proposed approach works by XOR-ing only those Quranic letters that has certain diacritics associated with it. Due to sensitive nature of Holy Quran, diacritics play vital role in the meaning of the particular verse. Hence, securing letters with certain diacritics will preserve the original meaning of Quranic verses in case of alternation attempt. Initial results have shown that the proposed approach is promising with less memory complexity and time complexity compared to existing approaches.

Materials @ LANL: Solutions for National Security Challenges

NASA Astrophysics Data System (ADS)

Teter, David

2012-10-01

Materials science activities impact many programmatic missions at LANL including nuclear weapons, nuclear energy, renewable energy, global security and nonproliferation. An overview of the LANL materials science strategy and examples of materials science programs will be presented. Major materials leadership areas are in materials dynamics, actinides and correlated electron materials, materials in radiation extremes, energetic materials, integrated nanomaterials and complex functional materials. Los Alamos is also planning a large-scale, signature science facility called MaRIE (Matter Radiation Interactions in Extremes) to address in-situ characterization of materials in dynamic and radiation environments using multiple high energy probes. An overview of this facility will also be presented.

Authentication and Key Establishment in Dynamic Wireless Sensor Networks

PubMed Central

Qiu, Ying; Zhou, Jianying; Baek, Joonsang; Lopez, Javier

2010-01-01

When a sensor node roams within a very large and distributed wireless sensor network, which consists of numerous sensor nodes, its routing path and neighborhood keep changing. In order to provide a high level of security in this environment, the moving sensor node needs to be authenticated to new neighboring nodes and a key established for secure communication. The paper proposes an efficient and scalable protocol to establish and update the authentication key in a dynamic wireless sensor network environment. The protocol guarantees that two sensor nodes share at least one key with probability 1 (100%) with less memory and energy cost, while not causing considerable communication overhead. PMID:22319321

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

Dynamic video encryption algorithm for H.264/AVC based on a spatiotemporal chaos system.

PubMed

Xu, Hui; Tong, Xiao-Jun; Zhang, Miao; Wang, Zhu; Li, Ling-Hao

2016-06-01

Video encryption schemes mostly employ the selective encryption method to encrypt parts of important and sensitive video information, aiming to ensure the real-time performance and encryption efficiency. The classic block cipher is not applicable to video encryption due to the high computational overhead. In this paper, we propose the encryption selection control module to encrypt video syntax elements dynamically which is controlled by the chaotic pseudorandom sequence. A novel spatiotemporal chaos system and binarization method is used to generate a key stream for encrypting the chosen syntax elements. The proposed scheme enhances the resistance against attacks through the dynamic encryption process and high-security stream cipher. Experimental results show that the proposed method exhibits high security and high efficiency with little effect on the compression ratio and time cost.

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

National Aviation Security Policy, Strategy, and Mode-Specific Plans: Background and Considerations for Congress

DTIC Science & Technology

2008-01-02

aviation security . The approach to aviation security was largely shaped by past events, such as the bombing of Pan Am flight 103 in December 1988, rather...2001 attacks, U.S. aviation security policy and strategy was closely linked to the changes called for in the Aviation and Transportation Security Act...sensitive thus limiting public discourse on the DHS strategy for aviation security . However, in June 2006 President Bush directed the DHS to establish and

Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.

PubMed

Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F

2018-06-05

Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

Oslo and the Middle East Peace Process: The Negotiating Dilemma

DTIC Science & Technology

1998-06-01

for security against 39 Yoav Peled and Gershon Shafir , The Roots of Peacemaking: The Dynamics of Citizenship in Israel, 1949-1993...Boulder, CO: Westview Press, 1996. Peled, Yoav and Gershon Shafir . The Roots of Peacemaking: The Dynamics of Citizenship in Israel 1949-1993

Links between Risk and Attachment Security: Models of Influence

ERIC Educational Resources Information Center

Raikes, H. Abigail; Thompson, Ross A.

2005-01-01

The relation between maternal behavior and child attachment security is weaker among low SES samples, but it is unclear how stressors/risks associated with low SES alter the dynamics of attachment relationships. Results of this study of 63 low income mothers and their 24-36-month-old children indicated that the influence of multiple economic risks…

Hardware Based Function Level Mandatory Access Control for Memory Structures

DTIC Science & Technology

2008-04-01

tagging 16. SECURITY CLASSIFICATION OF: 19a. NAME OF RESPONSIBLE PERSON Lok Kwong Yan a. REPORT U b . ABSTRACT U c. THIS PAGE U 17. LIMITATION...www.phrack.org/issues.html?issue=58&id=4#article [13] Suh, G. E., Lee, J. W., Zhang, D., and Devadas , S. “Secure program execution via dynamic information

The Effectiveness of Information Technology Simulation and Security Awareness Training on U.S Military Personnel in Iraq and Afghanistan

ERIC Educational Resources Information Center

Armstead, Stanley K.

2017-01-01

In today's dynamic military environment, information technology plays a crucial role in the support of mission preparedness and operational readiness. This research examined the effectiveness of information technology security simulation and awareness training on U.S. military personnel in Iraq and Afghanistan. Also, the study analyzed whether…

Development and Analysis of Security Policies in Security Enhanced Android

DTIC Science & Technology

2012-12-01

Privilege - Escalation Attacks on Android ,” Proc. 19th Annual...Services, Bethesda, MD, 2011, pp. 239–252. 98 [43] L. Davi, et al. “ Privilege Escalation Attacks on Android ,” Proc. 13th Int. Conf. on Information...TaintDroid. XManDroid dynamically analyzes applications’ transitive permission usage in order to prevent application-level privilege escalation attacks

Source Authentication for Code Dissemination Supporting Dynamic Packet Size in Wireless Sensor Networks.

PubMed

Kim, Daehee; Kim, Dongwan; An, Sunshin

2016-07-09

Code dissemination in wireless sensor networks (WSNs) is a procedure for distributing a new code image over the air in order to update programs. Due to the fact that WSNs are mostly deployed in unattended and hostile environments, secure code dissemination ensuring authenticity and integrity is essential. Recent works on dynamic packet size control in WSNs allow enhancing the energy efficiency of code dissemination by dynamically changing the packet size on the basis of link quality. However, the authentication tokens attached by the base station become useless in the next hop where the packet size can vary according to the link quality of the next hop. In this paper, we propose three source authentication schemes for code dissemination supporting dynamic packet size. Compared to traditional source authentication schemes such as μTESLA and digital signatures, our schemes provide secure source authentication under the environment, where the packet size changes in each hop, with smaller energy consumption.

Source Authentication for Code Dissemination Supporting Dynamic Packet Size in Wireless Sensor Networks †

PubMed Central

Kim, Daehee; Kim, Dongwan; An, Sunshin

2016-01-01

Code dissemination in wireless sensor networks (WSNs) is a procedure for distributing a new code image over the air in order to update programs. Due to the fact that WSNs are mostly deployed in unattended and hostile environments, secure code dissemination ensuring authenticity and integrity is essential. Recent works on dynamic packet size control in WSNs allow enhancing the energy efficiency of code dissemination by dynamically changing the packet size on the basis of link quality. However, the authentication tokens attached by the base station become useless in the next hop where the packet size can vary according to the link quality of the next hop. In this paper, we propose three source authentication schemes for code dissemination supporting dynamic packet size. Compared to traditional source authentication schemes such as μTESLA and digital signatures, our schemes provide secure source authentication under the environment, where the packet size changes in each hop, with smaller energy consumption. PMID:27409616

Policy reconciliation for access control in dynamic cross-enterprise collaborations

NASA Astrophysics Data System (ADS)

Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

2018-03-01

In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

A Secure Information Framework with APRQ Properties

NASA Astrophysics Data System (ADS)

Rupa, Ch.

2017-08-01

Internet of the things is the most trending topics in the digital world. Security issues are rampant. In the corporate or institutional setting, security risks are apparent from the outset. Market leaders are unable to use the cryptographic techniques due to their complexities. Hence many bits of private information, including ID, are readily available for third parties to see and to utilize. There is a need to decrease the complexity and increase the robustness of the cryptographic approaches. In view of this, a new cryptographic technique as good encryption pact with adjacency, random prime number and quantum code properties has been proposed. Here, encryption can be done by using quantum photons with gray code. This approach uses the concepts of physics and mathematics with no external key exchange to improve the security of the data. It also reduces the key attacks by generation of a key at the party side instead of sharing. This method makes the security more robust than with the existing approach. Important properties of gray code and quantum are adjacency property and different photons to a single bit (0 or 1). These can reduce the avalanche effect. Cryptanalysis of the proposed method shows that it is resistant to various attacks and stronger than the existing approaches.

Modeling Sustainable Food Systems.

PubMed

Allen, Thomas; Prosperi, Paolo

2016-05-01

The processes underlying environmental, economic, and social unsustainability derive in part from the food system. Building sustainable food systems has become a predominating endeavor aiming to redirect our food systems and policies towards better-adjusted goals and improved societal welfare. Food systems are complex social-ecological systems involving multiple interactions between human and natural components. Policy needs to encourage public perception of humanity and nature as interdependent and interacting. The systemic nature of these interdependencies and interactions calls for systems approaches and integrated assessment tools. Identifying and modeling the intrinsic properties of the food system that will ensure its essential outcomes are maintained or enhanced over time and across generations, will help organizations and governmental institutions to track progress towards sustainability, and set policies that encourage positive transformations. This paper proposes a conceptual model that articulates crucial vulnerability and resilience factors to global environmental and socio-economic changes, postulating specific food and nutrition security issues as priority outcomes of food systems. By acknowledging the systemic nature of sustainability, this approach allows consideration of causal factor dynamics. In a stepwise approach, a logical application is schematized for three Mediterranean countries, namely Spain, France, and Italy.

Modeling Sustainable Food Systems

NASA Astrophysics Data System (ADS)

Allen, Thomas; Prosperi, Paolo

2016-05-01

The processes underlying environmental, economic, and social unsustainability derive in part from the food system. Building sustainable food systems has become a predominating endeavor aiming to redirect our food systems and policies towards better-adjusted goals and improved societal welfare. Food systems are complex social-ecological systems involving multiple interactions between human and natural components. Policy needs to encourage public perception of humanity and nature as interdependent and interacting. The systemic nature of these interdependencies and interactions calls for systems approaches and integrated assessment tools. Identifying and modeling the intrinsic properties of the food system that will ensure its essential outcomes are maintained or enhanced over time and across generations, will help organizations and governmental institutions to track progress towards sustainability, and set policies that encourage positive transformations. This paper proposes a conceptual model that articulates crucial vulnerability and resilience factors to global environmental and socio-economic changes, postulating specific food and nutrition security issues as priority outcomes of food systems. By acknowledging the systemic nature of sustainability, this approach allows consideration of causal factor dynamics. In a stepwise approach, a logical application is schematized for three Mediterranean countries, namely Spain, France, and Italy.

Reducing software security risk through an integrated approach research initiative model based verification of the Secure Socket Layer (SSL) Protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2003-01-01

This document discusses the verification of the Secure Socket Layer (SSL) communication protocol as a demonstration of the Model Based Verification (MBV) portion of the verification instrument set being developed under the Reducing Software Security Risk (RSSR) Trough an Integrated Approach research initiative. Code Q of the National Aeronautics and Space Administration (NASA) funds this project. The NASA Goddard Independent Verification and Validation (IV&V) facility manages this research program at the NASA agency level and the Assurance Technology Program Office (ATPO) manages the research locally at the Jet Propulsion Laboratory (California institute of Technology) where the research is being carried out.

A 3S Risk ?3SR? Assessment Approach for Nuclear Power: Safety Security and Safeguards.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Forrest, Robert; Reinhardt, Jason Christian; Wheeler, Timothy A.

Safety-focused risk analysis and assessment approaches struggle to adequately include malicious, deliberate acts against the nuclear power industry's fissile and waste material, infrastructure, and facilities. Further, existing methods do not adequately address non- proliferation issues. Treating safety, security, and safeguards concerns independently is inefficient because, at best, it may not take explicit advantage of measures that provide benefits against multiple risk domains, and, at worst, it may lead to implementations that increase overall risk due to incompatibilities. What is needed is an integrated safety, security and safeguards risk (or "3SR") framework for describing and assessing nuclear power risks that canmore » enable direct trade-offs and interactions in order to inform risk management processes -- a potential paradigm shift in risk analysis and management. These proceedings of the Sandia ePRA Workshop (held August 22-23, 2017) are an attempt to begin the discussions and deliberations to extend and augment safety focused risk assessment approaches to include security concerns and begin moving towards a 3S Risk approach. Safeguards concerns were not included in this initial workshop and are left to future efforts. This workshop focused on four themes in order to begin building out a the safety and security portions of the 3S Risk toolkit: 1. Historical Approaches and Tools 2. Current Challenges 3. Modern Approaches 4. Paths Forward and Next Steps This report is organized along the four areas described above, and concludes with a summary of key points. 2 Contact: rforres@sandia.gov; +1 (925) 294-2728« less

Integrated assessment and scenarios simulation of urban water security system in the southwest of China with system dynamics analysis.

PubMed

Yin, Su; Dongjie, Guan; Weici, Su; Weijun, Gao

2017-11-01

The demand for global freshwater is growing, while global freshwater available for human use is limited within a certain time and space. Its security has significant impacts on both the socio-economic system and ecological system. Recently, studies have focused on the urban water security system (UWSS) in terms of either water quantity or water quality. In this study, water resources, water environment, and water disaster issues in the UWSS were combined to establish an evaluation index system with system dynamics (SD) and geographic information systems (GIS). The GIS method performs qualitative analysis from the perspective of the spatial dimension; meanwhile, the SD method performs quantitative calculation about related water security problems from the perspective of the temporal dimension. We established a UWSS model for Guizhou province, China to analyze influencing factors, main driving factors, and system variation law, by using the SD method. We simulated the water security system from 2005 to 2025 under four scenarios (Guiyang scenario, Zunyi scenario, Bijie scenario and combined scenario). The results demonstrate that: (1) the severity of water security in cities is ranked as follows: three cities are secure in Guizhou province, four cities are in basic security and two cities are in a situation of insecurity from the spatial dimension of GIS through water security synthesis; and (2) the major driving factors of UWSS in Guizhou province include agricultural irrigation water demand, soil and water losses area, a ratio increase to the standard of water quality, and investment in environmental protection. A combined scenario is the best solution for UWSS by 2025 in Guizhou province under the four scenarios from the temporal dimension of SD. The results of this study provide a useful suggestion for the management of freshwater for the cities of Guizhou province in southwest China.

Overview of Computer Security Certification and Accreditation. Final Report.

ERIC Educational Resources Information Center

Ruthberg, Zella G.; Neugent, William

Primarily intended to familiarize ADP (automatic data processing) policy and information resource managers with the approach to computer security certification and accreditation found in "Guideline to Computer Security Certification and Accreditation," Federal Information Processing Standards Publications (FIPS-PUB) 102, this overview…

Visualization Tools for Teaching Computer Security

ERIC Educational Resources Information Center

Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

2010-01-01

Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

Snow Leopard Cloud: A Multi-national Education Training and Experimentation Cloud and Its Security Challenges

NASA Astrophysics Data System (ADS)

Cayirci, Erdal; Rong, Chunming; Huiskamp, Wim; Verkoelen, Cor

Military/civilian education training and experimentation networks (ETEN) are an important application area for the cloud computing concept. However, major security challenges have to be overcome to realize an ETEN. These challenges can be categorized as security challenges typical to any cloud and multi-level security challenges specific to an ETEN environment. The cloud approach for ETEN is introduced and its security challenges are explained in this paper.

Programming secure mobile agents in healthcare environments using role-based permissions.

PubMed

Georgiadis, C K; Baltatzis, J; Pangalos, G I

2003-01-01

The healthcare environment consists of vast amounts of dynamic and unstructured information, distributed over a large number of information systems. Mobile agent technology is having an ever-growing impact on the delivery of medical information. It supports acquiring and manipulating information distributed in a large number of information systems. Moreover is suitable for the computer untrained medical stuff. But the introduction of mobile agents generates advanced threads to the sensitive healthcare information, unless the proper countermeasures are taken. By applying the role-based approach to the authorization problem, we ease the sharing of information between hospital information systems and we reduce the administering part. The different initiative of the agent's migration method, results in different methods of assigning roles to the agent.

Hand-Held Femtogram Detection of Hazardous Picric Acid with Hydrophobic Ag Nanopillar SERS Substrates and Mechanism of Elasto-Capillarity.

PubMed

Hakonen, Aron; Wang, FengChao; Andersson, Per Ola; Wingfors, Håkan; Rindzevicius, Tomas; Schmidt, Michael Stenbæk; Soma, Venugopal Rao; Xu, Shicai; Li, YingQi; Boisen, Anja; Wu, HengAn

2017-02-24

Picric acid (PA) is a severe environmental and security risk due to its unstable, toxic, and explosive properties. It is also challenging to detect in trace amounts and in situ because of its highly acidic and anionic character. Here, we assess sensing of PA under nonlaboratory conditions using surface-enhanced Raman scattering (SERS) silver nanopillar substrates and hand-held Raman spectroscopy equipment. The advancing elasto-capillarity effects are explained by molecular dynamics simulations. We obtain a SERS PA detection limit on the order of 20 ppt, corresponding attomole amounts, which together with the simple analysis methodology demonstrates that the presented approach is highly competitive for ultrasensitive analysis in the field.

46 CFR 56.15-5 - Fluid-conditioner fittings.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Class I, I-L, and II-L systems receiving ship motion dynamic analysis and nondestructive examination. For Class I, I-L, or II-L systems not receiving ship motion dynamic analysis and nondestructive... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PIPING SYSTEMS AND...

46 CFR 56.15-1 - Pipe joining fittings.

Code of Federal Regulations, 2010 CFR

2010-10-01

... for all Class I, I-L, and II-L systems receiving ship motion dynamic analysis and nondestructive examination. For Class I, I-L, or II-L systems not receiving ship motion dynamic analysis and nondestructive... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PIPING SYSTEMS AND...

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks.

PubMed

Park, YoHan; Park, YoungHo

2016-12-14

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.'s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

PubMed Central

Park, YoHan; Park, YoungHo

2016-01-01

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment. PMID:27983616

A demonstration of a low cost approach to security at shipping facilities and ports

NASA Astrophysics Data System (ADS)

Huck, Robert C.; Al Akkoumi, Mouhammad K.; Herath, Ruchira W.; Sluss, James J., Jr.; Radhakrishnan, Sridhar; Landers, Thomas L.

2010-04-01

Government funding for the security at shipping facilities and ports is limited so there is a need for low cost scalable security systems. With over 20 million sea, truck, and rail containers entering the United States every year, these facilities pose a large risk to security. Securing these facilities and monitoring the variety of traffic that enter and leave is a major task. To accomplish this, the authors have developed and fielded a low cost fully distributed building block approach to port security at the inland Port of Catoosa in Oklahoma. Based on prior work accomplished in the design and fielding of an intelligent transportation system in the United States, functional building blocks, (e.g. Network, Camera, Sensor, Display, and Operator Console blocks) can be assembled, mixed and matched, and scaled to provide a comprehensive security system. The following functions are demonstrated and scaled through analysis and demonstration: Barge tracking, credential checking, container inventory, vehicle tracking, and situational awareness. The concept behind this research is "any operator on any console can control any device at any time."

Using software security analysis to verify the secure socket layer (SSL) protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2004-01-01

nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

The MANPAD Threat to Civilian Airliners

DTIC Science & Technology

2006-03-03

PAGES: 19 KEY TERMS: Homeland Security; Non-Proliferation; Airport Security CLASSIFICATION: Unclassified This paper investigates strategic approaches...technological solutions and law enforcement operations to provide a competent airport security perimeter.”18 To combat this ominous threat of MANPADS...sites for phone and computer tips should be established with access for airport security , local and federal law enforcement, as well as intelligence

Securing Cyberspace: Approaches to Developing an Effective Cyber-Security Strategy

DTIC Science & Technology

2011-05-15

attackers, cyber - criminals or even teenage hackers. Protecting cyberspace is a national security priority. President Obama’s National Security...prefers to engage international law enforcement to investigate and catch cyber criminals .40 International cooperation could resolve jurisdictional...sheltered them. Similarly, a state that fails to prosecute cyber - criminals , or who gives safe haven to individuals or groups that conduct cyber-attacks

How to Perform a Security Audit: Is Your School's or District's Network Vulnerable?

ERIC Educational Resources Information Center

Dark, Melissa; Poftak, Amy

2004-01-01

In this article, the authors address the importance of taking a proactive approach to securing a school's network. To do this, it is first required to know the system's specific vulnerabilities and what steps to take to reduce them. The formal process for doing this is known as an information security risk assessment, or a security audit. What…

The System Engineering Approach: Taiwan Navy Incorporation of Mobile Devices (Smartphone) into Its Force Structure

DTIC Science & Technology

2015-06-01

words) Attempting different approaches to explore the best practice of optimizing mobile security and productivity is necessary to improve the...INTENTIONALLY LEFT BLANK iv ABSTRACT Attempting different approaches to explore the best practice of optimizing mobile security and productivity is...incredible kindness and unfathomable generosity. I am grateful to have watched Super Bowl XLIX in your living room, washed dirty clothes in your laundry room

Realization of Configurable One-Dimensional Reflectarray

DTIC Science & Technology

2017-08-31

Maximum 200 words) A fundamental challenge remains in dynamically controlling the steering of long wavelength radiation (λ > 8 μm) using metal... dynamic , nanoribbons 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT: SAR 18. NUMBER OF PAGES 20 19a. NAME OF RESPONSIBLE PERSON...challenge remains in dynamically controlling the steering of long wavelength radiation (λ > 8 μm) using metal nanostructures or metamaterials (with critical

Automating security monitoring and analysis for Space Station Freedom's electric power system

NASA Technical Reports Server (NTRS)

Dolce, James L.; Sobajic, Dejan J.; Pao, Yoh-Han

1990-01-01

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A new approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

Automating security monitoring and analysis for Space Station Freedom's electric power system

NASA Technical Reports Server (NTRS)

Dolce, James L.; Sobajic, Dejan J.; Pao, Yoh-Han

1990-01-01

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A novel approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

Performance analysis of AES-Blowfish hybrid algorithm for security of patient medical record data

NASA Astrophysics Data System (ADS)

Mahmud H, Amir; Angga W, Bayu; Tommy; Marwan E, Andi; Siregar, Rosyidah

2018-04-01

A file security is one method to protect data confidentiality, integrity and information security. Cryptography is one of techniques used to secure and guarantee data confidentiality by doing conversion to the plaintext (original message) to cipher text (hidden message) with two important processes, they are encrypt and decrypt. Some researchers proposed a hybrid method to improve data security. In this research we proposed hybrid method of AES-blowfish (BF) to secure the patient’s medical report data into the form PDF file that sources from database. Generation method of private and public key uses two ways of approach, those are RSA method f RSA and ECC. We will analyze impact of these two ways of approach for hybrid method at AES-blowfish based on time and Throughput. Based on testing results, BF method is faster than AES and AES-BF hybrid, however AES-BF hybrid is better for throughput compared with AES and BF is higher.

Unsupervised algorithms for intrusion detection and identification in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2009-05-01

In previous work by the author, parameters across network protocol layers were selected as features in supervised algorithms that detect and identify certain intrusion attacks on wireless ad hoc sensor networks (WSNs) carrying multisensor data. The algorithms improved the residual performance of the intrusion prevention measures provided by any dynamic key-management schemes and trust models implemented among network nodes. The approach of this paper does not train algorithms on the signature of known attack traffic, but, instead, the approach is based on unsupervised anomaly detection techniques that learn the signature of normal network traffic. Unsupervised learning does not require the data to be labeled or to be purely of one type, i.e., normal or attack traffic. The approach can be augmented to add any security attributes and quantified trust levels, established during data exchanges among nodes, to the set of cross-layer features from the WSN protocols. A two-stage framework is introduced for the security algorithms to overcome the problems of input size and resource constraints. The first stage is an unsupervised clustering algorithm which reduces the payload of network data packets to a tractable size. The second stage is a traditional anomaly detection algorithm based on a variation of support vector machines (SVMs), whose efficiency is improved by the availability of data in the packet payload. In the first stage, selected algorithms are adapted to WSN platforms to meet system requirements for simple parallel distributed computation, distributed storage and data robustness. A set of mobile software agents, acting like an ant colony in securing the WSN, are distributed at the nodes to implement the algorithms. The agents move among the layers involved in the network response to the intrusions at each active node and trustworthy neighborhood, collecting parametric values and executing assigned decision tasks. This minimizes the need to move large amounts of audit-log data through resource-limited nodes and locates routines closer to that data. Performance of the unsupervised algorithms is evaluated against the network intrusions of black hole, flooding, Sybil and other denial-of-service attacks in simulations of published scenarios. Results for scenarios with intentionally malfunctioning sensors show the robustness of the two-stage approach to intrusion anomalies.

Research on early warning of food security using a system dynamics model: evidence from Jiangsu province in China.

PubMed

Xu, Jianling; Ding, Yi

2015-01-01

Analyzing the early warning of food security, this paper sets the self-sufficiency rate as the principal indicator in a standpoint of supplement. It is common to use the quantitative methods to forecast and warning the insecurity. However, this paper considers more about the probable outcome when the government intervenes. By constructing the causal feedbacks among grain supplement, demand, productive input, and the policy factors to simulate the future food security in Jiangsu province, conclusions can be drawn as the following: (1) The situation of food security is insecure if the self-sufficiency rate is under 68.3% according to the development of system inertia. (2) it is difficult to guarantee the food security in Jiangsu just depending on the increase of grain sown area. (3) The valid solution to ensure the food security in Jiangsu is to improve the productivity. © 2015 Institute of Food Technologists®

MAC layer security issues in wireless mesh networks

NASA Astrophysics Data System (ADS)

Reddy, K. Ganesh; Thilagam, P. Santhi

2016-03-01

Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

A novel wireless local positioning system for airport (indoor) security

NASA Astrophysics Data System (ADS)

Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

2004-09-01

A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

The US/Global Achilles heel : economic terrorism.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Backus, George A.

2005-04-01

While loss of life is the operating concern of Department of Homeland Security (DHS), the security of the economy ultimately decides the success of the war on terrorism. This project focuses on mitigation, containment, response, and impact of terrorist events on the economy. Conventional economic methods are inadequate, but agent-based methods (Discrete Simulation) appears to uniquely capture the dynamics and emergent (human) behaviors.

The Lessons of Coalition Politics. Sino-American Security Relations.

DTIC Science & Technology

1984-02-01

levels of trade; greater cultural , scientific, and athletic exchanges; and a general improvement in the atmosphere of interstate relations. But...facilities, and intergovernmental understandings. Tokyo and Washing- ton have accumulated substantial working experience in the manage- ment of an...considerations shed light on the internal political dynamic at work within the PRC policy process. The Chinese tried to portray their security and

Physical Unclonable Function Hardware Keys Utilizing Kirchhoff-Law Secure Key Exchange and Noise-Based Logic

NASA Astrophysics Data System (ADS)

Kish, Laszlo B.; Kwan, Chiman

Weak unclonable function (PUF) encryption key means that the manufacturer of the hardware can clone the key but not anybody else. Strong unclonable function (PUF) encryption key means that even the manufacturer of the hardware is unable to clone the key. In this paper, first we introduce an "ultra" strong PUF with intrinsic dynamical randomness, which is not only unclonable but also gets renewed to an independent key (with fresh randomness) during each use via the unconditionally secure key exchange. The solution utilizes the Kirchhoff-law-Johnson-noise (KLJN) method for dynamical key renewal and a one-time-pad secure key for the challenge/response process. The secure key is stored in a flash memory on the chip to provide tamper-resistance and nonvolatile storage with zero power requirements in standby mode. Simplified PUF keys are shown: a strong PUF utilizing KLJN protocol during the first run and noise-based logic (NBL) hyperspace vector string verification method for the challenge/response during the rest of its life or until it is re-initialized. Finally, the simplest PUF utilizes NBL without KLJN thus it can be cloned by the manufacturer but not by anybody else.

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

NASA Astrophysics Data System (ADS)

Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

An approach to communications security for a communications data delivery system for V2V/V2I safety : technical description and identification of policy and institutional issues.

DOT National Transportation Integrated Search

2011-11-01

This report identifies the security approach associated with a communications data delivery system that supports vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications. The report describes the risks associated with communication...

76 FR 52353 - Assumption Buster Workshop: “Current Implementations of Cloud Computing Indicate a New Approach...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-22

... explored in this series is cloud computing. The workshop on this topic will be held in Gaithersburg, MD on October 21, 2011. Assertion: ``Current implementations of cloud computing indicate a new approach to security'' Implementations of cloud computing have provided new ways of thinking about how to secure data...

Preventing School Bullying: Should Schools Prioritize an Authoritative School Discipline Approach over Security Measures?

ERIC Educational Resources Information Center

Gerlinger, Julie; Wo, James C.

2016-01-01

A common response to school violence features the use of security measures to deter serious and violent incidents. However, a second approach, based on school climate theory, suggests that schools exhibiting authoritative school discipline (i.e., high structure and support) might more effectively reduce school disorder. We tested these approaches…

A systems science perspective and transdisciplinary models for food and nutrition security

PubMed Central

Hammond, Ross A.; Dubé, Laurette

2012-01-01

We argue that food and nutrition security is driven by complex underlying systems and that both research and policy in this area would benefit from a systems approach. We present a framework for such an approach, examine key underlying systems, and identify transdisciplinary modeling tools that may prove especially useful. PMID:22826247

A multidisciplinary approach to team nursing within a low secure service: the team leader role.

PubMed

Nagi, Claire; Davies, Jason; Williams, Marie; Roberts, Catherine; Lewis, Roger

2012-01-01

This article critically examines the clinical utility of redesigning a nursing practice model within the Intensive Support and Intervention Service, a new low secure mental health facility in the United Kingdom. Specifically, the "team nursing" approach to care delivery has been adapted to consist of multidisciplinary team leaders as opposed to nursing team leaders. The authors describe the role, properties, and functions of the multidisciplinary team leader approach. The authors provide examples of the benefits and challenges posed to date and the ways in which potential barriers have been overcome. Nursing care leadership can be provided by multidisciplinary staff. An adapted model of team nursing can be implemented in a low secure setting. © 2011 Wiley Periodicals, Inc.

New security infrastructure model for distributed computing systems

NASA Astrophysics Data System (ADS)

Dubenskaya, J.; Kryukov, A.; Demichev, A.; Prikhodko, N.

2016-02-01

At the paper we propose a new approach to setting up a user-friendly and yet secure authentication and authorization procedure in a distributed computing system. The security concept of the most heterogeneous distributed computing systems is based on the public key infrastructure along with proxy certificates which are used for rights delegation. In practice a contradiction between the limited lifetime of the proxy certificates and the unpredictable time of the request processing is a big issue for the end users of the system. We propose to use unlimited in time hashes which are individual for each request instead of proxy certificate. Our approach allows to avoid using of the proxy certificates. Thus the security infrastructure of distributed computing system becomes easier for development, support and use.

High speed and adaptable error correction for megabit/s rate quantum key distribution.

PubMed

Dixon, A R; Sato, H

2014-12-02

Quantum Key Distribution is moving from its theoretical foundation of unconditional security to rapidly approaching real world installations. A significant part of this move is the orders of magnitude increases in the rate at which secure key bits are distributed. However, these advances have mostly been confined to the physical hardware stage of QKD, with software post-processing often being unable to support the high raw bit rates. In a complete implementation this leads to a bottleneck limiting the final secure key rate of the system unnecessarily. Here we report details of equally high rate error correction which is further adaptable to maximise the secure key rate under a range of different operating conditions. The error correction is implemented both in CPU and GPU using a bi-directional LDPC approach and can provide 90-94% of the ideal secure key rate over all fibre distances from 0-80 km.

High speed and adaptable error correction for megabit/s rate quantum key distribution

PubMed Central

Dixon, A. R.; Sato, H.

2014-01-01

Quantum Key Distribution is moving from its theoretical foundation of unconditional security to rapidly approaching real world installations. A significant part of this move is the orders of magnitude increases in the rate at which secure key bits are distributed. However, these advances have mostly been confined to the physical hardware stage of QKD, with software post-processing often being unable to support the high raw bit rates. In a complete implementation this leads to a bottleneck limiting the final secure key rate of the system unnecessarily. Here we report details of equally high rate error correction which is further adaptable to maximise the secure key rate under a range of different operating conditions. The error correction is implemented both in CPU and GPU using a bi-directional LDPC approach and can provide 90–94% of the ideal secure key rate over all fibre distances from 0–80 km. PMID:25450416

Ad-Hoc Networks and the Mobile Application Security System (MASS)

DTIC Science & Technology

2006-01-01

solution to this problem that addresses critical aspects of security in ad-hoc mobile application networks. This approach involves preventing unauthorized...modification of a mobile application , both by other applications and by hosts, and ensuring that mobile code is authentic and authorized. These...capabilities constitute the Mobile Application Security System (MASS). The MASS applies effective, robust security to mobile application -based systems

Forecasting of Information Security Related Incidents: Amount of Spam Messages as a Case Study

NASA Astrophysics Data System (ADS)

Romanov, Anton; Okamoto, Eiji

With the increasing demand for services provided by communication networks, quality and reliability of such services as well as confidentiality of data transfer are becoming ones of the highest concerns. At the same time, because of growing hacker's activities, quality of provided content and reliability of its continuous delivery strongly depend on integrity of data transmission and availability of communication infrastructure, thus on information security of a given IT landscape. But, the amount of resources allocated to provide information security (like security staff, technical countermeasures and etc.) must be reasonable from the economic point of view. This fact, in turn, leads to the need to employ a forecasting technique in order to make planning of IT budget and short-term planning of potential bottlenecks. In this paper we present an approach to make such a forecasting for a wide class of information security related incidents (ISRI) — unambiguously detectable ISRI. This approach is based on different auto regression models which are widely used in financial time series analysis but can not be directly applied to ISRI time series due to specifics related to information security. We investigate and address this specifics by proposing rules (special conditions) of collection and storage of ISRI time series, adherence to which improves forecasting in this subject field. We present an application of our approach to one type of unambiguously detectable ISRI — amount of spam messages which, if not mitigated properly, could create additional load on communication infrastructure and consume significant amounts of network capacity. Finally we evaluate our approach by simulation and actual measurement.

NASA's Approach to Software Assurance

NASA Technical Reports Server (NTRS)

Wetherholt, Martha

2015-01-01

NASA defines software assurance as: the planned and systematic set of activities that ensure conformance of software life cycle processes and products to requirements, standards, and procedures via quality, safety, reliability, and independent verification and validation. NASA's implementation of this approach to the quality, safety, reliability, security and verification and validation of software is brought together in one discipline, software assurance. Organizationally, NASA has software assurance at each NASA center, a Software Assurance Manager at NASA Headquarters, a Software Assurance Technical Fellow (currently the same person as the SA Manager), and an Independent Verification and Validation Organization with its own facility. An umbrella risk mitigation strategy for safety and mission success assurance of NASA's software, software assurance covers a wide area and is better structured to address the dynamic changes in how software is developed, used, and managed, as well as it's increasingly complex functionality. Being flexible, risk based, and prepared for challenges in software at NASA is essential, especially as much of our software is unique for each mission.

Gender, sexuality, and violence in humanitarian crises.

PubMed

Hilhorst, Dorothea; Porter, Holly; Gordon, Rachel

2018-01-01

Gender, sexuality, and violence have attracted significant attention in the sphere of humanitarianism in recent years. While this shift builds on the earlier 'Gender and Development' approach and the 'Women, Peace, and Security Agenda', analytical depth is lacking in practice. Notably, 'gender' often means a singular concern for women, neglecting questions of agency and the dynamic and changing realities of gendered power relations. This introductory paper examines why this neglect occurs and proposes a more relational approach to gender. It explores how the contributions to this special issue of Disasters revisit classic gender issues pertaining to violence, livelihoods, and institutions in different settings of humanitarian emergencies, while expanding one's vision beyond them. It draws from the seven papers a number of lessons for humanitarianism, concerning the entangled nature of gender relations, the risks of the unintended effects of gender programming, and the importance of paying sustained attention to how gender relations unfold in a time of crisis. © 2018 The Author(s). Disasters © Overseas Development Institute, 2018.

Systems Biology-Based Platforms to Accelerate Research of Emerging Infectious Diseases.

PubMed

Oh, Soo Jin; Choi, Young Ki; Shin, Ok Sarah

2018-03-01

Emerging infectious diseases (EIDs) pose a major threat to public health and security. Given the dynamic nature and significant impact of EIDs, the most effective way to prevent and protect against them is to develop vaccines in advance. Systems biology approaches provide an integrative way to understand the complex immune response to pathogens. They can lead to a greater understanding of EID pathogenesis and facilitate the evaluation of newly developed vaccine-induced immunity in a timely manner. In recent years, advances in high throughput technologies have enabled researchers to successfully apply systems biology methods to analyze immune responses to a variety of pathogens and vaccines. Despite recent advances, computational and biological challenges impede wider application of systems biology approaches. This review highlights recent advances in the fields of systems immunology and vaccinology, and presents ways that systems biology-based platforms can be applied to accelerate a deeper understanding of the molecular mechanisms of immunity against EIDs. © Copyright: Yonsei University College of Medicine 2018.

Systems Biology-Based Platforms to Accelerate Research of Emerging Infectious Diseases

PubMed Central

2018-01-01

Emerging infectious diseases (EIDs) pose a major threat to public health and security. Given the dynamic nature and significant impact of EIDs, the most effective way to prevent and protect against them is to develop vaccines in advance. Systems biology approaches provide an integrative way to understand the complex immune response to pathogens. They can lead to a greater understanding of EID pathogenesis and facilitate the evaluation of newly developed vaccine-induced immunity in a timely manner. In recent years, advances in high throughput technologies have enabled researchers to successfully apply systems biology methods to analyze immune responses to a variety of pathogens and vaccines. Despite recent advances, computational and biological challenges impede wider application of systems biology approaches. This review highlights recent advances in the fields of systems immunology and vaccinology, and presents ways that systems biology-based platforms can be applied to accelerate a deeper understanding of the molecular mechanisms of immunity against EIDs. PMID:29436184

Being in Community: A Food Security Themed Approach to Public Scholarship

ERIC Educational Resources Information Center

Harrison, Barbara; Nelson, Connie; Stroink, Mirella

2013-01-01

For six years the Food Security Research Network at Lakehead University, Canada, has been engaged in an interdisciplinary theme-based service-learning initiative focusing on food security. Informed by complexity theory, the contextual fluidity partnership model brings community partners, students, and faculty into a nexus through which new…

Reducing Incongruity of Perceptions Related to Information Risk: Dialogical Action Research in Organizations

ERIC Educational Resources Information Center

Sedlack, Derek J.

2012-01-01

A critical overreliance on the technical dimension of information security has recently shifted toward more robust, organizationally focused information security methods to countermand $54 billion lost from computer security incidents. Developing a more balanced approach is required since protecting information is not an all or nothing…

National Aeronautics and Space Administration's (NASA) Automated Information Security Handbook

NASA Technical Reports Server (NTRS)

Roback, E.

1991-01-01

The NASA Automated Information Security Handbook provides NASA's overall approach to automated information systems security including discussions of such aspects as: program goals and objectives, assignment of responsibilities, risk assessment, foreign national access, contingency planning and disaster recovery, awareness training, procurement, certification, planning, and special considerations for microcomputers.

A Study on Corporate Security Awareness and Compliance Behavior Intent

ERIC Educational Resources Information Center

Clark, Christine Y.

2013-01-01

Understanding the drivers to encourage employees' security compliance behavior is increasingly important in today's highly networked environment to protect computer and information assets of the company. The traditional approach for corporations to implement technology-based controls, to prevent security breaches is no longer sufficient.…

Regulatory Guide on Conducting a Security Vulnerability Assessment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ek, David R.

This document will provide guidelines on conducting a security vulnerability assessment at a facility regulated by the Radiation Protection Centre. The guidelines provide a performance approach assess security effectiveness. The guidelines provide guidance for a review following the objectives outlined in IAEA NSS#11 for Category 1, 2, & 3 sources.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach—A Case Study for the City of Wuhan in China

PubMed Central

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-01-01

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study—simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan. PMID:28617348

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

Securing Resources in Collaborative Environments: A Peer-to-peerApproach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Berket, Karlo; Essiari, Abdelilah; Thompson, Mary R.

2005-09-19

We have developed a security model that facilitates control of resources by autonomous peers who act on behalf of collaborating users. This model allows a gradual build-up of trust. It enables secure interactions among users that do not necessarily know each other and allows them to build trust over the course of their collaboration. This paper describes various aspects of our security model and describes an architecture that implements this model to provide security in pure peer-to-peer environments.

Real-Time and High-Fidelity Simulation Environment for Autonomous Ground Vehicle Dynamics

DTIC Science & Technology

2013-08-01

ENGINEERING AND TECHNOLOGY SYMPOSIUM (GVSETS), SET FOR AUG. 21-22, 2013 14. ABSTRACT briefing charts 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17...EDL & Aero-Flight DSENDS Airships Planetary & Terrain models SimScape Simulation framework Dshell Flex & Multibody dynamics DARTS 3D...7 DARTS Rigid/Flexible Real-Time Multibody Dynamics Engine Recipient of the NASA Software of the Year Award. Abhinandan Jain, "Robot and

AC Current Driven Dynamic Vortex State in YBa2Cu3O7-x (Postprint)

DTIC Science & Technology

2012-02-01

coexisting steady states of driven vortex motion with different characteristics: a quasi-static disordered glassy state in the sample interior and a...coexisting, vortex, plastic, dynamic, calculations, disordered , hysteretic, model, films, edges 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF...characteris- tics: a quasi-static disordered glassy state in the sample interior and a dynamic state of plastic motion near the edges. Finite- element

A fast chaos-based image encryption scheme with a dynamic state variables selection mechanism

NASA Astrophysics Data System (ADS)

Chen, Jun-xin; Zhu, Zhi-liang; Fu, Chong; Yu, Hai; Zhang, Li-bo

2015-03-01

In recent years, a variety of chaos-based image cryptosystems have been investigated to meet the increasing demand for real-time secure image transmission. Most of them are based on permutation-diffusion architecture, in which permutation and diffusion are two independent procedures with fixed control parameters. This property results in two flaws. (1) At least two chaotic state variables are required for encrypting one plain pixel, in permutation and diffusion stages respectively. Chaotic state variables produced with high computation complexity are not sufficiently used. (2) The key stream solely depends on the secret key, and hence the cryptosystem is vulnerable against known/chosen-plaintext attacks. In this paper, a fast chaos-based image encryption scheme with a dynamic state variables selection mechanism is proposed to enhance the security and promote the efficiency of chaos-based image cryptosystems. Experimental simulations and extensive cryptanalysis have been carried out and the results prove the superior security and high efficiency of the scheme.

Evaluation of security algorithms used for security processing on DICOM images

NASA Astrophysics Data System (ADS)

Chen, Xiaomeng; Shuai, Jie; Zhang, Jianguo; Huang, H. K.

2005-04-01

In this paper, we developed security approach to provide security measures and features in PACS image acquisition and Tele-radiology image transmission. The security processing on medical images was based on public key infrastructure (PKI) and including digital signature and data encryption to achieve the security features of confidentiality, privacy, authenticity, integrity, and non-repudiation. There are many algorithms which can be used in PKI for data encryption and digital signature. In this research, we select several algorithms to perform security processing on different DICOM images in PACS environment, evaluate the security processing performance of these algorithms, and find the relationship between performance with image types, sizes and the implementation methods.

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

Performance evaluation of reactive and proactive routing protocol in IEEE 802.11 ad hoc network

NASA Astrophysics Data System (ADS)

Hamma, Salima; Cizeron, Eddy; Issaka, Hafiz; Guédon, Jean-Pierre

2006-10-01

Wireless technology based on the IEEE 802.11 standard is widely deployed. This technology is used to support multiple types of communication services (data, voice, image) with different QoS requirements. MANET (Mobile Adhoc NETwork) does not require a fixed infrastructure. Mobile nodes communicate through multihop paths. The wireless communication medium has variable and unpredictable characteristics. Furthermore, node mobility creates a continuously changing communication topology in which paths break and new one form dynamically. The routing table of each router in an adhoc network must be kept up-to-date. MANET uses Distance Vector or Link State algorithms which insure that the route to every host is always known. However, this approach must take into account the adhoc networks specific characteristics: dynamic topologies, limited bandwidth, energy constraints, limited physical security, ... Two main routing protocols categories are studied in this paper: proactive protocols (e.g. Optimised Link State Routing - OLSR) and reactive protocols (e.g. Ad hoc On Demand Distance Vector - AODV, Dynamic Source Routing - DSR). The proactive protocols are based on periodic exchanges that update the routing tables to all possible destinations, even if no traffic goes through. The reactive protocols are based on on-demand route discoveries that update routing tables only for the destination that has traffic going through. The present paper focuses on study and performance evaluation of these categories using NS2 simulations. We have considered qualitative and quantitative criteria. The first one concerns distributed operation, loop-freedom, security, sleep period operation. The second are used to assess performance of different routing protocols presented in this paper. We can list end-to-end data delay, jitter, packet delivery ratio, routing load, activity distribution. Comparative study will be presented with number of networking context consideration and the results show the appropriate routing protocol for two kinds of communication services (data and voice).

Secured Advanced Federated Environment (SAFE): A NASA Solution for Secure Cross-Organization Collaboration

NASA Technical Reports Server (NTRS)

Chow, Edward; Spence, Matthew Chew; Pell, Barney; Stewart, Helen; Korsmeyer, David; Liu, Joseph; Chang, Hsin-Ping; Viernes, Conan; Gogorth, Andre

2003-01-01

This paper discusses the challenges and security issues inherent in building complex cross-organizational collaborative projects and software systems within NASA. By applying the design principles of compartmentalization, organizational hierarchy and inter-organizational federation, the Secured Advanced Federated Environment (SAFE) is laying the foundation for a collaborative virtual infrastructure for the NASA community. A key element of SAFE is the Micro Security Domain (MSD) concept, which balances the need to collaborate and the need to enforce enterprise and local security rules. With the SAFE approach, security is an integral component of enterprise software and network design, not an afterthought.

Globalization of health insecurity: the World Health Organization and the new International Health Regulations.

PubMed

Aginam, Obijiofor

2006-12-01

The transnational spread of communicable and non-communicable diseases has opened new vistas in the discourse of global health security. Emerging and re-emerging pathogens, according to exponents of globalization of public health, disrespect the geo-political boundaries of nation-states. Despite the global ramifications of health insecurity in a globalizing world, contemporary international law still operates as a classic inter-state law within an international system exclusively founded on a coalition of nation-states. This article argues that the dynamic process of globalization has created an opportunity for the World Health Organization to develop effective synergy with a multiplicity of actors in the exercise of its legal powers. WHO's legal and regulatory strategies must transform from traditional international legal approaches to disease governance to a "post-Westphalian public health governance": the use of formal and informal sources from state and non-state actors, hard law (treaties and regulations) and soft law (recommendations and travel advisories) in global health governance. This article assesses the potential promise and problems of WHO's new International Health Regulations (IHR) as a regulatory strategy for global health governance and global health security.

Optimizing cropland cover for stable food production in Sub-Saharan Africa using simulated yield and Modern Portfolio Theory

NASA Astrophysics Data System (ADS)

Bodin, P.; Olin, S.; Pugh, T. A. M.; Arneth, A.

2014-12-01

Food security can be defined as stable access to food of good nutritional quality. In Sub Saharan Africa access to food is strongly linked to local food production and the capacity to generate enough calories to sustain the local population. Therefore it is important in these regions to generate not only sufficiently high yields but also to reduce interannual variability in food production. Traditionally, climate impact simulation studies have focused on factors that underlie maximum productivity ignoring the variability in yield. By using Modern Portfolio Theory, a method stemming from economics, we here calculate optimum current and future crop selection that maintain current yield while minimizing variance, vs. maintaining variance while maximizing yield. Based on simulated yield using the LPJ-GUESS dynamic vegetation model, the results show that current cropland distribution for many crops is close to these optimum distributions. Even so, the optimizations displayed substantial potential to either increase food production and/or to decrease its variance regionally. Our approach can also be seen as a method to create future scenarios for the sown areas of crops in regions where local food production is important for food security.

Security Requirements Management in Software Product Line Engineering

NASA Astrophysics Data System (ADS)

Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

Food security in an era of economic volatility.

PubMed

Naylor, Rosamond L; Falcon, Walter P

2010-01-01

This article analyzes international commodity price movements, assesses food policies in response to price fluctuations, and explores the food security implications of price volatility on low-income groups. It focuses specifically on measurements, causes, and consequences of recent food price trends, variability around those trends, and price spikes. Combining these three components of price dynamics shows that the variation in real prices post-2000 was substantially greater than that in the 1980s and 1990s, and was approximately equal to the extreme volatility in commodity prices that was experienced in the 1970s. Macro policy, exchange rates, and petroleum prices were important determinants of price variability over 2005–2010, highlighting the new linkages between the agriculture-energy and agriculture-finance markets that affect the world food economy today. These linkages contributed in large part to misguided expectations and uncertainty that drove prices to their peak in 2008. The article also argues that there is a long-lasting effect of price spikes on food policy around the world, often resulting in self-sufficiency policies that create even more volatility in international markets. The efforts by governments to stabilize prices frequently contribute to even greater food insecurity among poor households, most of which are in rural areas and survive on the margin of net consumption and net production. Events of 2008—and more recently in 2010—underscore the impact of price variability for food security and the need for refocused policy approaches to prevent and mitigate price spikes.

The myth of secure computing.

PubMed

Austin, Robert D; Darby, Christopher A

2003-06-01

Few senior executives pay a whole lot of attention to computer security. They either hand off responsibility to their technical people or bring in consultants. But given the stakes involved, an arm's-length approach is extremely unwise. According to industry estimates, security breaches affect 90% of all businesses every year and cost some $17 billion. Fortunately, the authors say, senior executives don't need to learn about the more arcane aspects of their company's IT systems in order to take a hands-on approach. Instead, they should focus on the familiar task of managing risk. Their role should be to assess the business value of their information assets, determine the likelihood that those assets will be compromised, and then tailor a set of risk abatement processes to their company's particular vulnerabilities. This approach, which views computer security as an operational rather than a technical challenge, is akin to a classic quality assurance program in that it attempts to avoid problems rather than fix them and involves all employees, not just IT staffers. The goal is not to make computer systems completely secure--that's impossible--but to reduce the business risk to an acceptable level. This article looks at the types of threats a company is apt to face. It also examines the processes a general manager should spearhead to lessen the likelihood of a successful attack. The authors recommend eight processes in all, ranging from deciding how much protection each digital asset deserves to insisting on secure software to rehearsing a response to a security breach. The important thing to realize, they emphasize, is that decisions about digital security are not much different from other cost-benefit decisions. The tools general managers bring to bear on other areas of the business are good models for what they need to do in this technical space.

Students' Ontological Security and Agency in Science Education--An Example from Reasoning about the Use of Gene Technology

ERIC Educational Resources Information Center

Lindahl, Mats Gunnar; Linder, Cedric

2013-01-01

This paper reports on a study of how students' reasoning about socioscientific issues is framed by three dynamics: societal structures, agency and how trust and security issues are handled. Examples from gene technology were used as the forum for interviews with 13 Swedish high-school students (year 11, age 17-18). A grid based on modalities from…

Fast Computation and Assessment Methods in Power System Analysis

NASA Astrophysics Data System (ADS)

Nagata, Masaki

Power system analysis is essential for efficient and reliable power system operation and control. Recently, online security assessment system has become of importance, as more efficient use of power networks is eagerly required. In this article, fast power system analysis techniques such as contingency screening, parallel processing and intelligent systems application are briefly surveyed from the view point of their application to online dynamic security assessment.

Safe and Secure Partitioning with Pikeos: Towards Integrated Modular Avionics in Space

NASA Astrophysics Data System (ADS)

Almeida, J.; Prochazka, M.

2009-05-01

This paper presents our approach to logical partitioning of spacecraft onboard software. We present PikeOS, a separation micro-kernel which applies the state-of-the- art techniques and widely recognised standards such as ARINC 653 and MILS in order to guarantee safety and security properties of partitions executing software with different criticality and confidentiality. We provide an overview of our approach, also used in the Securely Partitioning Spacecraft Computing Resources project, an ESA TRP contract, which shifts spacecraft onboard software development towards the Integrated Modular Avionics concept with relevance for dual-use military and civil missions.

An approach for investigation of secure access processes at a combined e-learning environment

NASA Astrophysics Data System (ADS)

Romansky, Radi; Noninska, Irina

2017-12-01

The article discuses an approach to investigate processes for regulation the security and privacy control at a heterogenous e-learning environment realized as a combination of traditional and cloud means and tools. Authors' proposal for combined architecture of e-learning system is presented and main subsystems and procedures are discussed. A formalization of the processes for using different types resources (public, private internal and private external) is proposed. The apparatus of Markovian chains (MC) is used for modeling and analytical investigation of the secure access to the resources is used and some assessments are presented.

Maternal sensitivity and infant attachment security in Korea: cross-cultural validation of the Strange Situation.

PubMed

Jin, Mi Kyoung; Jacobvitz, Deborah; Hazen, Nancy; Jung, Sung Hoon

2012-01-01

The present study sought to analyze infant and maternal behavior both during the Strange Situation Procedure (SSP) and a free play session in a Korean sample (N = 87) to help understand whether mother-infant attachment relationships are universal or culture-specific. Distributions of attachment classifications in the Korean sample were compared with a cross-national sample. Behavior of mothers and infants following the two separation episodes in the SSP, including mothers' proximity to their infants and infants' approach to the caregiver, was also observed, as was the association between maternal sensitivity observed during free play session and infant security. The percentage of Korean infants classified as secure versus insecure mirrored the global distribution, however, only one Korean baby was classified as avoidant. Following the separation episodes in the Strange Situation, Korean mothers were more likely than mothers in Ainsworth's Baltimore sample to approach their babies immediately and sit beside them throughout the reunion episodes, even when their babies were no longer distressed. Also, Korean babies less often approached their mothers during reunions than did infants in the Baltimore sample. Finally, the link between maternal sensitivity and infant security was significant. The findings support the idea that the basic secure base function of attachment is universal and the SSP is a valid measure of secure attachment, but cultural differences in caregiving may result in variations in how this function is manifested.

A Community-Based Approach to Leading the Nation in Smart Energy Use

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

2013-12-31

Project Objectives The AEP Ohio gridSMART® Demonstration Project (Project) achieved the following objectives: • Built a secure, interoperable, and integrated smart grid infrastructure in northeast central Ohio that demonstrated the ability to maximize distribution system efficiency and reliability and consumer use of demand response programs that reduced energy consumption, peak demand, and fossil fuel emissions. • Actively attracted, educated, enlisted, and retained consumers in innovative business models that provided tools and information reducing consumption and peak demand. • Provided the U.S. Department of Energy (DOE) information to evaluate technologies and preferred smart grid business models to be extended nationally. Projectmore » Description Ohio Power Company (the surviving company of a merger with Columbus Southern Power Company), doing business as AEP Ohio (AEP Ohio), took a community-based approach and incorporated a full suite of advanced smart grid technologies for 110,000 consumers in an area selected for its concentration and diversity of distribution infrastructure and consumers. It was organized and aligned around: • Technology, implementation, and operations • Consumer and stakeholder acceptance • Data management and benefit assessment Combined, these functional areas served as the foundation of the Project to integrate commercially available products, innovative technologies, and new consumer products and services within a secure two-way communication network between the utility and consumers. The Project included Advanced Metering Infrastructure (AMI), Distribution Management System (DMS), Distribution Automation Circuit Reconfiguration (DACR), Volt VAR Optimization (VVO), and Consumer Programs (CP). These technologies were combined with two-way consumer communication and information sharing, demand response, dynamic pricing, and consumer products, such as plug-in electric vehicles and smart appliances. In addition, the Project incorporated comprehensive cyber security capabilities, interoperability, and a data assessment that, with grid simulation capabilities, made the demonstration results an adaptable, integrated solution for AEP Ohio and the nation.« less

Addressing the Challenges of Collective Security in West Africa: In View of Recent Conflicts

DTIC Science & Technology

2017-06-09

Distribution is Unlimited 13. SUPPLEMENTARY NOTES 14. ABSTRACT Understanding that achieving peace and security is a primary condition for an economic ...condition for an economic integration, ECOWAS has developped various approachs in resolving crises and overcoming threats within West Africa. Using...System CS Collective Security CSO Civil Society Organizations CSS Center for Security Studies EAC East Africa Community ECCAS Economic Community of

Aircraft Survivability: Reclaiming the Low Altitude Battlespace. Fall 2003

DTIC Science & Technology

2003-01-01

tt p: //j as .jc s. m il n by Charles Pedriani to Improve Commercial Aviation Security JASPO/NASA Cooperate The National Aeronautics and Space...Administration (NASA) Aviation Safety and Security Program Office announced its Aviation Security Project at a rollout work- shop in March 2003. The...and development efforts involving technology of interest. Overview of the NASA Aviation Security Initiative A systems approach will be used as

Mobile Security: A Systems Engineering Framework for Implementing Bring Your Own Device (BYOD) Security through the Combination of Policy Management and Technology

ERIC Educational Resources Information Center

Zahadat, Nima

2016-01-01

With the rapid increase of smartphones and tablets, security concerns have also been on the rise. Traditionally, Information Technology (IT) departments set up devices, apply security, and monitor them. Such approaches do not apply to today's mobile devices due to a phenomenon called Bring Your Own Device or BYOD. Employees find it desirable to…

Information security risk management for computerized health information systems in hospitals: a case study of Iran.

PubMed

Zarei, Javad; Sadoughi, Farahnaz

2016-01-01

In recent years, hospitals in Iran - similar to those in other countries - have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts' opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Information security risk management is not followed by Iran's hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran's Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran.

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Hierarchical Bio-Inspired Cooperative Control for Nonlinear Dynamical Systems and Hardware Demonstration

DTIC Science & Technology

2013-04-03

cooperative control, LEGO robotic testbed, non-linear dynamics 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES...testbed The architecture of the LEGO robots (® LEGO is a trademark and/or copyright of the LEGO Group) used in tests were based off the quick-start

Location-Aware Dynamic Session-Key Management for Grid-Based Wireless Sensor Networks

PubMed Central

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths. PMID:22163606

Location-aware dynamic session-key management for grid-based Wireless Sensor Networks.

PubMed

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths.

A Healthy Approach to Fitness Center Security.

ERIC Educational Resources Information Center

Sturgeon, Julie

2000-01-01

Examines techniques for keeping college fitness centers secure while maintaining an inviting atmosphere. Building access control, preventing locker room theft, and suppressing causes for physical violence are discussed. (GR)

Secure medical digital libraries.

PubMed

Papadakis, I; Chrissikopoulos, V; Polemi, D

2001-12-01

In this paper, a secure medical digital library is presented. It is based on the CORBA specifications for distributed systems. The described approach relies on a three-tier architecture. Interaction between the medical digital library and its users is achieved through a Web server. The choice of employing Web technology for the dissemination of medical data has many advantages compared to older approaches, but also poses extra requirements that need to be fulfilled. Thus, special attention is paid to the distinguished nature of such medical data, whose integrity and confidentiality should be preserved at all costs. This is achieved through the employment of Trusted Third Parties (TTP) technology for the support of the required security services. Additionally, the proposed digital library employs smartcards for the management of the various security tokens that are used from the above services.

Application of Lightweight Formal Methods to Software Security

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Powell, John D.; Bishop, Matt

2005-01-01

Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which species security properties in a library that can be reused by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The Flexible Modeling Framework (FMF) is a model based verijkation instrument that uses Promela and the SPIN model checker. The Property Based Tester (PBT) uses TASPEC and a Text Execution Monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles.

Robust image obfuscation for privacy protection in Web 2.0 applications

NASA Astrophysics Data System (ADS)

Poller, Andreas; Steinebach, Martin; Liu, Huajian

2012-03-01

We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

In the Face of Cybersecurity: How the Common Information Model Can Be Used

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skare, Paul; Falk, Herbert; Rice, Mark

2016-01-01

Efforts are underway to combine smart grid information, devices, networking, and emergency response information to create messages that are not dependent on specific standards development organizations (SDOs). This supports a future-proof approach of allowing changes in the canonical data models (CDMs) going forward without having to perform forklift replacements of solutions that use the messages. This also allows end users (electric utilities) to upgrade individual components of a larger system while keeping the message payload definitions intact. The goal is to enable public and private information sharing securely in a standards-based approach that can be integrated into existing operations. Wemore » provide an example architecture that could benefit from this multi-SDO, secure message approach. This article also describes how to improve message security« less

Kinetics and mechanics of clot contraction are governed by the molecular and cellular composition of the blood.

PubMed

Tutwiler, Valerie; Litvinov, Rustem I; Lozhkin, Andrey P; Peshkova, Alina D; Lebedeva, Tatiana; Ataullakhanov, Fazoil I; Spiller, Kara L; Cines, Douglas B; Weisel, John W

2016-01-07

Platelet-driven blood clot contraction (retraction) is thought to promote wound closure and secure hemostasis while preventing vascular occlusion. Notwithstanding its importance, clot contraction remains a poorly understood process, partially because of the lack of methodology to quantify its dynamics and requirements. We used a novel automated optical analyzer to continuously track in vitro changes in the size of contracting clots in whole blood and in variously reconstituted samples. Kinetics of contraction was complemented with dynamic rheometry to characterize the viscoelasticity of contracting clots. This combined approach enabled investigation of the coordinated mechanistic impact of platelets, including nonmuscle myosin II, red blood cells (RBCs), fibrin(ogen), factor XIIIa (FXIIIa), and thrombin on the kinetics and mechanics of the contraction process. Clot contraction is composed of 3 sequential phases, each characterized by a distinct rate constant. Thrombin, Ca(2+), the integrin αIIbβ3, myosin IIa, FXIIIa cross-linking, and platelet count all promote 1 or more phases of the clot contraction process. In contrast, RBCs impair contraction and reduce elasticity, while increasing the overall contractile stress generated by the platelet-fibrin meshwork. A better understanding of the mechanisms by which blood cells, fibrin(ogen), and platelet-fibrin interactions modulate clot contraction may generate novel approaches to reveal and to manage thrombosis and hemostatic disorders. © 2016 by The American Society of Hematology.

Kinetics and mechanics of clot contraction are governed by the molecular and cellular composition of the blood

PubMed Central

Tutwiler, Valerie; Litvinov, Rustem I.; Lozhkin, Andrey P.; Peshkova, Alina D.; Lebedeva, Tatiana; Ataullakhanov, Fazoil I.; Spiller, Kara L.; Cines, Douglas B.

2016-01-01

Platelet-driven blood clot contraction (retraction) is thought to promote wound closure and secure hemostasis while preventing vascular occlusion. Notwithstanding its importance, clot contraction remains a poorly understood process, partially because of the lack of methodology to quantify its dynamics and requirements. We used a novel automated optical analyzer to continuously track in vitro changes in the size of contracting clots in whole blood and in variously reconstituted samples. Kinetics of contraction was complemented with dynamic rheometry to characterize the viscoelasticity of contracting clots. This combined approach enabled investigation of the coordinated mechanistic impact of platelets, including nonmuscle myosin II, red blood cells (RBCs), fibrin(ogen), factor XIIIa (FXIIIa), and thrombin on the kinetics and mechanics of the contraction process. Clot contraction is composed of 3 sequential phases, each characterized by a distinct rate constant. Thrombin, Ca2+, the integrin αIIbβ3, myosin IIa, FXIIIa cross-linking, and platelet count all promote 1 or more phases of the clot contraction process. In contrast, RBCs impair contraction and reduce elasticity, while increasing the overall contractile stress generated by the platelet-fibrin meshwork. A better understanding of the mechanisms by which blood cells, fibrin(ogen), and platelet-fibrin interactions modulate clot contraction may generate novel approaches to reveal and to manage thrombosis and hemostatic disorders. PMID:26603837

High precision Hugoniot measurements of D2 near maximum compression

NASA Astrophysics Data System (ADS)

Benage, John; Knudson, Marcus; Desjarlais, Michael

2015-11-01

The Hugoniot response of liquid deuterium has been widely studied due to its general importance and to the significant discrepancy in the inferred shock response obtained from early experiments. With improvements in dynamic compression platforms and experimental standards these results have converged and show general agreement with several equation of state (EOS) models, including quantum molecular dynamics (QMD) calculations within the Generalized Gradient Approximation (GGA). This approach to modeling the EOS has also proven quite successful for other materials and is rapidly becoming a standard approach. However, small differences remain among predictions obtained using different local and semi-local density functionals; these small differences show up in the deuterium Hugoniot at ~ 30-40 GPa near the region of maximum compression. Here we present experimental results focusing on that region of the Hugoniot and take advantage of advancements in the platform and standards, resulting in data with significantly higher precision than that obtained in previous studies. These new data may prove to distinguish between the subtle differences predicted by the various density functionals. Results of these experiments will be presented along with comparison to various QMD calculations. Sandia National Laboratories is a multi-program laboratory operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin company, for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000.

Bluetooth based chaos synchronization using particle swarm optimization and its applications to image encryption.

PubMed

Yau, Her-Terng; Hung, Tzu-Hsiang; Hsieh, Chia-Chun

2012-01-01

This study used the complex dynamic characteristics of chaotic systems and Bluetooth to explore the topic of wireless chaotic communication secrecy and develop a communication security system. The PID controller for chaos synchronization control was applied, and the optimum parameters of this PID controller were obtained using a Particle Swarm Optimization (PSO) algorithm. Bluetooth was used to realize wireless transmissions, and a chaotic wireless communication security system was developed in the design concept of a chaotic communication security system. The experimental results show that this scheme can be used successfully in image encryption.

Social Security: New Functional Assessments for Children Raise Eligibility Questions. Report to Congressional Requesters.

ERIC Educational Resources Information Center

General Accounting Office, Washington, DC.

This report to Congress examines the Social Security Administration's approach to assessing children's impairments through the individualized functional assessment (IFA) process mandated by the Supreme Court in Sullivan v. Zebley. Specifically, the report assesses the IFA's impact on number of Supplemental Security Income recipients, IFA's…

Fundamental problems in provable security and cryptography.

PubMed

Dent, Alexander W

2006-12-15

This paper examines methods for formally proving the security of cryptographic schemes. We show that, despite many years of active research and dozens of significant results, there are fundamental problems which have yet to be solved. We also present a new approach to one of the more controversial aspects of provable security, the random oracle model.

CIOs Uncensored: Security Smarts.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Johnson, Gerald R.

2008-02-25

This commentary for the CIOs Uncensored section of InformationWeek will discuss PNNL’s “defense in depth” approach to cyber security. It will cover external and internal safeguards, as well as the all-important role of employees in the cyber security equation. For employees are your greatest vulnerability – and your last line of defense.

Teaching Information Security with Workflow Technology--A Case Study Approach

ERIC Educational Resources Information Center

He, Wu; Kshirsagar, Ashish; Nwala, Alexander; Li, Yaohang

2014-01-01

In recent years, there has been a significant increase in the demand from professionals in different areas for improving the curricula regarding information security. The use of authentic case studies in teaching information security offers the potential to effectively engage students in active learning. In this paper, the authors introduce the…

Federated Security: The Shibboleth Approach

ERIC Educational Resources Information Center

Morgan, R. L.; Cantor, Scott; Carmody, Steven; Hoehn, Walter; Klingenstein, Ken

2004-01-01

The Fifth Annual Educause Current Issues Survey ranked "security and identity management" near the top of the list of critical IT challenges on campus today. Recognition of the crucial importance of securing networked resources led Internet2 to establish its Middleware Initiative (I2MI) in 1999. While Internet2 was founded to develop and deploy…

Practical School Security: Basic Guidelines for Safe and Secure Schools.

ERIC Educational Resources Information Center

Trump, Kenneth S.

This book is written primarily for elementary and secondary school administrators and teachers, but college faculty involved in providing teacher or administrator education would also benefit from the practical approach to issues of school security. Chapters 1 through 3 establish a framework for dealing with the myths and realities of school…

Mechanisms of Power within a Community-Based Food Security Planning Process

ERIC Educational Resources Information Center

McCullum, Christine; Pelletier, David; Barr, Donald; Wilkins, Jennifer; Habicht, Jean-Pierre

2004-01-01

A community food security movement has begun to address problems of hunger and food insecurity by utilizing a community-based approach. Although various models have been implemented, little empirical research has assessed how power operates within community-based food security initiatives. The purpose of this research was to determine how power…

Information security management system planning for CBRN facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.

The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

A Hands-On Approach for Teaching Denial of Service Attacks: A Case Study

ERIC Educational Resources Information Center

Trabelsi, Zouheir; Ibrahim, Walid

2013-01-01

Nowadays, many academic institutions are including ethical hacking in their information security and Computer Science programs. Information security students need to experiment common ethical hacking techniques in order to be able to implement the appropriate security solutions. This will allow them to more efficiently protect the confidentiality,…

Disruptive Ideas for Power Grid Security and Resilience With DER

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ibrahim, Erfan

This presentation by Erfan Ibrahim was prepared for NREL's 2017 Cybersecurity and Reslience Workshop on distributed energy resource (DER) best practices. The presentation provides an overview of NREL's Cyber-Physical Systems Security and Resilience R&D Center, the Center's approach to cybersecurity, and disruptive ideas for power grid security and resilience with DER.

The Training Deficiency in Corporate America: Training Security Professionals to Protect Sensitive Information

ERIC Educational Resources Information Center

Johnson, Kenneth T.

2017-01-01

Increased internal and external training approaches are elements senior leaders need to know before creating a training plan for security professionals to protect sensitive information. The purpose of this qualitative case study was to explore training strategies telecommunication industry leaders use to ensure security professionals can protect…

Circle of Security in Child Care: Putting Attachment Theory into Practice in Preschool Classrooms

ERIC Educational Resources Information Center

Cooper, Glen; Hoffman, Kent; Powell, Bert

2017-01-01

This article describes the Circle of Security-Classroom (COS-C) approach to applying attachment theory in preschool settings. Early childhood is an incubator for a wide range of development including the underpinnings of school readiness. Secure teacher-child relationships support this process. However, most preschool staff members lack guidance…

On the verification of intransitive noninterference in mulitlevel security.

PubMed

Ben Hadj-Alouane, Nejib; Lafrance, Stéphane; Lin, Feng; Mullins, John; Yeddes, Mohamed Moez

2005-10-01

We propose an algorithmic approach to the problem of verification of the property of intransitive noninterference (INI), using tools and concepts of discrete event systems (DES). INI can be used to characterize and solve several important security problems in multilevel security systems. In a previous work, we have established the notion of iP-observability, which precisely captures the property of INI. We have also developed an algorithm for checking iP-observability by indirectly checking P-observability for systems with at most three security levels. In this paper, we generalize the results for systems with any finite number of security levels by developing a direct method for checking iP-observability, based on an insightful observation that the iP function is a left congruence in terms of relations on formal languages. To demonstrate the applicability of our approach, we propose a formal method to detect denial of service vulnerabilities in security protocols based on INI. This method is illustrated using the TCP/IP protocol. The work extends the theory of supervisory control of DES to a new application domain.

Dynamically Timed Electric Motor

NASA Technical Reports Server (NTRS)

Casper, Ann M. (Inventor)

1997-01-01

A brushless DC motor including a housing having an end cap secured thereto. The housing encloses a rotor. a stator and a rotationally displaceable commutation board having sensors secured thereon and spaced around the periphery of the rotor. An external rotational force is applied to the commutation board for displacement of the sensors to various positions whereby varying feedback signals are generated by the positioning of the sensors relative to the rotating rotor. The commutation board is secured in a fixed position in response to feedback signals indicative of optimum sensor position being determined. The rotation of the commutation board and the securing of the sensors in the desired fixed position is accomplished without requiring the removal of the end cap and with the DC motor operating.

A secure communication using cascade chaotic computing systems on clinical decision support.

PubMed

Koksal, Ahmet Sertol; Er, Orhan; Evirgen, Hayrettin; Yumusak, Nejat

2016-06-01

Clinical decision support systems (C-DSS) provide supportive tools to the expert for the determination of the disease. Today, many of the support systems, which have been developed for a better and more accurate diagnosis, have reached a dynamic structure due to artificial intelligence techniques. However, in cases when important diagnosis studies should be performed in secret, a secure communication system is required. In this study, secure communication of a DSS is examined through a developed double layer chaotic communication system. The developed communication system consists of four main parts: random number generator, cascade chaotic calculation layer, PCM, and logical mixer layers. Thanks to this system, important patient data created by DSS will be conveyed to the center through a secure communication line.

Modular architectures for quantum networks

NASA Astrophysics Data System (ADS)

Pirker, A.; Wallnöfer, J.; Dür, W.

2018-05-01

We consider the problem of generating multipartite entangled states in a quantum network upon request. We follow a top-down approach, where the required entanglement is initially present in the network in form of network states shared between network devices, and then manipulated in such a way that the desired target state is generated. This minimizes generation times, and allows for network structures that are in principle independent of physical links. We present a modular and flexible architecture, where a multi-layer network consists of devices of varying complexity, including quantum network routers, switches and clients, that share certain resource states. We concentrate on the generation of graph states among clients, which are resources for numerous distributed quantum tasks. We assume minimal functionality for clients, i.e. they do not participate in the complex and distributed generation process of the target state. We present architectures based on shared multipartite entangled Greenberger–Horne–Zeilinger states of different size, and fully connected decorated graph states, respectively. We compare the features of these architectures to an approach that is based on bipartite entanglement, and identify advantages of the multipartite approach in terms of memory requirements and complexity of state manipulation. The architectures can handle parallel requests, and are designed in such a way that the network state can be dynamically extended if new clients or devices join the network. For generation or dynamical extension of the network states, we propose a quantum network configuration protocol, where entanglement purification is used to establish high fidelity states. The latter also allows one to show that the entanglement generated among clients is private, i.e. the network is secure.

NorthAm Fest : fostering a North American continent approach to countering terrorism.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gerdes, Dick; Moore, Judy Hennessey; Whitley, John B.

2004-12-01

On September 14-16, 2004, the Advanced Concepts Group of Sandia National Laboratories in conjunction with the University of Texas at El Paso and the North American Institute hosted a workshop (fest) designed to explore the concept of a North American continental approach to countering terrorism. The fest began with the basic premise that the successful defense of North America against the threat of terrorism will require close collaboration among the North American allies--Canada, Mexico and the U.S.--as well as a powerful set of information collection and analysis tools and deterrence strategies. The NorthAm Fest recast the notion of ''homeland defense''more » as a tri-national effort to protect the North American continent against an evolving threat that respects no borders. This is a report of the event summarizing the ideas explored. The fest examined the uniqueness of dealing with terrorism from a tri-national North American viewpoint, the role and possible features of joint security systems, concepts for ideal continental security systems for North America, and the challenges and opportunities for such systems to become reality. The following issues were identified as most important for the advancement of this concept. (1) The three countries share a set of core values--democracy, prosperity and security--which form the basis for joint interactions and allow for the development of a culture of cooperation without affecting the sovereignty of the members. (2) The creation of a continental defensive strategy will require a set of strategic guidelines and that smart secure borders play a pivotal role. (3) Joint security systems will need to operate from a set of complementary but not identical policies and procedures. (4) There is a value in joint task forces for response and shared information systems for the prevention of attacks. (5) The private sector must play a critical role in cross-border interactions. Finally, participants envisioned a ''Tri-National Security Laboratory'' to develop and test new counter-terrorism technologies and processes. The fest was an important first step in developing a tri-national approach to continental security and very different approaches to countering terrorism were explored. Participants came to the conclusion that continental security would be easier to achieve if the focus were on broader security issues, such as transnational crime, with terrorism being only a part of the focus. A series of fledgling relationships were begun between individuals and organizations through which actions can occur. A first commitment is the publication by a set of participants representing the three countries of a joint paper outlining the elements of a Continental Security approach.« less

Study on perception and control layer of mine CPS with mixed logic dynamic approach

NASA Astrophysics Data System (ADS)

Li, Jingzhao; Ren, Ping; Yang, Dayu

2017-01-01

Mine inclined roadway transportation system of mine cyber physical system is a hybrid system consisting of a continuous-time system and a discrete-time system, which can be divided into inclined roadway signal subsystem, error-proofing channel subsystems, anti-car subsystems, and frequency control subsystems. First, to ensure stable operation, improve efficiency and production safety, this hybrid system model with n inputs and m outputs is constructed and analyzed in detail, then its steady schedule state to be solved. Second, on the basis of the formal modeling for real-time systems, we use hybrid toolbox for system security verification. Third, the practical application of mine cyber physical system shows that the method for real-time simulation of mine cyber physical system is effective.

Negotiating the boundary between paid and unpaid hospice workers: a qualitative study of how hospice volunteers understand their work.

PubMed

Field-Richards, Sarah E; Arthur, Antony

2012-12-01

To explore the nurse-volunteer relationship in a day hospice. Underpinned by an interpretive approach, face-to-face semistructured interviews were conducted with 12 day hospice volunteers. The nature and dynamics of the relationship between nursing staff and volunteers within the day hospice were characterized by increasing formality and changes in the division of labor, which challenged smooth working relationships. Volunteers see their role as becoming increasingly formalized partly as a response to increasing administrative demands on hospice nurses. The willingness of volunteers to take on new roles is variable. For volunteers to feel secure and valued and working relationships to remain strong, the process of how boundaries between paid and unpaid workers are negotiated needs to be transparent.

Do flexicurity policies protect workers from the adverse health consequences of temporary employment? A cross-national comparative analysis.

PubMed

Shahidi, Faraz Vahid; De Moortel, Deborah; Muntaner, Carles; Davis, Owen; Siddiqi, Arjumand

2016-12-01

Flexicurity policies comprise a relatively novel approach to the regulation of work and welfare that aims to combine labour market flexibility with social security. Advocates of this approach argue that, by striking the right balance between flexibility and security, flexicurity policies allow firms to take advantage of loose contractual arrangements in an increasingly competitive economic environment while simultaneously protecting workers from the adverse health and social consequences of flexible forms of employment. In this study, we use multilevel Poisson regression models to test the theoretical claim of the flexicurity approach using data for 23 countries across three waves of the European Social Survey. We construct an institutional typology of labour market regulation and social security to evaluate whether inequalities in self-reported health and limiting longstanding illness between temporary workers and their permanent counterparts are smaller in countries that most closely approximate the ideal type described by advocates of the flexicurity approach. Our results indicate that, while the association between temporary employment and health varies across countries, institutional configurations of labour market regulation and social security do not provide a meaningful explanation for this cross-national variation. Contrary to the expectations of the flexicurity hypothesis, our data do not indicate that employment-related inequalities are smaller in countries that approximate the flexicurity approach. We discuss potential explanations for these findings and conclude that there remains a relative lack of evidence in support of the theoretical claims of the flexicurity approach.

Towards an integrated defense system for cyber security situation awareness experiment

NASA Astrophysics Data System (ADS)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Secret weapon: the "new" Medicare as a route to health security.

PubMed

Schlesinger, Mark; Hacker, Jacob S

2007-04-01

Over the past twenty years, Medicare has been transformed from a single-payer insurer into a hybrid of complementary public and private insurance arrangements. Despite creating ongoing controversy, these changes have resulted in an ironic and largely overlooked strategic potential: Medicare's evolving hybrid form makes it the most promising vehicle for overcoming the historical obstacles to universal health insurance in the United States. To make this surprising case, we first explore the distinctive political dynamics of programs that, like today's Medicare, are hybrids of public and private arrangements. We then consider how these political dynamics might circumvent past barriers to universal health insurance. Finally, we discuss the strengths and weaknesses of alternative pathways through which Medicare could be expanded to promote health security.

Generic framework for the secure Yuen 2000 quantum-encryption protocol employing the wire-tap channel approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mihaljevic, Miodrag J.

2007-05-15

It is shown that the security, against known-plaintext attacks, of the Yuen 2000 (Y00) quantum-encryption protocol can be considered via the wire-tap channel model assuming that the heterodyne measurement yields the sample for security evaluation. Employing the results reported on the wire-tap channel, a generic framework is proposed for developing secure Y00 instantiations. The proposed framework employs a dedicated encoding which together with inherent quantum noise at the attacker's side provides Y00 security.

Fortresses and Icebergs: The Evolution of the Transatlantic Defense Market and the Implications for U.S. National Security Policy. Volume 1: Study Findings and Recommendations

DTIC Science & Technology

2009-01-01

The United States needs a new model of “globalized” national security for this changing world: we must realign longstanding policies away from go...at the center of our approach to ensuring our future security. … Now, when we most need to re-examine our Transatlantic security model, this new two...address the globalized threats we face, our gov- ernment is already reorienting the capabilities of our national security forces to a new bal- ance

Security engineering: systems engineering of security through the adaptation and application of risk management

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

The Ethical Imperative of Reason: How Anti-Intellectualism, Denialism, and Apathy Threaten National Security

DTIC Science & Technology

2016-03-01

NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release; distribution is unlimited THE ETHICAL ...REPORT DATE March 2016 3. REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE THE ETHICAL IMPERATIVE OF REASON: HOW ANTI...intellectualism in the policy process and demonstrates that, in the intricate and dynamic matters of our nation’s security, there is an ethical

Chaotic Motions in the Real Fuzzy Electronic Circuits

DTIC Science & Technology

2012-12-30

field of secure communications, the original source should be blended with other complex signals. Chaotic signals are one of the good sources to be...Takagi-Sugeno (T-S) fuzzy chaotic systems on electronic circuit. In the research field of secure communications, the original source should be blended ...model. The overall fuzzy model of the system is achieved by fuzzy blending of the linear system models. Consider a continuous-time nonlinear dynamic

New perspectives in ecosystem services science as instruments to understand environmental securities

PubMed Central

Villa, Ferdinando; Voigt, Brian; Erickson, Jon D.

2014-01-01

As societal demand for food, water and other life-sustaining resources grows, the science of ecosystem services (ES) is seen as a promising tool to improve our understanding, and ultimately the management, of increasingly uncertain supplies of critical goods provided or supported by natural ecosystems. This promise, however, is tempered by a relatively primitive understanding of the complex systems supporting ES, which as a result are often quantified as static resources rather than as the dynamic expression of human–natural systems. This article attempts to pinpoint the minimum level of detail that ES science needs to achieve in order to usefully inform the debate on environmental securities, and discusses both the state of the art and recent methodological developments in ES in this light. We briefly review the field of ES accounting methods and list some desiderata that we deem necessary, reachable and relevant to address environmental securities through an improved science of ES. We then discuss a methodological innovation that, while only addressing these needs partially, can improve our understanding of ES dynamics in data-scarce situations. The methodology is illustrated and discussed through an application related to water security in the semi-arid landscape of the Great Ruaha river of Tanzania. PMID:24535393

An access control model with high security for distributed workflow and real-time application

NASA Astrophysics Data System (ADS)

Han, Ruo-Fei; Wang, Hou-Xiang

2007-11-01

The traditional mandatory access control policy (MAC) is regarded as a policy with strict regulation and poor flexibility. The security policy of MAC is so compelling that few information systems would adopt it at the cost of facility, except some particular cases with high security requirement as military or government application. However, with the increasing requirement for flexibility, even some access control systems in military application have switched to role-based access control (RBAC) which is well known as flexible. Though RBAC can meet the demands for flexibility but it is weak in dynamic authorization and consequently can not fit well in the workflow management systems. The task-role-based access control (T-RBAC) is then introduced to solve the problem. It combines both the advantages of RBAC and task-based access control (TBAC) which uses task to manage permissions dynamically. To satisfy the requirement of system which is distributed, well defined with workflow process and critically for time accuracy, this paper will analyze the spirit of MAC, introduce it into the improved T&RBAC model which is based on T-RBAC. At last, a conceptual task-role-based access control model with high security for distributed workflow and real-time application (A_T&RBAC) is built, and its performance is simply analyzed.

Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jim Alves-Foss

2011-08-01

Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL providesmore » a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.« less

Feasibility of a novel participatory multi-sector continuous improvement approach to enhance food security in remote Indigenous Australian communities.

PubMed

Brimblecombe, J; Bailie, R; van den Boogaard, C; Wood, B; Liberato, S C; Ferguson, M; Coveney, J; Jaenke, R; Ritchie, J

2017-12-01

Food insecurity underlies and compounds many of the development issues faced by remote Indigenous communities in Australia. Multi-sector approaches offer promise to improve food security. We assessed the feasibility of a novel multi-sector approach to enhance community food security in remote Indigenous Australia. A longitudinal comparative multi-site case study, the Good Food Systems Good Food for All Project, was conducted (2009-2013) with four Aboriginal communities. Continuous improvement meetings were held in each community. Data from project documents and store sales were used to assess feasibility according to engagement, uptake and sustainability of action, and impact on community diet, as well as identifying conditions facilitating or hindering these. Engagement was established where: the community perceived a need for the approach; where trust was developed between the community and facilitators; where there was community stability; and where flexibility was applied in the timing of meetings. The approach enabled stakeholders in each community to collectively appraise the community food system and plan action. Actions that could be directly implemented within available resources resulted from developing collaborative capacity. Actions requiring advocacy, multi-sectoral involvement, commitment or further resources were less frequently used. Positive shifts in community diet were associated with key areas where actions were implemented. A multi-sector participatory approach seeking continuous improvement engaged committed Aboriginal and non-Aboriginal stakeholders and was shown to have potential to shift community diet. Provision of clear mechanisms to link this approach with higher level policy and decision-making structures, clarity of roles and responsibilities, and processes to prioritise and communicate actions across sectors should further strengthen capacity for food security improvement. Integrating this approach enabling local decision-making into community governance structures with adequate resourcing is an imperative.

Via generalized function projective synchronization in nonlinear Schrödinger equation for secure communication

NASA Astrophysics Data System (ADS)

Zhao, L. W.; Du, J. G.; Yin, J. L.

2018-05-01

This paper proposes a novel secured communication scheme in a chaotic system by applying generalized function projective synchronization of the nonlinear Schrödinger equation. This phenomenal approach guarantees a secured and convenient communication. Our study applied the Melnikov theorem with an active control strategy to suppress chaos in the system. The transmitted information signal is modulated into the parameter of the nonlinear Schrödinger equation in the transmitter and it is assumed that the parameter of the receiver system is unknown. Based on the Lyapunov stability theory and the adaptive control technique, the controllers are designed to make two identical nonlinear Schrödinger equation with the unknown parameter asymptotically synchronized. The numerical simulation results of our study confirmed the validity, effectiveness and the feasibility of the proposed novel synchronization method and error estimate for a secure communication. The Chaos masking signals of the information communication scheme, further guaranteed a safer and secured information communicated via this approach.

Randomized Comparative Study of the U- and H-Type Approaches of the TVT-Secur Procedure for the Treatment of Female Stress Urinary Incontinence: One-Year Follow-Up

PubMed Central

Kim, Jung Jun; Lee, Young-Suk

2010-01-01

Purpose We compared outcomes of the U- and H-type approaches of the tension-free vaginal tape (TVT)-Secur procedure for the treatment of female stress urinary incontinence (SUI). Materials and Methods From March 2007 to July 2008, 115 women with SUI underwent TVT-Secur by a single surgeon. Patients were randomly assigned to either the U- or the H-type approach. After 12 months, postoperative changes in the Sandvik questionnaire, incontinence quality of life questionnaire (I-QoL), Bristol female lower urinary tract symptoms-scored form (BFLUTS-SF), and postoperative patient satisfaction were evaluated. Cure was regarded as no leakage on the Sandvik questionnaire. Complications were also evaluated. Results Of 115 women, 53 were treated with the U approach, and 62 women were treated with the H approach. At 12 months, 88.7% of those treated with the U approach and 87.1% of those treated with the H approach were cured (p=0.796). The I-QoL and filling, incontinence, sexual function, and QoL sum (BFLUTS-SF) scores were improved with both approaches, and there were no significant differences in the degree of improvement between approaches. Approximately 83.7% and 82.9% of the women treated with the U and H approaches, respectively, were satisfied with the outcome (p=0.858). There were 3 cases of intra-operative vaginal wall perforation in the H-type group. Immediate postoperative retention was observed in 2 women in the U-type group and 1 woman in the H-type group. One woman in the U-type group underwent tape releasing and cutting procedures for persistent large post-void residuals. Conclusions The U- and the H-type approaches of the TVT-Secur procedure provided comparable effectiveness for the treatment of female SUI. PMID:20428427

A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems.

PubMed

Xu, Xin; Zhu, Ping; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua; He, Lian

2014-01-01

In the field of the Telecare Medicine Information System, recent researches have focused on consummating more convenient and secure healthcare delivery services for patients. In order to protect the sensitive information, various attempts such as access control have been proposed to safeguard patients' privacy in this system. However, these schemes suffered from some certain security defects and had costly consumption, which were not suitable for the telecare medicine information system. In this paper, based on the elliptic curve cryptography, we propose a secure and efficient two-factor mutual authentication and key agreement scheme to reduce the computational cost. Such a scheme enables to provide the patient anonymity by employing the dynamic identity. Compared with other related protocols, the security analysis and performance evaluation show that our scheme overcomes some well-known attacks and has a better performance in the telecare medicine information system.

Managing security risks for inter-organisational information systems: a multiagent collaborative model

NASA Astrophysics Data System (ADS)

Feng, Nan; Wu, Harris; Li, Minqiang; Wu, Desheng; Chen, Fuzan; Tian, Jin

2016-09-01

Information sharing across organisations is critical to effectively managing the security risks of inter-organisational information systems. Nevertheless, few previous studies on information systems security have focused on inter-organisational information sharing, and none have studied the sharing of inferred beliefs versus factual observations. In this article, a multiagent collaborative model (MACM) is proposed as a practical solution to assess the risk level of each allied organisation's information system and support proactive security treatment by sharing beliefs on event probabilities as well as factual observations. In MACM, for each allied organisation's information system, we design four types of agents: inspection agent, analysis agent, control agent, and communication agent. By sharing soft findings (beliefs) in addition to hard findings (factual observations) among the organisations, each organisation's analysis agent is capable of dynamically predicting its security risk level using a Bayesian network. A real-world implementation illustrates how our model can be used to manage security risks in distributed information systems and that sharing soft findings leads to lower expected loss from security risks.

Physical-enhanced secure strategy in an OFDM-PON.

PubMed

Zhang, Lijia; Xin, Xiangjun; Liu, Bo; Yu, Jianjun

2012-01-30

The physical layer of optical access network is vulnerable to various attacks. As the dramatic increase of users and network capacity, the issue of physical-layer security becomes more and more important. This paper proposes a physical-enhanced secure strategy for orthogonal frequency division multiplexing passive optical network (OFDM-PON) by employing frequency domain chaos scrambling. The Logistic map is adopted for the chaos mapping. The chaos scrambling strategy can dynamically allocate the scrambling matrices for different OFDM frames according to the initial condition, which enhance the confidentiality of the physical layer. A mathematical model of this secure system is derived firstly, which achieves a secure transmission at physical layer in OFDM-PON. The results from experimental implementation using Logistic mapped chaos scrambling are also given to further demonstrate the efficiency of this secure strategy. An 10.125 Gb/s 64QAM-OFDM data with Logistic mapped chaos scrambling are successfully transmitted over 25-km single mode fiber (SMF), and the experimental results show that proposed security scheme can protect the system from eavesdropper and attacker, while keep a good performance for the legal ONU.

Executives' speech expressiveness: analysis of perceptive and acoustic aspects of vocal dynamics.

PubMed

Marquezin, Daniela Maria Santos Serrano; Viola, Izabel; Ghirardi, Ana Carolina de Assis Moura; Madureira, Sandra; Ferreira, Léslie Piccolotto

2015-01-01

To analyze speech expressiveness in a group of executives based on perceptive and acoustic aspects of vocal dynamics. Four male subjects participated in the research study (S1, S2, S3, and S4). The assessments included the Kingdomality test to obtain the keywords of communicative attitudes; perceptive-auditory assessment to characterize vocal quality and dynamics, performed by three judges who are speech language pathologists; perceptiveauditory assessment to judge the chosen keywords; speech acoustics to assess prosodic elements (Praat software); and a statistical analysis. According to the perceptive-auditory analysis of vocal dynamics, S1, S2, S3, and S4 did not show vocal alterations and all of them were considered with lowered habitual pitch. S1: pointed out as insecure, nonobjective, nonempathetic, and unconvincing with inappropriate use of pauses that are mainly formed by hesitations; inadequate separation of prosodic groups with breaking of syntagmatic constituents. S2: regular use of pauses for respiratory reload, organization of sentences, and emphasis, which is considered secure, little objective, empathetic, and convincing. S3: pointed out as secure, objective, empathetic, and convincing with regular use of pauses for respiratory reload and organization of sentences and hesitations. S4: the most secure, objective, empathetic, and convincing, with proper use of pauses for respiratory reload, planning, and emphasis; prosodic groups agreed with the statement, without separating the syntagmatic constituents. The speech characteristics and communicative attitudes were highlighted in two subjects in a different manner, in such a way that the slow rate of speech and breaks of the prosodic groups transmitted insecurity, little objectivity, and nonpersuasion.

Scenario and multiple criteria decision analysis for energy and environmental security of military and industrial installations.

PubMed

Karvetski, Christopher W; Lambert, James H; Linkov, Igor

2011-04-01

Military and industrial facilities need secure and reliable power generation. Grid outages can result in cascading infrastructure failures as well as security breaches and should be avoided. Adding redundancy and increasing reliability can require additional environmental, financial, logistical, and other considerations and resources. Uncertain scenarios consisting of emergent environmental conditions, regulatory changes, growth of regional energy demands, and other concerns result in further complications. Decisions on selecting energy alternatives are made on an ad hoc basis. The present work integrates scenario analysis and multiple criteria decision analysis (MCDA) to identify combinations of impactful emergent conditions and to perform a preliminary benefits analysis of energy and environmental security investments for industrial and military installations. Application of a traditional MCDA approach would require significant stakeholder elicitations under multiple uncertain scenarios. The approach proposed in this study develops and iteratively adjusts a scoring function for investment alternatives to find the scenarios with the most significant impacts on installation security. A robust prioritization of investment alternatives can be achieved by integrating stakeholder preferences and focusing modeling and decision-analytical tools on a few key emergent conditions and scenarios. The approach is described and demonstrated for a campus of several dozen interconnected industrial buildings within a major installation. Copyright © 2010 SETAC.

IT Security Standards and Legal Metrology - Transfer and Validation

NASA Astrophysics Data System (ADS)

Thiel, F.; Hartmann, V.; Grottker, U.; Richter, D.

2014-08-01

Legal Metrology's requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology's requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany's Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology's requirements by their interpretation through Common Criteria's generic requirements is also presented.

A Research Study on Secure Attachment Using the Primary Caregiving Approach

ERIC Educational Resources Information Center

Ebbeck, Marjory; Phoon, Dora Mei Yong; Tan-Chong, Elizabeth Chai Kim; Tan, Marilyn Ai Bee; Goh, Mandy Lian Mui

2015-01-01

A child's positive sense of well-being is central to their overall growth and development. With an increasing number of mothers in the workforce, many infants and toddlers spend much time in child care services. Hence it is crucial that caregivers provide a secure base for the child to develop secure attachment with educarers. Given multiple…

Administering a healthy dose of security.

PubMed

Berry, D; Mullen, M; Murray, T

The article describes how a hospital located in a poor, crime-ridden section of a large city has made the most of in-house resources and public-private liaisons to improve security at its 113-acre campus. Details on the facility's double-pronged approach--tight internal security and strong external liaisons with businesses, law enforcement, and community groups--are provided.

Teaching Case: IS Security Requirements Identification from Conceptual Models in Systems Analysis and Design: The Fun & Fitness, Inc. Case

ERIC Educational Resources Information Center

Spears, Janine L.; Parrish, James L., Jr.

2013-01-01

This teaching case introduces students to a relatively simple approach to identifying and documenting security requirements within conceptual models that are commonly taught in systems analysis and design courses. An introduction to information security is provided, followed by a classroom example of a fictitious company, "Fun &…

Beyond Boundaries: A Promising New Model for Security and Global Development. Carnegie Results

ERIC Educational Resources Information Center

Theroux, Karen

2013-01-01

In 2007, a team of international security experts and researchers at the Henry L. Stimson Center launched an initiative to build an effective model for sustainable nonproliferation of biological, chemical, and nuclear weapons. The project represented an exciting and innovative way of thinking about security: a dual-use approach that operated at…

Secured Transactions: An Integrated Classroom Approach Using Financial Statements and Acronyms

ERIC Educational Resources Information Center

Seganish, W. Michael

2005-01-01

Students struggle with the subject of secured transactions under the Uniform Commercial Code. In this article, the author presents a method that uses balance-sheet information to help students visualize the difference between secured and unsecured creditors. The balance sheet is also used in the Uniform Commercial Code process, in which one must…

49 CFR 213.307 - Class of track: operating speed limits.

Code of Federal Regulations, 2010 CFR

2010-10-01

... conditions are met: (1) The vehicles utilized to carry such freight are of equal dynamic performance and have... distribution and securement in the freight vehicle will not adversely affect the dynamic performance of the... addressing other safety issues presented by the system. (b) If a segment of track does not meet all of the...

Parallel Simulation of Subsonic Fluid Dynamics on a Cluster of Workstations.

DTIC Science & Technology

1994-11-01

inside wind musical instruments. Typical simulations achieve $80\\%$ parallel efficiency (speedup/processors) using 20 HP-Apollo workstations. Detailed...TERMS AI, MIT, Artificial Intelligence, Distributed Computing, Workstation Cluster, Network, Fluid Dynamics, Musical Instruments 17. SECURITY...for example, the flow of air inside wind musical instruments. Typical simulations achieve 80% parallel efficiency (speedup/processors) using 20 HP

Security Research on VoIP with Watermarking

NASA Astrophysics Data System (ADS)

Hu, Dong; Lee, Ping

2008-11-01

With the wide application of VoIP, many problems have occurred. One of the problems is security. The problems with securing VoIP systems, insufficient standardization and lack of security mechanisms emerged the need for new approaches and solutions. In this paper, we propose a new security architecture for VoIP which is based on digital watermarking which is a new, flexible and powerful technology that is increasingly gaining more and more attentions. Besides known applications e.g. to solve copyright protection problems, we propose to use digital watermarking to secure not only transmitted audio but also signaling protocol that VoIP is based on.

Chaos-based partial image encryption scheme based on linear fractional and lifting wavelet transforms

NASA Astrophysics Data System (ADS)

Belazi, Akram; Abd El-Latif, Ahmed A.; Diaconu, Adrian-Viorel; Rhouma, Rhouma; Belghith, Safya

2017-01-01

In this paper, a new chaos-based partial image encryption scheme based on Substitution-boxes (S-box) constructed by chaotic system and Linear Fractional Transform (LFT) is proposed. It encrypts only the requisite parts of the sensitive information in Lifting-Wavelet Transform (LWT) frequency domain based on hybrid of chaotic maps and a new S-box. In the proposed encryption scheme, the characteristics of confusion and diffusion are accomplished in three phases: block permutation, substitution, and diffusion. Then, we used dynamic keys instead of fixed keys used in other approaches, to control the encryption process and make any attack impossible. The new S-box was constructed by mixing of chaotic map and LFT to insure the high confidentiality in the inner encryption of the proposed approach. In addition, the hybrid compound of S-box and chaotic systems strengthened the whole encryption performance and enlarged the key space required to resist the brute force attacks. Extensive experiments were conducted to evaluate the security and efficiency of the proposed approach. In comparison with previous schemes, the proposed cryptosystem scheme showed high performances and great potential for prominent prevalence in cryptographic applications.

Security Belt for Wireless Implantable Medical Devices.

PubMed

Kulaç, Selman

2017-09-19

In this study, a new protective design compatible with existing non-secure systems was proposed, since it is focused on the secure communication of wireless IMD systems in all transmissions. This new protector is an external wearable device and appears to be a belt fitted around for the patients IMD implanted. However, in order to provide effective full duplex transmissions and physical layer security, some sophisticated transceiver antennas have been placed on the belt. In this approach, beam-focused multi-antennas in optimal positions on the belt are randomly switched when transmissions to the IMD are performed and multi-jammer switching with MRC combining or majority-rule based receiving techniques are applied when transmissions from the IMD are carried out. This approach can also reduce the power consumption of the IMDs and contribute to the prolongation of the IMD's battery life.

Information security risk management for computerized health information systems in hospitals: a case study of Iran

PubMed Central

Zarei, Javad; Sadoughi, Farahnaz

2016-01-01

Background In recent years, hospitals in Iran – similar to those in other countries – have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. Materials and methods This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts’ opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Results Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Conclusion Information security risk management is not followed by Iran’s hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran’s Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran. PMID:27313481

[Review of food policy approaches: from food security to food sovereignty (2000-2013)].

PubMed

López-Giraldo, Luis Alirio; Franco-Giraldo, Álvaro

2015-07-01

Food policies have attracted special interest due to the global food crisis in 2008 and promotion of the Millennium Development Goals, leading to approaches by different fields. This thematic review aims to describe the main theoretical and methodological approaches to food security and food sovereignty policies. A search was performed in databases of scientific journals from 2000 to 2013. 320 complete articles were selected from a total of 2,699. After reading the articles to apply the inclusion criteria, 55 items were maintained for analysis. In conclusion, with the predominance of food security as a guiding policy, food sovereignty has emerged as a critical response to be included in designing and researching food policies. Food policies are essential for achieving public health goals. Public health should thus take a leading role in linking and orienting such policies.

Secure environment for real-time tele-collaboration on virtual simulation of radiation treatment planning.

PubMed

Ntasis, Efthymios; Maniatis, Theofanis A; Nikita, Konstantina S

2003-01-01

A secure framework is described for real-time tele-collaboration on Virtual Simulation procedure of Radiation Treatment Planning. An integrated approach is followed clustering the security issues faced by the system into organizational issues, security issues over the LAN and security issues over the LAN-to-LAN connection. The design and the implementation of the security services are performed according to the identified security requirements, along with the need for real time communication between the collaborating health care professionals. A detailed description of the implementation is given, presenting a solution, which can directly be tailored to other tele-collaboration services in the field of health care. The pilot study of the proposed security components proves the feasibility of the secure environment, and the consistency with the high performance demands of the application.

Communication security in open health care networks.

PubMed

Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

1999-01-01

Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

NASA Astrophysics Data System (ADS)

Fathirad, Iraj; Devlin, John; Jiang, Frank

2012-09-01

The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

Case study: adapting the IAHSS curriculum in Thailand.

PubMed

Goss, Richard J

2009-01-01

In late 2007 Corporate Protective Solutions (CPS), headquartered in Langley, B.C. Canada, an independent security consulting company that specialises in healthcare security, approached the IAHSS concerning the adaptation of the Basic Training Manual and Study Guide for Healthcare Security Officers for one of their clients. In this article, its managing director for Asia Pacific outlines the challenges of this project from which other international healthcare security managers can learn to replicate the process for their own facilities.

Domestic Security Cooperation: A Unified Approach to Homeland Security and Defense

DTIC Science & Technology

2012-09-01

counter the threats to homeland security that included the Espionage Act of 1917 and the Sedition Act of 1918. National Defense Act of 1916...the threats to homeland security that included the Espionage Act of 1917 and the Sedition Act of 1918. The Espionage Act of 1917 outlawed interfering...years or both.”12 The Sedition Act of 1918 broadened this law by including the U.S. government and prohibited uttering, printing, writing, or

Reasoning about Probabilistic Security Using Task-PIOAs

NASA Astrophysics Data System (ADS)

Jaggard, Aaron D.; Meadows, Catherine; Mislove, Michael; Segala, Roberto

Task-structured probabilistic input/output automata (Task-PIOAs) are concurrent probabilistic automata that, among other things, have been used to provide a formal framework for the universal composability paradigms of protocol security. One of their advantages is that that they allow one to distinguish high-level nondeterminism that can affect the outcome of the protocol, from low-level choices, which can't. We present an alternative approach to analyzing the structure of Task-PIOAs that relies on ordered sets. We focus on two of the components that are required to define and apply Task-PIOAs: discrete probability theory and automata theory. We believe our development gives insight into the structure of Task-PIOAs and how they can be utilized to model crypto-protocols. We illustrate our approach with an example from anonymity, an area that has not previously been addressed using Task-PIOAs. We model Chaum's Dining Cryptographers Protocol at a level that does not require cryptographic primitives in the analysis. We show via this example how our approach can leverage a proof of security in the case a principal behaves deterministically to prove security when that principal behaves probabilistically.

Secure satellite communication using multi-photon tolerant quantum communication protocol

NASA Astrophysics Data System (ADS)

Darunkar, Bhagyashri; Punekar, Nikhil; Verma, Pramode K.

2015-09-01

This paper proposes and analyzes the potential of a multi-photon tolerant quantum communication protocol to secure satellite communication. For securing satellite communication, quantum cryptography is the only known unconditionally secure method. A number of recent experiments have shown feasibility of satellite-aided global quantum key distribution (QKD) using different methods such as: Use of entangled photon pairs, decoy state methods, and entanglement swapping. The use of single photon in these methods restricts the distance and speed over which quantum cryptography can be applied. Contemporary quantum cryptography protocols like the BB84 and its variants suffer from the limitation of reaching the distances of only Low Earth Orbit (LEO) at the data rates of few kilobits per second. This makes it impossible to develop a general satellite-based secure global communication network using the existing protocols. The method proposed in this paper allows secure communication at the heights of the Medium Earth Orbit (MEO) and Geosynchronous Earth Orbit (GEO) satellites. The benefits of the proposed method are two-fold: First it enables the realization of a secure global communication network based on satellites and second it provides unconditional security for satellite networks at GEO heights. The multi-photon approach discussed in this paper ameliorates the distance and speed issues associated with quantum cryptography through the use of contemporary laser communication (lasercom) devices. This approach can be seen as a step ahead towards global quantum communication.